cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.12.2.177 By Nicolas Coolman (2015/12/02)
~ Run by PC (Administrator) (2015/12/03 22:27:51)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\PC\Desktop\ZHPDiag.txt
~ Report: C:\Users\PC\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)

---\\ Internet Browsers (2) - 0s
OPIE: Opera 33.0.1990.115 v33.0.1990.115
MSIE: Internet Explorer v9.0.8112.16421

---\\ Windows Product Information (4) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (1) - 2s
Kaspersky Total Security v16.0.0.614

---\\ System protection software (Superfluous) (1) - 2s
Ad-Aware Web Companion v1.1.987.2028

---\\ System optimization software (2) - 2s
CCleaner v4.16
Wise Registry Cleaner 8.72 v8.72

---\\ Surveillance software (2) - 2s
Adobe Flash Player 19 PPAPI
Adobe Reader XI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4127.088 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 25 GB () free of 75 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: PC
~ User Name: PC
~ Logged in as Administrator

---\\ Enumeration of the disk units (4) - 0s
~ Drive C: has 25 GB free of 75 GB (System)
~ Drive D: has 49 GB free of 210 GB
~ Drive E: has 22 GB free of 215 GB
~ Drive F: has 36 GB free of 215 GB

---\\ State of the Windows Security Center (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (25) - 3s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 20/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] ©
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] ©
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] ©
[MD5.07F88A53AE1F2CE176543D684C54F74F] - 03/09/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1392128] ©
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] ©
[MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] ©
[MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.FA886682CFC5D36718D3E436AACF10B9] - 30/05/2014 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497152] ©
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] ©
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] ©
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] ©
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] ©
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] ©
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] ©
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] ©
[MD5.1877EB1495CFBDAB27D6A32F6DDF3818] - 01/07/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] ©
[MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] ©
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 24/01/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684928] ©
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] ©
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] ©
[MD5.1B6163C503398B23FF8B939C67747683] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] ©
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] ©
[MD5.70988118145F5F10EF24720B97F35F65] - 11/11/2014 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] ©
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] ©

---\\ Software installed (104) - 13s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: 50CaouPons - (."".) [HKLM][64Bits] -- {CF987D06-1DCF-7B36-5B43-13BC8699C44C} =>PUP.Optional.Multiplug
O42 - Logiciel: AD Sound Recorder 5.5.4 - (.Adrosoft.) [HKLM][64Bits] -- AD Sound Recorder_is1 ©
O42 - Logiciel: Ad-Aware Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {AEC923AC-C3BE-4A7C-8CEB-6822C888CF2E} ©
O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Adobe Flash Player 19 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI ©
O42 - Logiciel: Adobe Reader XI (11.0.11) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824144531} ©
O42 - Logiciel: Advanced SystemCare 9 - (.IObit.) [HKLM][64Bits] -- Advanced SystemCare_is1 ©
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C2956908-53A3-88FC-B795-B16508296FC4} ©
O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD} ©
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} ©
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL ©
O42 - Logiciel: AVI ReComp 1.5.6 - (.Mateusz Gola (aka Prozac).) [HKLM][64Bits] -- AVI ReComp
O42 - Logiciel: Baidu Antivirus - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu Antivirus ©
O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM][64Bits] -- Spark
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 5.1.0.0 ©
O42 - Logiciel: Better CDCS - (."".) [HKLM][64Bits] -- {F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} =>PUP.Optional.Multiplug
O42 - Logiciel: B-Link Wireless LAN Driver and Utility - (.SHENZHEN BILIAN ELECTRONIC CO.,LTD.) [HKLM][64Bits] -- {9C049499-055C-4a0c-A916-1D12314F45EB}
O42 - Logiciel: BuitSaVeer - (."".) [HKLM][64Bits] -- {A3FC46A0-9B62-0EF3-B475-743B3A2762B1} =>PUP.Optional.Multiplug
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} ©
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} ©
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} ©
O42 - Logiciel: Clean Master - (.Cheetah Mobile.) [HKLM][64Bits] -- Clean Master
O42 - Logiciel: Connectify - (.Connectify.) [HKLM][64Bits] -- Connectify ©
O42 - Logiciel: CouupExteeNsionn - (."".) [HKLM][64Bits] -- {6933C2BA-C67D-42C7-8C77-1FF4B364AF54} =>PUP.Optional.Multiplug
O42 - Logiciel: Deepnet Explorer - (...) [HKLM][64Bits] -- Deepnet Explorer
O42 - Logiciel: DiscountExtenSia - (."".) [HKLM][64Bits] -- {B138259A-351E-33FA-2726-8D71704F1DA9} =>PUP.Optional.Multiplug
O42 - Logiciel: Ed2kHelper - (."".) [HKLM][64Bits] -- {51417852-174C-88D4-34A0-D0FE7858BE47} =>PUP.Optional.Multiplug
O42 - Logiciel: EPSON SX230 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON SX230 Series ©
O42 - Logiciel: FlowStone FL 3.0 - (...) [HKLM][64Bits] -- FlowStone
O42 - Logiciel: FormatFactory 3.0.1 - (.Free Time.) [HKLM][64Bits] -- FormatFactory ©
O42 - Logiciel: Haeppy22SaavE - (."".) [HKLM][64Bits] -- {E957849A-94AC-6F46-4623-C31474E3C170} =>PUP.Optional.Multiplug
O42 - Logiciel: Highlight to Search - (...) [HKLM][64Bits] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {C2306F93-60AC-4401-B600-453376E771EC} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {E0729EA8-444C-4AAF-AB69-3CE907F60A38} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {FE51B16C-A025-418A-A5D6-07D93B643AFB} ©
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {4332723E-06E5-47F8-B106-8A2971B01368} ©
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} ©
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {9E9C290F-18E8-412D-B4F2-6CD6B45E47C0} ©
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} ©
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {171C7193-1BB5-4619-BF23-E962598CAB13} ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager ©
O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM][64Bits] -- IObitUninstall ©
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM][64Bits] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C} ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} ©
O42 - Logiciel: K-Lite Codec Pack 7.1.0 (Basic) - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: L&H TTS3000 Français - (...) [HKLM][64Bits] -- LHTTSFRF
O42 - Logiciel: LavasoftTcpService - (.Lavasoft.) [HKLM][64Bits] -- {5916A24B-59A4-4FDB-9753-499CB1F65362} ©
O42 - Logiciel: Mega Bloc Notes 5.2.0 - (.Pierre MOATI.) [HKLM][64Bits] -- MegaBlocNotes
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} ©
O42 - Logiciel: MPC-HC 1.7.7 (64-bit) - (.MPC-HC Team.) [HKLM][64Bits] -- {2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1 ©
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {077FFB21-CBD4-11E3-BBED-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {7EEFA2B0-292C-11E2-AF85-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D66B7840-6A9B-11E4-8FED-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {FEBBB8C0-8DD6-11E3-B8B6-F04DA23A5C58} ©
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} ©
O42 - Logiciel: New Tab Redirect Plus - (."".) [HKLM][64Bits] -- {76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} =>PUP.Optional.Multiplug
O42 - Logiciel: Opera Stable 33.0.1990.115 - (.Opera Software.) [HKLM][64Bits] -- Opera 33.0.1990.115 ©
O42 - Logiciel: PDFill PDF Editor with FREE Writer and FREE Tools - (.PlotSoft LLC.) [HKLM][64Bits] -- {D1399216-81B2-457C-A0F7-73B9A2EF6902} ©
O42 - Logiciel: PHP Notepad - (."".) [HKLM][64Bits] -- {CA1838EF-A497-194E-3850-37A62CEE398B} =>PUP.Optional.Multiplug
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Communications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801} ©
O42 - Logiciel: Qualcomm Atheros Driver Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7} ©
O42 - Logiciel: QUICKfind server v1.1 - (.IDM.) [HKLM][64Bits] -- QUICKfind ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16} ©
O42 - Logiciel: reber Quick - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- reber Quick ©
O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] -- Recuva ©
O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM][64Bits] -- {5442DAB8-7177-49E1-8B22-09A049EA5996} ©
O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM][64Bits] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} ©
O42 - Logiciel: Resource Hacker Version 4.2.5 - (...) [HKLM][64Bits] -- ResourceHacker_is1
O42 - Logiciel: SaverExteinsion - (."".) [HKLM][64Bits] -- {274E3C5C-178E-EAE2-A52F-2863C0EECD46} =>PUP.Optional.Multiplug
O42 - Logiciel: SkypEmoticons - (...) [HKLM][64Bits] -- SkypEmoticons_is1
O42 - Logiciel: SmartSound Common Data - (.SmartSound Software Inc..) [HKLM][64Bits] -- {B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} ©
O42 - Logiciel: SmartSound Common Data - (.SmartSound Software Inc..) [HKLM][64Bits] -- InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} ©
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- {2F8BA3FD-1FA9-4279-B696-712ABB12F09F} ©
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F} ©
O42 - Logiciel: StatMaker - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995} =>PUP.Optional.Graftor
O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM][64Bits] -- IObit Surfing Protection_is1 ©
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey ©
O42 - Logiciel: Topaz Adjust 5 - (.Topaz Labs, LLC.) [HKLM][64Bits] -- Topaz Adjust 5 ©
O42 - Logiciel: Topaz Fusion Express 2 - (.Topaz Labs.) [HKLM][64Bits] -- Topaz Fusion Express 2 ©
O42 - Logiciel: Topaz Fusion Express 2 (64-bit) - (.Topaz Labs.) [HKLM][64Bits] -- Topaz Fusion Express 2 (64-bit) ©
O42 - Logiciel: Topaz ReStyle - (.Topaz Labs, LLC.) [HKLM][64Bits] -- Topaz ReStyle ©
O42 - Logiciel: Topaz Simplify 4 - (.Topaz Labs, LLC.) [HKLM][64Bits] -- Topaz Simplify 4 ©
O42 - Logiciel: uniisales - (...) [HKLM][64Bits] -- {4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} =>PUP.Optional.Multiplug
O42 - Logiciel: VobSub 2.23 - (.Gabest.) [HKLM][64Bits] -- VobSub
O42 - Logiciel: Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {AEC923AC-C3BE-4A7C-8CEB-6822C888CF2E}_WebCompanion ©
O42 - Logiciel: Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/0 - (.Google, Inc..) [HKLM][64Bits] -- 30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C ©
O42 - Logiciel: WinRAR 5.00 beta 5 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: Wise Registry Cleaner 8.72 - (.WiseCleaner.com, Inc..) [HKLM][64Bits] -- Wise Registry Cleaner_is1 ©
O42 - Logiciel: Wondershare Video Editor(Build 5.1.1) - (.Wondershare Software.) [HKLM][64Bits] -- Wondershare Video Editor_is1 ©
O42 - Logiciel: Xilisoft Video Converter Ultimate - (.Xilisoft.) [HKLM][64Bits] -- Xilisoft Video Converter Ultimate ©
O42 - Logiciel: Xvid 1.2.2 - (.Koepi's build.) [HKLM][64Bits] -- Xvid_is1
O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM][64Bits] -- Xvid Video Codec 1.3.2 ©
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger ©
O42 - Logiciel: Yahoo! Software Update - (...) [HKLM][64Bits] -- Yahoo! Software Update

---\\ HKCU & HKLM Software Keys (186) - 13s
HKLM\SOFTWARE\Wow6432Node\"charlie_installer"/n
HKLM\SOFTWARE\Wow6432Node\ACE Compression Software
HKLM\SOFTWARE\Wow6432Node\Adguard
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Aimersoft
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\ASIO4ALL
HKLM\SOFTWARE\Wow6432Node\Atheros
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Audiolib
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AVG
HKLM\SOFTWARE\Wow6432Node\AVI ReComp
HKLM\SOFTWARE\Wow6432Node\b838b835-8636-e368-5f87-c3652edc7963 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\BSD
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\CloudOpt
HKLM\SOFTWARE\Wow6432Node\CloudOPTInfo
HKLM\SOFTWARE\Wow6432Node\cmcm
HKLM\SOFTWARE\Wow6432Node\Connectify
HKLM\SOFTWARE\Wow6432Node\Deepnet Explorer
HKLM\SOFTWARE\Wow6432Node\DeskShare
HKLM\SOFTWARE\Wow6432Node\DSPRobotics
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\ExpressFiles =>PUP.Optional.ExpressFiles
HKLM\SOFTWARE\Wow6432Node\Freemake
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\hdcode
HKLM\SOFTWARE\Wow6432Node\HotspotShield
HKLM\SOFTWARE\Wow6432Node\Huawei technologies
HKLM\SOFTWARE\Wow6432Node\IDM
HKLM\SOFTWARE\Wow6432Node\Image-Line
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\ISO-to-USB_1351-Setup
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\L&H
HKLM\SOFTWARE\Wow6432Node\Lavasoft
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MeadCo
HKLM\SOFTWARE\Wow6432Node\megablocnote
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NCH Software
HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PIP =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\PlotSoft
HKLM\SOFTWARE\Wow6432Node\Qualcomm Atheros
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\SiteSee =>PUP.Optional.SiteSee
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc
HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc.
HKLM\SOFTWARE\Wow6432Node\SmartSound Software
HKLM\SOFTWARE\Wow6432Node\SoftVoice
HKLM\SOFTWARE\Wow6432Node\Sony Creative Software
HKLM\SOFTWARE\Wow6432Node\Topaz Labs
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\TweakBit
HKLM\SOFTWARE\Wow6432Node\Voice
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WiseCleaner
HKLM\SOFTWARE\Wow6432Node\WnSoft
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\Xilisoft
HKLM\SOFTWARE\Wow6432Node\Xvid Team
HKLM\SOFTWARE\Wow6432Node\Yahoo
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Adrosoft
HKCU\SOFTWARE\AMD
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ASIO4ALL v2 by Wuschel
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\AVI ReComp
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BSD
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\cmcm
HKCU\SOFTWARE\Corel
HKCU\SOFTWARE\DebugKHelp
HKCU\SOFTWARE\Deepnet Explorer
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Easy-Hide-IP VPN
HKCU\SOFTWARE\Enigma Protector
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\EWS
HKCU\SOFTWARE\ExpressFiles =>PUP.Optional.ExpressFiles
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Freeware
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\i-FunBox.com
HKCU\SOFTWARE\IE Tab
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Image Content Technology
HKCU\SOFTWARE\Image-Line
HKCU\SOFTWARE\Imagenomic
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\InterVideo
HKCU\SOFTWARE\Karlis Blumentals
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\MyXOFT
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\NCH Swift Sound
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\Nik Software
HKCU\SOFTWARE\notepad
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\oTweak =>PUP.Optional.oTweak
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PlotSoft
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\reimagerepair =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\RSpark
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\SimonTatham
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SlimWare Utilities Inc
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\softorbits
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\TerraInformatica
HKCU\SOFTWARE\TopazLabs
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TrueBoxShot
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Ulead
HKCU\SOFTWARE\Ulead Systems
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WnSoft
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\WSVCUPlugin
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Yahoo

---\\ Non Microsoft non disabled Windows Services (16) - 1s
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit - Advanced SystemCare Service.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ©
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe ©
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe ©
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe ©
O23 - Service: B-Link11nCU (B-Link11nCU) . (.Realtek - RtlService MFC Application.) - C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe ©
O23 - Service: Baidu Antivirus Service (BavSvc) . (.Baidu, Inc. - Baidu Antivirus Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe ©
O23 - Service: Baidu Hips Service (BHipsSvc) . (.Baidu, Inc. - Baidu Antivirus Hips Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe ©
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe ©
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.Copyright (C) 2008 - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe ©
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
O23 - Service: LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited - .) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe ©
O23 - Service: IE Search Set (SearchProtectionService) . (.Copyright © 2014 - SPWindowsService.) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv64.exe ©
O23 - Service: ZAtheros Bt&Wlan Coex Agent (ZAtheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ©

---\\ Task Planned Automatically (25) - 5s
[MD5.70685AC6E02E9C2DFB88D4851954F5B4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998088] ©
[MD5.280A526E8111AC6A5BCC1A059E1E0340] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.DC7D54AE67F4D5F065F19011E3D123C2] [APT] [ASC9_PerformanceMonitor] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [1517344] ©
[MD5.DC86206A5417525117C417DC1D58D183] [APT] [ASC9_SkipUac_WeLtMeiSteR] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [4999968] ©
[MD5.1F44D3D5ABF62003BF5926BB66F3EC65] [APT] [Baidu Antivirus Update] (.Baidu, Inc..) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavUpdater.exe [3274528] ©
[MD5.909A77678E447339DB1880CDB1EA2F47] [APT] [Baidu PC Faster Service] (.Baidu, Inc..) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448] ©
[MD5.1E5F6A7543B676324A95E4474762F363] [APT] [Baidu PC Faster Update] (.Baidu, Inc..) -- C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe [1359120] ©
[MD5.88077CF32319BEE612C82EBF54680DE8] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4626712] ©
[MD5.51A2632AAFF24229FB500BC52CFECBF2] [APT] [Opera scheduled Autoupdate 1416104143] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [948856] ©
[MD5.7DBA1F4E48C3FEAA34F6648A469F210D] [APT] [SparkUpdater] (.Baidu.com, Inc..) -- C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [1372472]
[MD5.AF54EF98D4D20840235D1FCB0DB3AE3A] [APT] [Uninstaller_SkipUac_PC] (.IObit.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4865312] ©
[MD5.31448B27C126A6DECE8120324BBC4D79] [APT] [WRCSkipUAC] (.WiseCleaner.com.) -- C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [3445192] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] ©
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3888] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3770] ©
O39 - APT: ASC9_PerformanceMonitor - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_PerformanceMonitor [3204] ©
O39 - APT: ASC9_SkipUac_WeLtMeiSteR - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_SkipUac_WeLtMeiSteR [2892] ©
O39 - APT: Baidu Antivirus Update - (.Baidu, Inc..) -- C:\Windows\System32\Tasks\Baidu Antivirus Update [3468] ©
O39 - APT: Baidu PC Faster Service - (.Baidu, Inc..) -- C:\Windows\System32\Tasks\Baidu PC Faster Service [3674] ©
O39 - APT: Baidu PC Faster Update - (.Baidu, Inc..) -- C:\Windows\System32\Tasks\Baidu PC Faster Update [3724] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2786] ©
O39 - APT: Opera scheduled Autoupdate 1416104143 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416104143 [3842] ©
O39 - APT: SparkUpdater - (.Baidu.com, Inc..) -- C:\Windows\System32\Tasks\SparkUpdater [4110]
O39 - APT: Uninstaller_SkipUac_WeLtMeiSteR - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_WeLtMeiSteR [2928] ©
O39 - APT: WRCSkipUAC - (.WiseCleaner.com.) -- C:\Windows\System32\Tasks\WRCSkipUAC [3078] ©

---\\ Process running (41) - 1s
[MD5.A1936493AC94D7C4350327049ED5B953] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680] [PID.436] ©
[MD5.F17B1902DFCED1C24DB57492A7896FF8] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [239616] [PID.1084] ©
[MD5.897C1273B7D74E19DDA7EBF495BF0133] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\stacsv64.exe [327680] [PID.1256] ©
[MD5.FC7C13B5A9E9BE23B7AE72BBC7FDB278] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\System32\Hpservice.exe [30520] [PID.1528] ©
[MD5.C2E89DF8C68BF676AA2690FEFE3C2043] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [619008] [PID.1640] ©
[MD5.A6FB9DB8F1A86861D955FD6975977AE0] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\Program Files\IDT\WDM\AESTSr64.exe [89600] [PID.2332] ©
[MD5.50C3C62FFE6337E6E4F2F01CB07DF63C] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000] [PID.2360] ©
[MD5.EA569D48B2E755AF6D96F03F3335D98A] - (.Realtek - RtlService MFC Application.) -- C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe [36864] [PID.2408] ©
[MD5.B8408423BF7A25D5A11CE53BE7680301] - (.Realtek Semiconductor Corp. - RtWLan.) -- C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtWLan.exe [1961984] [PID.2436] ©
[MD5.69F918D9C2991226BBAB914C429F466A] - (.Baidu, Inc. - Baidu Antivirus Service.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe [2572928] [PID.2444] ©
[MD5.DC7D54AE67F4D5F065F19011E3D123C2] - (.IObit - Performance Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [1517344] [PID.2692] ©
[MD5.9E2EBFAB12A9F91FB89DCE6A7D475174] - (.Baidu, Inc. - Baidu Antivirus Hips Service.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe [531232] [PID.2748] ©
[MD5.E90DA42B87D684DEBFB73B38A718A006] - (.Copyright (C) 2008 - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService64.exe [346976] [PID.3068]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.2512] ©
[MD5.0043EC20C06FD9FE339B5D37474B731E] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [629984] [PID.2024] ©
[MD5.71412A396A63B5123EB134A624D4CC48] - (.Lavasoft Limited - .) -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2748720] [PID.2796] ©
[MD5.7CD1112772DEA1500E3C0684D6E93FCB] - (.Copyright © 2014 - SPWindowsService.) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768] [PID.3080]
[MD5.31A85304F914C7F48B4B6C9B8078C501] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe [1664000] [PID.3988] ©
[MD5.2C78CB3320998F23C1E70A7453AF86A9] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [172016] [PID.4040] ©
[MD5.4F64EEC70495C61E76785236A3EA3BF3] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [399856] [PID.444] ©
[MD5.75186D02630109E9045BCFD677507CF4] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2825456] [PID.1576] ©
[MD5.C0F28122ABC09F7D7EC224E2F8DE4327] - (.Connectify - Connectify Hotspot.) -- C:\Program Files (x86)\Connectify\Connectify.exe [4170528] [PID.1292] ©
[MD5.73F8700DB9F9344D8564E9D50AEBDC3A] - (.Connectify - Connectify Dispatch.) -- C:\Program Files (x86)\Connectify\DispatchUI.exe [2217760] [PID.1544] ©
[MD5.5E38FC48BFC05DDAB644C0C645396748] - (.Slimware Utilities Holdings, Inc. - SlimCleaner Plus.) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26179864] [PID.3816]
[MD5.918C73F0275D7813E6F01E100B39DBD9] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584] [PID.4424] ©
[MD5.AA6B542E0CBBF704CBA58CB8F074B41A] - (.SlimWare Utilities, Inc. - SlimServiceFactory.) -- C:\Program Files\SlimService\SlimServiceFactory.exe [245016] [PID.2064]
[MD5.3E15C2DBC338ACC2DAA132B290E99E5F] - (.SlimWare Utilities, Inc. - SlimService.) -- C:\Program Files\SlimService\SlimService.exe [4821272] [PID.5156]
[MD5.4ED9384529BED5AE37FD13ED9A2354EC] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [200944] [PID.5376] ©
[MD5.1251E5861A822764DAD25552FF78179D] - (.Baidu, Inc. - Baidu Antivirus Hook Monitor.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\bavhm.exe [447984] [PID.5812] ©
[MD5.7CEC6E1B6E2F540120025DCDBC07EA90] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.6164] ©
[MD5.5AA6357A56B79B46C904173B87070D37] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3882576] [PID.6252] ©
[MD5.EFA3DEAC7254F19FC53C241425A32921] - (.AO Kaspersky Lab - WMI x64 Helper.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\wmi64.exe [21488] [PID.6932]
[MD5.932A21CF0DA4E951C7C4A62D27E6D8FB] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe [211712] [PID.7016] ©
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.6224] ©
[MD5.811EDCF199557324A51BF944F8226622] - (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavTray.exe [1997296] [PID.3044] ©
[MD5.909A77678E447339DB1880CDB1EA2F47] - (.Baidu, Inc. - Baidu PC Faster Service.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448] [PID.4080] ©
[MD5.909A77678E447339DB1880CDB1EA2F47] - (.Baidu, Inc. - Baidu PC Faster Service.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448] [PID.5108] ©
[MD5.1CF45B67AF6370CAF2E7622B3EBC34AC] - (.Baidu, Inc. - PC Faster Tray.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe [2333152] [PID.8084] ©
[MD5.445314773746F320CEA0D6975A075CA4] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZHP\ZHPDiag3.exe [1979392] [PID.7868] ©
[MD5.445314773746F320CEA0D6975A075CA4] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZHP\ZHPDiag3.exe [1979392] [PID.8092] ©
[MD5.48F3E5A87D0FBA6EACAC740AF4C6310E] - (.Baidu, Inc. - Baidu Antivirus ReportCommRetry.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\ReportCommRetryPCF.exe [220528] [PID.8744] ©

---\\ Google Chrome, Start,Search,Extensions (1) - 0s
G2 - GCE: Preference [User Data\Default] [fcfenmboojpjinhpgggodefccipikbpd] __MSG_ExtnName__

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ©
P2 - FPN: [HKLM] [@meadco.com/neptune plugin,version=2.0.0.29] - (.MeadCo Corp..) -- C:\Program Files (x86)\MeadCo Neptune\npmeadax.dll

---\\ Opera, Plugins,Start,Search (1) - 0s
B2 - EXT: [Opera Stable] C:\Users\WeLtMeiSteR\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp

---\\ Internet Explorer Extensions, Start, Search (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (18)

---\\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} (Orphean)
O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll

---\\ Internet Explorer Toolbars (1) - 0s
O3 - Toolbar: (no name) - [HKLM]{3507FA00-ADA2-4A02-99B9-51AD26CA9120} (Orphean)

---\\ Auto loading programs from Registry and folders (23) - 1s
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe ©
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe ©
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Connectify Hotspot] . (.Connectify - Connectify Hotspot.) -- C:\Program Files (x86)\Connectify\Connectify.exe ©
O4 - HKLM\..\Run: [Connectify Dispatch] . (.Connectify - Connectify Dispatch.) -- C:\Program Files (x86)\Connectify\DispatchUI.exe ©
O4 - HKCU\..\Run: [EPSON SX230 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE ©
O4 - HKCU\..\Run: [SlimCleaner Plus] . (.Slimware Utilities Holdings, Inc. - SlimCleaner Plus.) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Baidu Antivirus] . (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavTray.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 5.1.0.0] . (.Baidu, Inc. - PC Faster Tray.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 4.0.0.0] . (.Baidu, Inc. - PC Faster Tray.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe ©
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe ©
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe ©
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe ©
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe ©
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-21-1056088385-1201271728-3744532705-1000\..\Run: [EPSON SX230 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE ©
O4 - HKUS\S-1-5-21-1056088385-1201271728-3744532705-1000\..\Run: [SlimCleaner Plus] . (.Slimware Utilities Holdings, Inc. - SlimCleaner Plus.) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
O4 - HKUS\S-1-5-21-1056088385-1201271728-3744532705-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©

---\\ Global shortcuts Startup (3) - 3s
O4 - GS\Quicklaunch [Administrator]: CrossBrowser.lnk . (...) C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
O4 - GS\Quicklaunch [Guest]: CrossBrowser.lnk . (...) C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
O4 - GS\Quicklaunch [WeLtMeiSteR]: CrossBrowser.lnk . (...) C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser

---\\ Winsock hijacker (Layered Service Provider) (5) - 1s
O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000003\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000004\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000021\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock

---\\ Lop.com/Domain Hijackers (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 95.170.200.200 93.91.200.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 95.170.200.200 93.91.200.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 95.170.200.200 93.91.200.200
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ Extra protocols (26) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: gopher [64Bits] - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ©

---\\ Contents of the Common Files folders (398) - 39s
O43 - CFD: 19/02/2015 - [] D -- C:\Program Files (x86)\ AV Vcs 7.0
O43 - CFD: 15/03/2015 - [] D -- C:\Program Files (x86)\50CaouPons
O43 - CFD: 27/02/2015 - [] D -- C:\Program Files (x86)\AD Sound Recorder
O43 - CFD: 30/11/2015 - [0] D -- C:\Program Files (x86)\Adguard
O43 - CFD: 07/04/2015 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 29/05/2015 - [0] D -- C:\Program Files (x86)\Aimersoft
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files (x86)\AoaoPhoto Digital Studio
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 12/03/2015 - [] D -- C:\Program Files (x86)\Auralog
O43 - CFD: 25/05/2015 - [] D -- C:\Program Files (x86)\AVG
O43 - CFD: 18/02/2015 - [] D -- C:\Program Files (x86)\AVI ReComp
O43 - CFD: 04/09/2015 - [0] D -- C:\Program Files (x86)\AVN Products
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\B-Link
O43 - CFD: 25/03/2015 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 03/07/2015 - [] D -- C:\Program Files (x86)\Baidu Security
O43 - CFD: 15/03/2015 - [] D -- C:\Program Files (x86)\Better CDCS
O43 - CFD: 27/11/2014 - [] D -- C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\BuitSaVeer =>PUP.Optional.Multiplug
O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 24/06/2015 - [] D -- C:\Program Files (x86)\cmcm
O43 - CFD: 31/10/2015 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 24/07/2015 - [0] D -- C:\Program Files (x86)\compfix
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\Connectify
O43 - CFD: 23/02/2015 - [] D -- C:\Program Files (x86)\Corel
O43 - CFD: 06/02/2015 - [] D -- C:\Program Files (x86)\CouupExteeNsionn =>PUP.Optional.Multiplug
O43 - CFD: 14/05/2015 - [] D -- C:\Program Files (x86)\Deepnet Explorer
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\DiscountExtenSia =>PUP.Optional.Multiplug
O43 - CFD: 23/02/2015 - [] D -- C:\Program Files (x86)\DoowNNSavve =>PUP.Optional.Multiplug
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Driver Checker
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\DSPRobotics
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\Easy-Hide-IP VPN
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\Ed2kHelper
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\Free Window Registry Repair
O43 - CFD: 20/06/2015 - [0] D -- C:\Program Files (x86)\Freemake
O43 - CFD: 20/12/2014 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\FunDealsi =>PUP.Optional.Multiplug
O43 - CFD: 18/02/2015 - [] D -- C:\Program Files (x86)\Gabest
O43 - CFD: 22/11/2015 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 17/05/2015 - [0] D -- C:\Program Files (x86)\goopad
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\Haeppy22SaavE =>PUP.Optional.Multiplug
O43 - CFD: 26/11/2014 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\Highlight to Search
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\Hotspot Shield
O43 - CFD: 01/12/2015 - [] D -- C:\Program Files (x86)\IDM
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\Image-Line
O43 - CFD: 20/11/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 01/01/2015 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 03/09/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 22/11/2015 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 18/11/2014 - [] D -- C:\Program Files (x86)\JMicron
O43 - CFD: 04/09/2015 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 25/05/2015 - [] D -- C:\Program Files (x86)\Lavasoft
O43 - CFD: 01/12/2015 - [] D -- C:\Program Files (x86)\Longman
O43 - CFD: 28/05/2015 - [] D -- C:\Program Files (x86)\MeadCo Neptune
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Microsoft
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05/01/2015 - [] D -- C:\Program Files (x86)\MKVToolNix
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Movavi Video Converter 15
O43 - CFD: 21/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 24/06/2015 - [0] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 27/02/2015 - [] D -- C:\Program Files (x86)\MyXOFT
O43 - CFD: 20/06/2015 - [] D -- C:\Program Files (x86)\NCH Software
O43 - CFD: 06/02/2015 - [] D -- C:\Program Files (x86)\New Tab Redirect Plus
O43 - CFD: 03/12/2015 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 16/11/2014 - [0] D -- C:\Program Files (x86)\oTweak =>PUP.Optional.oTweak
O43 - CFD: 02/07/2015 - [] D -- C:\Program Files (x86)\PC Faster
O43 - CFD: 16/03/2015 - [] D -- C:\Program Files (x86)\Photodex
O43 - CFD: 25/09/2015 - [] D -- C:\Program Files (x86)\Photoshop CS6
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\PHP Notepad
O43 - CFD: 12/04/2015 - [] D -- C:\Program Files (x86)\PlotSoft
O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 20/06/2015 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 07/08/2015 - [] D -- C:\Program Files (x86)\reber Quick
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 01/01/2015 - [] D -- C:\Program Files (x86)\Reimageplus.com =>PUP.Optional.ReImageRepair
O43 - CFD: 18/11/2014 - [] D -- C:\Program Files (x86)\Renesas Electronics
O43 - CFD: 03/12/2015 - [] D -- C:\Program Files (x86)\Resource Hacker
O43 - CFD: 30/01/2015 - [] D -- C:\Program Files (x86)\SaverExteinsion =>PUP.Optional.Multiplug
O43 - CFD: 30/01/2015 - [] D -- C:\Program Files (x86)\Send Link by Email or Gmail
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\SEO Website Analysis
O43 - CFD: 30/12/2014 - [] D -- C:\Program Files (x86)\SmartSound Software
O43 - CFD: 26/09/2015 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 30/07/2015 - [0] D -- C:\Program Files (x86)\StatFoobar
O43 - CFD: 15/05/2015 - [0] D -- C:\Program Files (x86)\StatMaker =>PUP.Optional.Graftor
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\SubtitleCreator
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\TabsPlus
O43 - CFD: 16/02/2015 - [0] D -- C:\Program Files (x86)\TampaGeneration =>PUP.Optional.TampaGeneration
O43 - CFD: 20/06/2015 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 20/06/2015 - [0] D -- C:\Program Files (x86)\TerminusDefender
O43 - CFD: 23/03/2015 - [] D -- C:\Program Files (x86)\Topaz Labs
O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\TweakBit
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\Tweaking.com
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\uniisales =>PUP.Optional.Multiplug
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\unisiales =>PUP.Optional.Multiplug
O43 - CFD: 06/09/2015 - [] D -- C:\Program Files (x86)\Universal Mind
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\unnisualiess =>PUP.Optional.Multiplug
O43 - CFD: 24/04/2015 - [0] D -- C:\Program Files (x86)\UpgradeLeader
O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 04/08/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 24/06/2015 - [] D -- C:\Program Files (x86)\Wise
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files (x86)\WnSoft PicturesToExe
O43 - CFD: 15/03/2015 - [] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Xilisoft
O43 - CFD: 18/02/2015 - [] D -- C:\Program Files (x86)\Xvid
O43 - CFD: 24/12/2014 - [] D -- C:\Program Files (x86)\Yahoo!
O43 - CFD: 31/12/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AD Sound Recorder
O43 - CFD: 26/06/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B-Link 11n USB Wireless LAN Utility
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser
O43 - CFD: 03/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 02/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
O43 - CFD: 14/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deepnet Explorer
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 20/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
O43 - CFD: 16/11/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
O43 - CFD: 19/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 18/05/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 10/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
O43 - CFD: 24/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 02/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 05/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
O43 - CFD: 16/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
O43 - CFD: 12/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill
O43 - CFD: 07/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reber Quick
O43 - CFD: 19/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
O43 - CFD: 03/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
O43 - CFD: 01/08/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
O43 - CFD: 29/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 24/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
O43 - CFD: 18/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True BoxShot
O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
O43 - CFD: 18/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
O43 - CFD: 19/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
O43 - CFD: 18/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
O43 - CFD: 22/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\2f73a9e1eef825d0
O43 - CFD: 30/11/2015 - [] D -- C:\ProgramData\Adguard
O43 - CFD: 26/04/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\Aimersoft Video Converter Ultimate
O43 - CFD: 25/11/2014 - [0] D -- C:\ProgramData\AMD
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\AollSauvver =>PUP.Optional.Multiplug
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\Apple
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 27/11/2014 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 01/12/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\AVG
O43 - CFD: 02/07/2015 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 02/12/2015 - [0] D -- C:\ProgramData\BavSvc_exe
O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\BCloudScan_exe
O43 - CFD: 04/11/2015 - [0] D -- C:\ProgramData\Cache
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\cmcm
O43 - CFD: 16/11/2014 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Connectify
O43 - CFD: 27/04/2015 - [] D -- C:\ProgramData\cutevideocutterfree
O43 - CFD: 07/08/2015 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\Easy-Hide-IP VPN
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\eSellerate
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 19/05/2015 - [0] D -- C:\ProgramData\feaa68f000005594
O43 - CFD: 20/06/2015 - [0] D -- C:\ProgramData\Freemake
O43 - CFD: 16/01/2015 - [] D -- C:\ProgramData\Google
O43 - CFD: 19/05/2015 - [] D -- C:\ProgramData\GroupPolicy
O43 - CFD: 26/11/2015 - [] D -- C:\ProgramData\Hotspot Shield
O43 - CFD: 16/11/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 18/05/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 22/11/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 17/01/2015 - [] D -- C:\ProgramData\IsolatedStorage
O43 - CFD: 03/12/2015 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\Lavasoft
O43 - CFD: 20/06/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 29/08/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 16/02/2015 - [] D -- C:\ProgramData\Movavi
O43 - CFD: 14/09/2015 - [] D -- C:\ProgramData\Movavi Video Converter 15
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 17/03/2015 - [] D -- C:\ProgramData\NCH Software
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\NewSeaVVer =>PUP.Optional.Multiplug
O43 - CFD: 30/11/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 02/07/2015 - [] D -- C:\ProgramData\PC Faster
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Photodex
O43 - CFD: 12/04/2015 - [0] D -- C:\ProgramData\PlotSoft
O43 - CFD: 22/11/2015 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\Protexis64
O43 - CFD: 25/11/2014 - [] D -- C:\ProgramData\Qualcomm Atheros
O43 - CFD: 15/07/2015 - [] D -- C:\ProgramData\reber Quick
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\RegularrDeoaLs =>PUP.Optional.Multiplug
O43 - CFD: 24/06/2015 - [0] D -- C:\ProgramData\Skype
O43 - CFD: 25/11/2015 - [] D -- C:\ProgramData\SlimWare Utilities Inc
O43 - CFD: 18/05/2015 - [] D -- C:\ProgramData\SlimWare Utilities, Inc
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\SmartSound Software Inc
O43 - CFD: 26/09/2015 - [] D -- C:\ProgramData\Sony
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 16/11/2014 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\TweakBit
O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Wondershare Video Editor
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\XDMessagingv4
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Xilisoft
O43 - CFD: 22/12/2014 - [] D -- C:\ProgramData\Yahoo!
O43 - CFD: 04/05/2015 - [] D -- C:\ProgramData\{2c189564-8fd0-8147-2c18-895648fd5592}
O43 - CFD: 15/05/2015 - [] D -- C:\ProgramData\{393f89fa-6997-cfe7-393f-f89fa69927e9}
O43 - CFD: 18/05/2015 - [] D -- C:\ProgramData\{3f779e7e-3005-4ed7-3f77-79e7e30079f8}
O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\{73657672-ac5d-3ae7-7365-57672ac5d9ca}
O43 - CFD: 17/05/2015 - [] D -- C:\ProgramData\{776c412d-ad55-2b2d-776c-c412dad504b6}
O43 - CFD: 24/03/2015 - [] HDC -- C:\ProgramData\{7E8842F4-ECF1-457B-9B22-AA8299B810D9}
O43 - CFD: 16/01/2015 - [] D -- C:\ProgramData\{8185900e-8a1c-9d42-8185-5900e8a1403a}
O43 - CFD: 16/01/2015 - [] D -- C:\ProgramData\{947e691a-274f-d443-947e-e691a274a468}
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\{a539fbff-b972-5d86-a539-9fbffb97effe}
O43 - CFD: 31/12/2014 - [0] D -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
O43 - CFD: 13/06/2015 - [] D -- C:\ProgramData\{bf9a13e9-69be-b8ff-bf9a-a13e969b4fa5}
O43 - CFD: 24/03/2015 - [] HDC -- C:\ProgramData\{D9F9C87D-6338-4977-AD5C-EE6EE6F6B6EC}
O43 - CFD: 21/11/2015 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 31/03/2015 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 07/04/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 30/12/2014 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 27/11/2014 - [] D -- C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 19/02/2015 - [] D -- C:\Program Files (x86)\Common Files\ConvexSoft
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 21/11/2014 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 16/11/2014 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 21/11/2015 - [] D -- C:\Program Files (x86)\Common Files\IObit
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 01/01/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 27/11/2014 - [] D -- C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 24/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Topaz Labs
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 27/02/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AD Sound Recorder
O43 - CFD: 11/04/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Adobe
O43 - CFD: 14/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Aegisub
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Aimersoft Video Converter Ultimate
O43 - CFD: 03/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AMD
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Anvsoft
O43 - CFD: 31/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Apple Computer
O43 - CFD: 27/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Atheros
O43 - CFD: 24/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ATI
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Avant Downloader
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Avant Profiles
O43 - CFD: 01/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AVAST Software
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AVG
O43 - CFD: 29/10/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AVI ReComp
O43 - CFD: 21/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\avidemux
O43 - CFD: 19/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Avnex
O43 - CFD: 02/08/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Baidu
O43 - CFD: 23/11/2014 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\BandExtend
O43 - CFD: 03/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\BavMini
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Deepnet Explorer
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\DMCache
O43 - CFD: 18/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Easeware
O43 - CFD: 15/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ExpressFiles =>PUP.Optional.ExpressFiles
O43 - CFD: 14/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\fontconfig
O43 - CFD: 29/06/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Google
O43 - CFD: 24/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Heavy Village
O43 - CFD: 26/11/2014 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Hewlett-Packard
O43 - CFD: 26/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Hotspot Shield
O43 - CFD: 26/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\hpqLog
O43 - CFD: 15/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Identities
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IDM
O43 - CFD: 24/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IDT
O43 - CFD: 18/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\iFunbox_UserCache
O43 - CFD: 25/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Image-Line
O43 - CFD: 18/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Imagenomic
O43 - CFD: 03/04/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ImTOO Software Studio
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Innovative Solutions
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\InstallShield
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Intel Corporation
O43 - CFD: 21/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IObit
O43 - CFD: 17/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IsolatedStorage
O43 - CFD: 23/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\KastorFreeAudioExtractor
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Lavasoft
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Media Center Programs
O43 - CFD: 03/12/2015 - [] SD -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\mkvtoolnix
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Mozilla
O43 - CFD: 01/12/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\MPC-HC
O43 - CFD: 17/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\NCH Software
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Netscape
O43 - CFD: 18/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Nik Software
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Opera Software
O43 - CFD: 02/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\PC Faster
O43 - CFD: 03/07/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Performersoft =>PUP.Optional.PerformerSoft
O43 - CFD: 30/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Performix LLC
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Photodex
O43 - CFD: 31/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ProductData
O43 - CFD: 17/01/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Publish Providers
O43 - CFD: 25/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\RHEng =>PUP.Optional.Conduit
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\rmi
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Skype
O43 - CFD: 24/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\SkypEmoticons
O43 - CFD: 26/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Sony
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\TuneUp Software
O43 - CFD: 23/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Ulead Systems
O43 - CFD: 01/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent
O43 - CFD: 17/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Vegasaur
O43 - CFD: 17/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\WinRAR
O43 - CFD: 24/06/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Wise Registry Cleaner
O43 - CFD: 09/10/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\WiseUpdate
O43 - CFD: 21/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Xilisoft
O43 - CFD: 30/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Yahoo!
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZHP
O43 - CFD: 05/08/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZTEEVDO
O43 - CFD: 05/08/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZTEMTUI
O43 - CFD: 23/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
O43 - CFD: 25/05/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 29/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Adobe
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\AHD
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Aimersoft
O43 - CFD: 15/11/2014 - [0] SHD -- C:\Users\WeLtMeiSteR\AppData\Local\Application Data
O43 - CFD: 24/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\ATI
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Avg
O43 - CFD: 27/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\BMExplorer
O43 - CFD: 03/12/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Local\CrashDumps
O43 - CFD: 01/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser =>PUP.Optional.CrossBrowser
O43 - CFD: 14/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Diagnostics
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Downloaded Installations
O43 - CFD: 25/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Downloaded Installers
O43 - CFD: 31/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\FreemakeVideoConverter
O43 - CFD: 23/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 16/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Google
O43 - CFD: 15/11/2014 - [0] SHD -- C:\Users\WeLtMeiSteR\AppData\Local\History
O43 - CFD: 12/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\IE Tab
O43 - CFD: 25/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Innovative Solutions
O43 - CFD: 17/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\IsolatedStorage
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Lavasoft
O43 - CFD: 18/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Macromedia
O43 - CFD: 03/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Microsoft
O43 - CFD: 21/08/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Microsoft Games
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Microsoft Help
O43 - CFD: 14/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Movavi
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Mozilla
O43 - CFD: 16/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\NikLicenseFiles
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Opera Software
O43 - CFD: 24/03/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Local\PackageAware =>PUP.Optional.BearShare
O43 - CFD: 16/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Packages
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Programs
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\RockMelt
O43 - CFD: 26/11/2015 - [] RSHD -- C:\Users\WeLtMeiSteR\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Skype
O43 - CFD: 18/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 16/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Software =>PUP.Optional.Boxore
O43 - CFD: 26/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Sony
O43 - CFD: 02/12/2015 - [0] RSHD -- C:\Users\WeLtMeiSteR\AppData\Local\Start
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\SubtitleCreator
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Temp
O43 - CFD: 15/11/2014 - [0] SHD -- C:\Users\WeLtMeiSteR\AppData\Local\Temporary Internet Files
O43 - CFD: 18/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\True BoxShot
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\TuneUp Software
O43 - CFD: 16/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\videoconverter
O43 - CFD: 24/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\VirtualStore
O43 - CFD: 14/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Wondershare
O43 - CFD: 02/09/2015 - [] RD -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 28/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mead & Company
O43 - CFD: 02/12/2015 - [] RD -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp

---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll ©

---\\ ShareTools MSconfig StartupReg (8) - 3s
O53 - SMSR:HKLM\...\startupreg\BtvStack [Key] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ©
O53 - SMSR:HKLM\...\startupreg\EPSON SX230 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE ©
O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe ©
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe ©
O53 - SMSR:HKLM\...\startupreg\NUSB3MON [Key] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe ©
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent\uTorrent.exe
O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ©
O53 - SMSR:HKLM\...\startupreg\Xvid [Key] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe

---\\ System Drivers List (125) - 40s
O58 - SDL:2011/05/13 18:57:58 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [43320] ©
O58 - SDL:2015/06/02 17:38:12 A . (.Copyright (C) Performix LLC 2015 - Adguard WFP network driver.) -- C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [55800]
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] ©
O58 - SDL:2014/09/16 01:29:04 A . (.Advanced Micro Devices - AMD ACP Kernel Service Driver.) -- C:\Windows\System32\drivers\amdacpksd.sys [293088] ©
O58 - SDL:2013/12/12 02:32:24 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmpfd.sys [36608] ©
O58 - SDL:2015/11/29 19:56:30 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] ©
O58 - SDL:2009/07/14 04:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] ©
O58 - SDL:2015/11/29 19:56:30 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] ©
O58 - SDL:2014/08/11 02:33:54 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athrx.sys [4060672] ©
O58 - SDL:2014/09/16 01:26:58 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [16750080] ©
O58 - SDL:2014/09/16 00:59:06 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [576000] ©
O58 - SDL:2009/06/10 23:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] ©
O58 - SDL:2015/05/15 06:09:47 A . (. - bdark.) -- C:\Windows\System32\drivers\bdark64.sys [78792]
O58 - SDL:2015/03/05 08:12:10 A . (.Baidu, Inc. - Baidu Antivirus Sandbox.) -- C:\Windows\System32\drivers\BdSandbox.sys [236920] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\drivers\Bfilter.sys [62920] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\drivers\Bfmon.sys [38344] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\drivers\bnbasex64.sys [62792] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\drivers\bndef64.sys [485672] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\drivers\Bprotect.sys [169416] ©
O58 - SDL:2015/03/31 09:22:56 A . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\drivers\BprotectEx.sys [93512] ©
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] ©
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] ©
O58 - SDL:2009/07/14 04:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] ©
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] ©
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] ©
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] ©
O58 - SDL:2012/08/19 21:36:42 A . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\drivers\btath_a2dp.sys [344216] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\drivers\btath_avdt.sys [114840] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\drivers\btath_bus.sys [33944] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\drivers\btath_flt.sys [88728] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\drivers\btath_hcrp.sys [178840] ©
O58 - SDL:2012/08/19 21:36:46 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\drivers\btath_lwflt.sys [77464] ©
O58 - SDL:2012/08/19 21:36:46 A . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\drivers\btath_rcp.sys [135832] ©
O58 - SDL:2014/12/31 16:25:40 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys [590024] ©
O58 - SDL:2009/06/10 23:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] ©
O58 - SDL:2009/07/14 04:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] ©
O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\Windows\System32\drivers\cm_km.sys [389816] ©
O58 - SDL:2015/07/23 23:07:21 A . (.Connectify - NDIS filter driver.) -- C:\Windows\System32\drivers\cnnctfy2.sys [31344] ©
O58 - SDL:2015/07/24 13:04:24 A . (.Connectify - NDISRD helper driver.) -- C:\Windows\System32\drivers\cnnctfy3.sys [35352] ©
O58 - SDL:2011/12/05 16:22:30 A . (.ZTEMT Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys [120704]
O58 - SDL:2009/07/14 04:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] ©
O58 - SDL:2009/06/10 23:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] ©
O58 - SDL:2010/10/08 11:59:40 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys [32768] ©
O58 - SDL:2011/12/31 04:20:58 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys [225920] ©
O58 - SDL:2012/04/26 06:04:11 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys [450048] ©
O58 - SDL:2010/09/26 13:09:28 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [22016] ©
O58 - SDL:2010/07/27 04:52:16 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [117248] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [90112] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [104448] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [76800] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [30720] ©
O58 - SDL:2012/04/23 04:58:46 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [238080] ©
O58 - SDL:2010/03/20 07:06:58 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [13952] ©
O58 - SDL:2009/06/10 23:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] ©
O58 - SDL:2011/11/10 01:04:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [60184] ©
O58 - SDL:2011/05/13 18:58:16 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [30008] ©
O58 - SDL:2010/11/20 16:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] ©
O58 - SDL:2015/05/08 02:20:26 A . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\drivers\hssdrv6.sys [44744] ©
O58 - SDL:2013/11/08 11:22:00 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [632168] ©
O58 - SDL:2013/11/08 11:22:00 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008] ©
O58 - SDL:2015/11/29 19:56:30 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] ©
O58 - SDL:2015/06/12 05:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] ©
O58 - SDL:2014/03/20 08:40:46 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5363520] ©
O58 - SDL:2009/07/14 04:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] ©
O58 - SDL:2014/12/31 16:26:51 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [454416] ©
O58 - SDL:2013/04/26 11:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880] ©
O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys [478392] ©
O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\Windows\System32\drivers\klbackupdisk.sys [53432] ©
O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_wlh_x64].) -- C:\Windows\System32\drivers\klbackupflt.sys [70000] ©
O58 - SDL:2015/06/06 08:51:00 A . (.Kaspersky Lab ZAO - Virtual Disk [fre_wnet_x64].) -- C:\Windows\System32\drivers\kldisk.sys [68280] ©
O58 - SDL:2015/12/02 03:34:16 A . (.AO Kaspersky Lab - Filter Core [fre_wlh_x64].) -- C:\Windows\System32\drivers\klflt.sys [181640]
O58 - SDL:2015/12/02 03:33:00 A . (.AO Kaspersky Lab - klhk [fre_wlh_x64].) -- C:\Windows\System32\drivers\klhk.sys [227000]
O58 - SDL:2015/12/02 16:26:27 A . (.AO Kaspersky Lab - Core System Interceptors [fre_wlh_x64].) -- C:\Windows\System32\drivers\klif.sys [940928]
O58 - SDL:2015/06/11 19:32:42 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\Windows\System32\drivers\klim6.sys [39096] ©
O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_wlh_x64].) -- C:\Windows\System32\drivers\klkbdflt.sys [41144] ©
O58 - SDL:2015/06/07 01:50:04 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_wlh_x64].) -- C:\Windows\System32\drivers\klmouflt.sys [41648] ©
O58 - SDL:2015/12/02 03:34:17 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\Windows\System32\drivers\klpd.sys [41352]
O58 - SDL:2015/06/11 15:56:56 A . (.Kaspersky Lab ZAO - Network filtering component [fre_wnet_amd64.) -- C:\Windows\System32\drivers\kltdi.sys [65208] ©
O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\Windows\System32\drivers\klwtp.sys [103096] ©
O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\Windows\System32\drivers\kneps.sys [187056] ©
O58 - SDL:2015/06/24 21:51:03 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi.sys [81768]
O58 - SDL:2015/06/24 21:51:03 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi64.sys [56680]
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] ©
O58 - SDL:2010/08/06 02:43:20 A . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\drivers\mod7700.sys [1001472]
O58 - SDL:2009/07/14 04:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] ©
O58 - SDL:2012/05/10 16:33:54 A . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\nusb3hub.sys [97792] ©
O58 - SDL:2012/05/10 16:33:56 A . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\Windows\System32\drivers\nusb3xhc.sys [217600] ©
O58 - SDL:2015/11/29 19:56:30 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] ©
O58 - SDL:2015/11/29 19:56:30 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] ©
O58 - SDL:2009/07/14 04:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] ©
O58 - SDL:2009/07/14 04:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] ©
O58 - SDL:2015/12/02 01:04:49 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\rjpxmink.sys [450504] ©
O58 - SDL:2014/12/31 16:47:52 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [942808] ©
O58 - SDL:2014/12/31 16:47:27 A . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\RTL8187.sys [448512] ©
O58 - SDL:2010/03/31 17:10:18 A . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187B.sys [450048] ©
O58 - SDL:2010/04/01 20:01:10 A . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8187Se.sys [442368] ©
O58 - SDL:2012/05/19 00:50:04 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192ce.sys [878696] ©
O58 - SDL:2011/06/20 23:07:08 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192se.sys [1225832] ©
O58 - SDL:2010/12/22 22:24:00 A . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\drivers\rtl819xp.sys [626792] ©
O58 - SDL:2012/05/22 18:54:30 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [1142416] ©
O58 - SDL:2011/07/13 04:29:22 A . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver.) -- C:\Windows\System32\drivers\rtwlanu.sys [1045608] ©
O58 - SDL:2009/06/10 23:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2009/07/14 04:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] ©
O58 - SDL:2009/07/14 04:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] ©
O58 - SDL:2015/11/22 04:04:05 A . (.Sunplus - AVStream.) -- C:\Windows\System32\drivers\SPUVCBv_x64.sys [674592] ©
O58 - SDL:2014/12/31 16:25:31 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [103448] ©
O58 - SDL:2009/07/14 04:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] ©
O58 - SDL:2014/12/31 16:24:42 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt64.sys [543744] ©
O58 - SDL:2015/11/28 18:57:34 A . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) -- C:\Windows\System32\drivers\SWDUMon.sys [16056]
O58 - SDL:2014/05/16 15:45:48 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\Windows\System32\drivers\SynTP.sys [540160] ©
O58 - SDL:2015/05/08 02:22:16 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184] ©
O58 - SDL:2014/10/10 09:37:16 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [129312] ©
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] ©
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] ©
O58 - SDL:2015/11/04 14:57:55 A . (...) -- C:\Windows\System32\drivers\wintvnetwork.sys [139952]

---\\ Last modified or created user files (7) - 121s
O61 - LFC: 2015/12/02 18:55:02 A . (..) -- C:\Users\WeLtMeiSteR\Downloads\isotousb_setup [1].exe [553059]
O61 - LFC: 2015/12/03 05:41:47 A . (..) -- C:\Users\WeLtMeiSteR\Downloads\Programs\reshacker_setup.exe [2781137]
O61 - LFC: 2015/12/02 20:55:59 A . (..) -- C:\Users\WeLtMeiSteR\AppData\Roaming\AMD\GLCache\5b29effe650b9c07_21.bin [4216877]
O61 - LFC: 2015/12/02 20:32:27 A . (..) -- C:\Users\WeLtMeiSteR\AppData\Roaming\AMD\GLCache\b169ddc631f65d92_21.bin [29718]
O61 - LFC: 2015/11/30 22:51:42 A . (.Software Internet Application.) -- C:\Users\WeLtMeiSteR\AppData\Local\isotousb_setup.exe [1014921]
O61 - LFC: 2015/11/28 18:57:34 A . (.SlimWare Utilities, Inc..) -- C:\Users\WeLtMeiSteR\AppData\Local\SlimWare Utilities Inc\SlimDrivers\SWDUMon.sys [16056]
O61 - LFC: 2015/12/01 14:48:55 A . (..) -- C:\Users\WeLtMeiSteR\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [129040]

---\\ File Associations Shell Spawning (10) - 3s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Copyright (C) 2011 - spark.) -- C:\PROGRAM FILES (X86)\BAIDU\BAIDU BROWSER\SPARK.EXE
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe ©

---\\ Search Browser Infection (2) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [859648] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [680960] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [681984] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2606080] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [90624] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] ©

---\\ Firewall Active Exception List (11) - 3s
O87 - FAEL: "TCP Query User{0463C377-CB78-4044-A09D-7E9FF17407D5}C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe
O87 - FAEL: "UDP Query User{984C8F2C-F470-4BC3-AE41-D8661A9BB151}C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe
O87 - FAEL: "{F0B44C5A-2DF1-45BD-BAF9-D4CE26960D8F}" [In-None-P17-TRUE] .(...) -- C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
O87 - FAEL: "{7CD309B9-7431-46B4-8614-6E1843CA8919}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{084EB4DD-3CC9-418F-A0D9-C4D67E726AC1}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{07F2DAD8-554D-44EE-995B-1C3871A51B7F}C:\program files (x86)\photodex\proshow gold\proshow.exe" [In-None-P6-TRUE] .(.Photodex - ProShow.) -- C:\program files (x86)\photodex\proshow gold\proshow.exe
O87 - FAEL: "UDP Query User{918BBE76-02DE-4426-B9DB-78078FA5D012}C:\program files (x86)\photodex\proshow gold\proshow.exe" [In-None-P17-TRUE] .(.Photodex - ProShow.) -- C:\program files (x86)\photodex\proshow gold\proshow.exe
O87 - FAEL: "{C6E9A64E-8B57-4EE2-8BAA-F83D1B60B7BE}" [In-None-P6-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
O87 - FAEL: "{EE4BBC18-1EB3-47E4-A358-35137745B6C9}" [In-None-P17-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
O87 - FAEL: "TCP Query User{10D8A215-842C-457A-BE7D-D3D18B5A7A64}C:\program files (x86)\deepnet explorer\deepnet.exe" [In-None-P6-TRUE] .(.Deepnet Technologies - Deepnet.) -- C:\program files (x86)\deepnet explorer\deepnet.exe
O87 - FAEL: "UDP Query User{07F3F80D-D462-47E1-825B-0EB7F24AAAAF}C:\program files (x86)\deepnet explorer\deepnet.exe" [In-None-P17-TRUE] .(.Deepnet Technologies - Deepnet.) -- C:\program files (x86)\deepnet explorer\deepnet.exe

---\\ Services not Microsoft (SR=Run, SS=Stop) (37) - 101s

SS - Demand [12/06/2015] [ 82112] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [30/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [04/11/2015] [ 827680] Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ©
SR - Auto [31/12/2014] [ 89600] Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe ©
SR - Auto [16/09/2014] [ 239616] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe ©
SS - Demand [19/08/2012] [ 211584] AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe ©
SR - Auto [02/12/2015] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe ©
SR - Auto [16/04/2010] [ 36864] B-Link11nCU (B-Link11nCU) . (.Realtek.) - C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe ©
SS - Demand [17/12/2014] [ 208928] Baidu MoboMarket Service (BASSVC) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.4379\bassvc.exe ©
SR - Auto [03/07/2015] [ 2572928] Baidu Antivirus Service (BavSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe ©
SS - Demand [05/03/2015] [ 490528] Baidu BdSandbox Virtual Service (BdSandboxSrv) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BdSandboxSrv64.exe ©
SR - Auto [03/07/2015] [ 531232] Baidu Hips Service (BHipsSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe ©
SS - Demand [24/06/2015] [ 315240] Clean Master Core Service (cmcore) . (.Kingsoft Corporation.) - c:\program files (x86)\cmcm\Clean Master\cmcore.exe
SS - Demand [24/03/2014] [ 487936] Connectify (Connectify) . (.Connectify.) - C:\Program Files (x86)\Connectify\ConnectifyService.exe ©
SS - Demand [09/04/2014] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe ©
SS - Demand [12/01/2011] [ 168448] EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE ©
SS - Demand [12/01/2011] [ 131072] EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE ©
SR - Auto [13/05/2011] [ 30520] HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe ©
SR - Auto [14/03/2011] [ 346976] HWDeviceService64.exe (HWDeviceService64.exe) . (.Copyright (C) 2008.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - Auto [08/11/2013] [ 15720] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe ©
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe ©
SR - Auto [07/03/2012] [ 629984] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SR - Auto [10/10/2014] [ 158496] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
SR - Auto [30/04/2015] [ 2748720] LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited.) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe ©
SS - Demand [09/10/2015] [ 2934048] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe ©
SS - Demand [10/10/2014] [ 409376] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SR - Demand [07/05/2015] [ 1714448] Baidu PC Faster Service 5.1.0.0 (PCFasterSvc_{PCFaster_5.1.0.0}) . (.Baidu, Inc..) - C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe ©
SS - Demand [23/12/2011] [ 655712] reber Quick. OUC (reber Quick. RunOuc) . (...) - C:\Program Files (x86)\reber Quick\UpdateDog\ouc.exe
SR - Auto [30/04/2015] [ 17768] IE Search Set (SearchProtectionService) . (.Copyright © 2014.) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
SR - Demand [16/11/2015] [ 245016] SlimWare Utility Service Launcher (SlimService) . (.SlimWare Utilities, Inc..) - C:\Program Files\SlimService\SlimServiceFactory.exe
SS - Demand [05/11/2015] [ 97080] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe
SS - Demand [13/03/2015] [ 1359040] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe
SR - Auto [31/12/2014] [ 327680] @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\stacsv64.exe ©
SS - Demand [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe
SS - Demand [09/11/2008] [ 602392] Yahoo! Updater (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe ©
SR - Auto [19/08/2012] [ 323584] ZAtheros Bt&Wlan Coex Agent (ZAtheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ©

---\\ Search Tracing Registry Key (8) - 4s
HKLM\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASMANCS =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\Reimage_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\Reimage_RASMANCS =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASAPI32 =>PUP.Optional.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASAPI32 =>PUP.Optional.CrossBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASMANCS =>PUP.Optional.CrossBrowser

---\\ Additional Scan (O88) (63) - 1s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995} =>PUP.Optional.Graftor
C:\Program Files (x86)\SaverExteinsion =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46} =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} =>PUP.Optional.Multiplug
C:\Program Files (x86)\Ed2kHelper =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51417852-174C-88D4-34A0-D0FE7858BE47} =>PUP.Optional.Multiplug
C:\Program Files (x86)\CouupExteeNsionn =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54} =>PUP.Optional.Multiplug
C:\Program Files (x86)\New Tab Redirect Plus =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} =>PUP.Optional.Multiplug
C:\Program Files (x86)\BuitSaVeer =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1} =>PUP.Optional.Multiplug
C:\Program Files (x86)\DiscountExtenSia =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9} =>PUP.Optional.Multiplug
C:\Program Files (x86)\PHP Notepad =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA1838EF-A497-194E-3850-37A62CEE398B} =>PUP.Optional.Multiplug
C:\Program Files (x86)\50CaouPons =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CF987D06-1DCF-7B36-5B43-13BC8699C44C} =>PUP.Optional.Multiplug
C:\Program Files (x86)\Haeppy22SaavE =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170} =>PUP.Optional.Multiplug
C:\Program Files (x86)\Better CDCS =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\b838b835-8636-e368-5f87-c3652edc7963 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ExpressFiles =>PUP.Optional.ExpressFiles
HKLM\SOFTWARE\Wow6432Node\PIP =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\SiteSee =>PUP.Optional.SiteSee
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\ExpressFiles =>PUP.Optional.ExpressFiles
HKCU\SOFTWARE\oTweak =>PUP.Optional.oTweak
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\reimagerepair =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
C:\Program Files (x86)\DoowNNSavve =>PUP.Optional.Multiplug
C:\Program Files (x86)\FunDealsi =>PUP.Optional.Multiplug
C:\Program Files (x86)\oTweak =>PUP.Optional.oTweak
C:\Program Files (x86)\Reimageplus.com =>PUP.Optional.ReImageRepair
C:\Program Files (x86)\StatMaker =>PUP.Optional.Graftor
C:\Program Files (x86)\TampaGeneration =>PUP.Optional.TampaGeneration
C:\Program Files (x86)\uniisales =>PUP.Optional.Multiplug
C:\Program Files (x86)\unisiales =>PUP.Optional.Multiplug
C:\Program Files (x86)\unnisualiess =>PUP.Optional.Multiplug
C:\ProgramData\AollSauvver =>PUP.Optional.Multiplug
C:\ProgramData\NewSeaVVer =>PUP.Optional.Multiplug
C:\ProgramData\RegularrDeoaLs =>PUP.Optional.Multiplug
C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
C:\Users\WeLtMeiSteR\AppData\Roaming\ExpressFiles =>PUP.Optional.ExpressFiles
C:\Users\WeLtMeiSteR\AppData\Roaming\Performersoft =>PUP.Optional.PerformerSoft
C:\Users\WeLtMeiSteR\AppData\Roaming\RHEng =>PUP.Optional.Conduit
C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser =>PUP.Optional.CrossBrowser
C:\Users\WeLtMeiSteR\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\WeLtMeiSteR\AppData\Local\PackageAware =>PUP.Optional.BearShare
C:\Users\WeLtMeiSteR\AppData\Local\Software =>PUP.Optional.Boxore
C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
HKLM64\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASMANCS =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\Reimage_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\Reimage_RASMANCS =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASAPI32 =>PUP.Optional.TornTV
HKLM64\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASAPI32 =>PUP.Optional.CrossBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASMANCS =>PUP.Optional.CrossBrowser

---\\ Summary of the elements found (19) - 0s
http://www.nicolascoolman.fr/?p=2460 =>PUP.Optional.Graftor
http://www.nicolascoolman.fr/?p=1402 =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=1272 =>PUP.Optional.ExpressFiles
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SiteSee
http://www.nicolascoolman.fr/?p=1128 =>PUP.Optional.YourFileDownloader
http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.oTweak
http://www.nicolascoolman.fr/?p=1075 =>PUP.Optional.ReImageRepair
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.CrossBrowser
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.TampaGeneration
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.PerformerSoft
http://www.nicolascoolman.fr/?p=2156 =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/?p=343 =>PUP.Optional.BearShare
http://www.nicolascoolman.fr/?p=90 =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/?p=290 =>PUP.Optional.TornTV

~ End of the scan, 29229 items in 383 seconds (1310)(0)
---\\ Internet Browsers (2) - 0s
OPIE: Opera 33.0.1990.115 v33.0.1990.115
MSIE: Internet Explorer v9.0.8112.16421

---\\ Windows Product Information (4) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (1) - 2s
Kaspersky Total Security v16.0.0.614

---\\ System protection software (Superfluous) (1) - 2s
Ad-Aware Web Companion v1.1.987.2028

---\\ System optimization software (2) - 2s
CCleaner v4.16
Wise Registry Cleaner 8.72 v8.72

---\\ Surveillance software (2) - 2s
Adobe Flash Player 19 PPAPI
Adobe Reader XI

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4127.088 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 25 GB () free of 75 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: PC
~ User Name: WeLtMeiSteR
~ Logged in as Administrator

---\\ Enumeration of the disk units (4) - 0s
~ Drive C: has 25 GB free of 75 GB (System)
~ Drive D: has 49 GB free of 210 GB
~ Drive E: has 22 GB free of 215 GB
~ Drive F: has 36 GB free of 215 GB

---\\ State of the Windows Security Center (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (25) - 1s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 20/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] ©
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] ©
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] ©
[MD5.07F88A53AE1F2CE176543D684C54F74F] - 03/09/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1392128] ©
[MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] ©
[MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] ©
[MD5.492D07D79E7024CA310867B526D9636D] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] ©
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] ©
[MD5.FA886682CFC5D36718D3E436AACF10B9] - 30/05/2014 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497152] ©
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] ©
[MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] ©
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] ©
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] ©
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] ©
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] ©
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] ©
[MD5.1877EB1495CFBDAB27D6A32F6DDF3818] - 01/07/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] ©
[MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] ©
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 24/01/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684928] ©
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] ©
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] ©
[MD5.1B6163C503398B23FF8B939C67747683] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] ©
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] ©
[MD5.70988118145F5F10EF24720B97F35F65] - 11/11/2014 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] ©
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] ©

---\\ Software installed (104) - 12s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: 50CaouPons - (."".) [HKLM][64Bits] -- {CF987D06-1DCF-7B36-5B43-13BC8699C44C} =>PUP.Optional.Multiplug
O42 - Logiciel: AD Sound Recorder 5.5.4 - (.Adrosoft.) [HKLM][64Bits] -- AD Sound Recorder_is1 ©
O42 - Logiciel: Ad-Aware Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {AEC923AC-C3BE-4A7C-8CEB-6822C888CF2E} ©
O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Adobe Flash Player 19 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI ©
O42 - Logiciel: Adobe Reader XI (11.0.11) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824144531} ©
O42 - Logiciel: Advanced SystemCare 9 - (.IObit.) [HKLM][64Bits] -- Advanced SystemCare_is1 ©
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C2956908-53A3-88FC-B795-B16508296FC4} ©
O42 - Logiciel: AMD Wireless Display v3.0 - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {C16CD4C0-48EE-0F40-C9FD-0778EAF73FBD} ©
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} ©
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL ©
O42 - Logiciel: AVI ReComp 1.5.6 - (.Mateusz Gola (aka Prozac).) [HKLM][64Bits] -- AVI ReComp
O42 - Logiciel: Baidu Antivirus - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu Antivirus ©
O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM][64Bits] -- Spark
O42 - Logiciel: Baidu PC Faster - (.Baidu, Inc..) [HKLM][64Bits] -- Baidu PC Faster 5.1.0.0 ©
O42 - Logiciel: Better CDCS - (."".) [HKLM][64Bits] -- {F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} =>PUP.Optional.Multiplug
O42 - Logiciel: B-Link Wireless LAN Driver and Utility - (.SHENZHEN BILIAN ELECTRONIC CO.,LTD.) [HKLM][64Bits] -- {9C049499-055C-4a0c-A916-1D12314F45EB}
O42 - Logiciel: BuitSaVeer - (."".) [HKLM][64Bits] -- {A3FC46A0-9B62-0EF3-B475-743B3A2762B1} =>PUP.Optional.Multiplug
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} ©
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} ©
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} ©
O42 - Logiciel: Clean Master - (.Cheetah Mobile.) [HKLM][64Bits] -- Clean Master
O42 - Logiciel: Connectify - (.Connectify.) [HKLM][64Bits] -- Connectify ©
O42 - Logiciel: CouupExteeNsionn - (."".) [HKLM][64Bits] -- {6933C2BA-C67D-42C7-8C77-1FF4B364AF54} =>PUP.Optional.Multiplug
O42 - Logiciel: Deepnet Explorer - (...) [HKLM][64Bits] -- Deepnet Explorer
O42 - Logiciel: DiscountExtenSia - (."".) [HKLM][64Bits] -- {B138259A-351E-33FA-2726-8D71704F1DA9} =>PUP.Optional.Multiplug
O42 - Logiciel: Ed2kHelper - (."".) [HKLM][64Bits] -- {51417852-174C-88D4-34A0-D0FE7858BE47} =>PUP.Optional.Multiplug
O42 - Logiciel: EPSON SX230 Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM][64Bits] -- EPSON SX230 Series ©
O42 - Logiciel: FlowStone FL 3.0 - (...) [HKLM][64Bits] -- FlowStone
O42 - Logiciel: FormatFactory 3.0.1 - (.Free Time.) [HKLM][64Bits] -- FormatFactory ©
O42 - Logiciel: Haeppy22SaavE - (."".) [HKLM][64Bits] -- {E957849A-94AC-6F46-4623-C31474E3C170} =>PUP.Optional.Multiplug
O42 - Logiciel: Highlight to Search - (...) [HKLM][64Bits] -- {AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {C2306F93-60AC-4401-B600-453376E771EC} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {E0729EA8-444C-4AAF-AB69-3CE907F60A38} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {FE51B16C-A025-418A-A5D6-07D93B643AFB} ©
O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {4332723E-06E5-47F8-B106-8A2971B01368} ©
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} ©
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {9E9C290F-18E8-412D-B4F2-6CD6B45E47C0} ©
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} ©
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {171C7193-1BB5-4619-BF23-E962598CAB13} ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager ©
O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM][64Bits] -- IObitUninstall ©
O42 - Logiciel: JMicron Flash Media Controller Driver - (.JMicron Technology Corp..) [HKLM][64Bits] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C} ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} ©
O42 - Logiciel: Kaspersky Total Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} ©
O42 - Logiciel: K-Lite Codec Pack 7.1.0 (Basic) - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: L&H TTS3000 Français - (...) [HKLM][64Bits] -- LHTTSFRF
O42 - Logiciel: LavasoftTcpService - (.Lavasoft.) [HKLM][64Bits] -- {5916A24B-59A4-4FDB-9753-499CB1F65362} ©
O42 - Logiciel: Mega Bloc Notes 5.2.0 - (.Pierre MOATI.) [HKLM][64Bits] -- MegaBlocNotes
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} ©
O42 - Logiciel: MPC-HC 1.7.7 (64-bit) - (.MPC-HC Team.) [HKLM][64Bits] -- {2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1 ©
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {077FFB21-CBD4-11E3-BBED-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {7EEFA2B0-292C-11E2-AF85-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D66B7840-6A9B-11E4-8FED-F04DA23A5C58} ©
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {FEBBB8C0-8DD6-11E3-B8B6-F04DA23A5C58} ©
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} ©
O42 - Logiciel: New Tab Redirect Plus - (."".) [HKLM][64Bits] -- {76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} =>PUP.Optional.Multiplug
O42 - Logiciel: Opera Stable 33.0.1990.115 - (.Opera Software.) [HKLM][64Bits] -- Opera 33.0.1990.115 ©
O42 - Logiciel: PDFill PDF Editor with FREE Writer and FREE Tools - (.PlotSoft LLC.) [HKLM][64Bits] -- {D1399216-81B2-457C-A0F7-73B9A2EF6902} ©
O42 - Logiciel: PHP Notepad - (."".) [HKLM][64Bits] -- {CA1838EF-A497-194E-3850-37A62CEE398B} =>PUP.Optional.Multiplug
O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Communications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801} ©
O42 - Logiciel: Qualcomm Atheros Driver Installation Program - (.Qualcomm Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7} ©
O42 - Logiciel: QUICKfind server v1.1 - (.IDM.) [HKLM][64Bits] -- QUICKfind ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Realtek WLAN Driver - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9D3D8C60-A55F-4fed-B2B9-173001290E16} ©
O42 - Logiciel: reber Quick - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- reber Quick ©
O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] -- Recuva ©
O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM][64Bits] -- {5442DAB8-7177-49E1-8B22-09A049EA5996} ©
O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM][64Bits] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} ©
O42 - Logiciel: Resource Hacker Version 4.2.5 - (...) [HKLM][64Bits] -- ResourceHacker_is1
O42 - Logiciel: SaverExteinsion - (."".) [HKLM][64Bits] -- {274E3C5C-178E-EAE2-A52F-2863C0EECD46} =>PUP.Optional.Multiplug
O42 - Logiciel: SkypEmoticons - (...) [HKLM][64Bits] -- SkypEmoticons_is1
O42 - Logiciel: SmartSound Common Data - (.SmartSound Software Inc..) [HKLM][64Bits] -- {B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} ©
O42 - Logiciel: SmartSound Common Data - (.SmartSound Software Inc..) [HKLM][64Bits] -- InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8} ©
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- {2F8BA3FD-1FA9-4279-B696-712ABB12F09F} ©
O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM][64Bits] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F} ©
O42 - Logiciel: StatMaker - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995} =>PUP.Optional.Graftor
O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM][64Bits] -- IObit Surfing Protection_is1 ©
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey ©
O42 - Logiciel: Topaz Adjust 5 - (.Topaz Labs, LLC.) [HKLM][64Bits] -- Topaz Adjust 5 ©
O42 - Logiciel: Topaz Fusion Express 2 - (.Topaz Labs.) [HKLM][64Bits] -- Topaz Fusion Express 2 ©
O42 - Logiciel: Topaz Fusion Express 2 (64-bit) - (.Topaz Labs.) [HKLM][64Bits] -- Topaz Fusion Express 2 (64-bit) ©
O42 - Logiciel: Topaz ReStyle - (.Topaz Labs, LLC.) [HKLM][64Bits] -- Topaz ReStyle ©
O42 - Logiciel: Topaz Simplify 4 - (.Topaz Labs, LLC.) [HKLM][64Bits] -- Topaz Simplify 4 ©
O42 - Logiciel: uniisales - (...) [HKLM][64Bits] -- {4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} =>PUP.Optional.Multiplug
O42 - Logiciel: VobSub 2.23 - (.Gabest.) [HKLM][64Bits] -- VobSub
O42 - Logiciel: Web Companion - (.Lavasoft.) [HKLM][64Bits] -- {AEC923AC-C3BE-4A7C-8CEB-6822C888CF2E}_WebCompanion ©
O42 - Logiciel: Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (12/0 - (.Google, Inc..) [HKLM][64Bits] -- 30B2813B1F17EF6D99360A190E7F0D3BA2F0DC3C ©
O42 - Logiciel: WinRAR 5.00 beta 5 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: Wise Registry Cleaner 8.72 - (.WiseCleaner.com, Inc..) [HKLM][64Bits] -- Wise Registry Cleaner_is1 ©
O42 - Logiciel: Wondershare Video Editor(Build 5.1.1) - (.Wondershare Software.) [HKLM][64Bits] -- Wondershare Video Editor_is1 ©
O42 - Logiciel: Xilisoft Video Converter Ultimate - (.Xilisoft.) [HKLM][64Bits] -- Xilisoft Video Converter Ultimate ©
O42 - Logiciel: Xvid 1.2.2 - (.Koepi's build.) [HKLM][64Bits] -- Xvid_is1
O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM][64Bits] -- Xvid Video Codec 1.3.2 ©
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger ©
O42 - Logiciel: Yahoo! Software Update - (...) [HKLM][64Bits] -- Yahoo! Software Update

---\\ HKCU & HKLM Software Keys (186) - 12s
HKLM\SOFTWARE\Wow6432Node\"charlie_installer"/n
HKLM\SOFTWARE\Wow6432Node\ACE Compression Software
HKLM\SOFTWARE\Wow6432Node\Adguard
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Aimersoft
HKLM\SOFTWARE\Wow6432Node\AMD
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\ASIO
HKLM\SOFTWARE\Wow6432Node\ASIO4ALL
HKLM\SOFTWARE\Wow6432Node\Atheros
HKLM\SOFTWARE\Wow6432Node\ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Audiolib
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\AVG
HKLM\SOFTWARE\Wow6432Node\AVI ReComp
HKLM\SOFTWARE\Wow6432Node\b838b835-8636-e368-5f87-c3652edc7963 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\Baidu Security
HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos
HKLM\SOFTWARE\Wow6432Node\BSD
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\CloudOpt
HKLM\SOFTWARE\Wow6432Node\CloudOPTInfo
HKLM\SOFTWARE\Wow6432Node\cmcm
HKLM\SOFTWARE\Wow6432Node\Connectify
HKLM\SOFTWARE\Wow6432Node\Deepnet Explorer
HKLM\SOFTWARE\Wow6432Node\DeskShare
HKLM\SOFTWARE\Wow6432Node\DSPRobotics
HKLM\SOFTWARE\Wow6432Node\EPSON
HKLM\SOFTWARE\Wow6432Node\ExpressFiles =>PUP.Optional.ExpressFiles
HKLM\SOFTWARE\Wow6432Node\Freemake
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\hdcode
HKLM\SOFTWARE\Wow6432Node\HotspotShield
HKLM\SOFTWARE\Wow6432Node\Huawei technologies
HKLM\SOFTWARE\Wow6432Node\IDM
HKLM\SOFTWARE\Wow6432Node\Image-Line
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\ISO-to-USB_1351-Setup
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\L&H
HKLM\SOFTWARE\Wow6432Node\Lavasoft
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MeadCo
HKLM\SOFTWARE\Wow6432Node\megablocnote
HKLM\SOFTWARE\Wow6432Node\MimarSinan
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\NCH Software
HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PIP =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\PlotSoft
HKLM\SOFTWARE\Wow6432Node\Qualcomm Atheros
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\RtWLan
HKLM\SOFTWARE\Wow6432Node\SiteSee =>PUP.Optional.SiteSee
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc
HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc.
HKLM\SOFTWARE\Wow6432Node\SmartSound Software
HKLM\SOFTWARE\Wow6432Node\SoftVoice
HKLM\SOFTWARE\Wow6432Node\Sony Creative Software
HKLM\SOFTWARE\Wow6432Node\Topaz Labs
HKLM\SOFTWARE\Wow6432Node\TuneUp
HKLM\SOFTWARE\Wow6432Node\TweakBit
HKLM\SOFTWARE\Wow6432Node\Voice
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WiseCleaner
HKLM\SOFTWARE\Wow6432Node\WnSoft
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\Xilisoft
HKLM\SOFTWARE\Wow6432Node\Xvid Team
HKLM\SOFTWARE\Wow6432Node\Yahoo
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Adrosoft
HKCU\SOFTWARE\AMD
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ASIO4ALL v2 by Wuschel
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\AVI ReComp
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BSD
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\cmcm
HKCU\SOFTWARE\Corel
HKCU\SOFTWARE\DebugKHelp
HKCU\SOFTWARE\Deepnet Explorer
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Easy-Hide-IP VPN
HKCU\SOFTWARE\Enigma Protector
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\EWS
HKCU\SOFTWARE\ExpressFiles =>PUP.Optional.ExpressFiles
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Freeware
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\i-FunBox.com
HKCU\SOFTWARE\IE Tab
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Image Content Technology
HKCU\SOFTWARE\Image-Line
HKCU\SOFTWARE\Imagenomic
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\InterVideo
HKCU\SOFTWARE\Karlis Blumentals
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\MyXOFT
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\NCH Swift Sound
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\Nik Software
HKCU\SOFTWARE\notepad
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\oTweak =>PUP.Optional.oTweak
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PlotSoft
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\reimagerepair =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\RSpark
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\SimonTatham
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SlimWare Utilities Inc
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
HKCU\SOFTWARE\softorbits
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\TerraInformatica
HKCU\SOFTWARE\TopazLabs
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TrueBoxShot
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Ulead
HKCU\SOFTWARE\Ulead Systems
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WnSoft
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\WSVCUPlugin
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Yahoo

---\\ Non Microsoft non disabled Windows Services (16) - 2s
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit - Advanced SystemCare Service.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ©
O23 - Service: Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\IDT\WDM\AESTSr64.exe ©
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe ©
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe ©
O23 - Service: B-Link11nCU (B-Link11nCU) . (.Realtek - RtlService MFC Application.) - C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe ©
O23 - Service: Baidu Antivirus Service (BavSvc) . (.Baidu, Inc. - Baidu Antivirus Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe ©
O23 - Service: Baidu Hips Service (BHipsSvc) . (.Baidu, Inc. - Baidu Antivirus Hips Service.) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe ©
O23 - Service: HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe ©
O23 - Service: HWDeviceService64.exe (HWDeviceService64.exe) . (.Copyright (C) 2008 - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe ©
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
O23 - Service: LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited - .) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe ©
O23 - Service: IE Search Set (SearchProtectionService) . (.Copyright © 2014 - SPWindowsService.) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
O23 - Service: @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv64.exe ©
O23 - Service: ZAtheros Bt&Wlan Coex Agent (ZAtheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ©

---\\ Task Planned Automatically (25) - 4s
[MD5.70685AC6E02E9C2DFB88D4851954F5B4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998088] ©
[MD5.280A526E8111AC6A5BCC1A059E1E0340] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.DC7D54AE67F4D5F065F19011E3D123C2] [APT] [ASC9_PerformanceMonitor] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [1517344] ©
[MD5.DC86206A5417525117C417DC1D58D183] [APT] [ASC9_SkipUac_WeLtMeiSteR] (.IObit.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [4999968] ©
[MD5.1F44D3D5ABF62003BF5926BB66F3EC65] [APT] [Baidu Antivirus Update] (.Baidu, Inc..) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavUpdater.exe [3274528] ©
[MD5.909A77678E447339DB1880CDB1EA2F47] [APT] [Baidu PC Faster Service] (.Baidu, Inc..) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448] ©
[MD5.1E5F6A7543B676324A95E4474762F363] [APT] [Baidu PC Faster Update] (.Baidu, Inc..) -- C:\Program Files (x86)\PC Faster\5.1.0.0\Updater.exe [1359120] ©
[MD5.88077CF32319BEE612C82EBF54680DE8] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4626712] ©
[MD5.51A2632AAFF24229FB500BC52CFECBF2] [APT] [Opera scheduled Autoupdate 1416104143] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [948856] ©
[MD5.7DBA1F4E48C3FEAA34F6648A469F210D] [APT] [SparkUpdater] (.Baidu.com, Inc..) -- C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [1372472]
[MD5.AF54EF98D4D20840235D1FCB0DB3AE3A] [APT] [Uninstaller_SkipUac_WeLtMeiSteR] (.IObit.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4865312] ©
[MD5.31448B27C126A6DECE8120324BBC4D79] [APT] [WRCSkipUAC] (.WiseCleaner.com.) -- C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [3445192] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] ©
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3888] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3770] ©
O39 - APT: ASC9_PerformanceMonitor - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_PerformanceMonitor [3204] ©
O39 - APT: ASC9_SkipUac_WeLtMeiSteR - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_SkipUac_WeLtMeiSteR [2892] ©
O39 - APT: Baidu Antivirus Update - (.Baidu, Inc..) -- C:\Windows\System32\Tasks\Baidu Antivirus Update [3468] ©
O39 - APT: Baidu PC Faster Service - (.Baidu, Inc..) -- C:\Windows\System32\Tasks\Baidu PC Faster Service [3674] ©
O39 - APT: Baidu PC Faster Update - (.Baidu, Inc..) -- C:\Windows\System32\Tasks\Baidu PC Faster Update [3724] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2786] ©
O39 - APT: Opera scheduled Autoupdate 1416104143 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416104143 [3842] ©
O39 - APT: SparkUpdater - (.Baidu.com, Inc..) -- C:\Windows\System32\Tasks\SparkUpdater [4110]
O39 - APT: Uninstaller_SkipUac_WeLtMeiSteR - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_WeLtMeiSteR [2928] ©
O39 - APT: WRCSkipUAC - (.WiseCleaner.com.) -- C:\Windows\System32\Tasks\WRCSkipUAC [3078] ©

---\\ Process running (41) - 1s
[MD5.A1936493AC94D7C4350327049ED5B953] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680] [PID.436] ©
[MD5.F17B1902DFCED1C24DB57492A7896FF8] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [239616] [PID.1084] ©
[MD5.897C1273B7D74E19DDA7EBF495BF0133] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\stacsv64.exe [327680] [PID.1256] ©
[MD5.FC7C13B5A9E9BE23B7AE72BBC7FDB278] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\System32\Hpservice.exe [30520] [PID.1528] ©
[MD5.C2E89DF8C68BF676AA2690FEFE3C2043] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [619008] [PID.1640] ©
[MD5.A6FB9DB8F1A86861D955FD6975977AE0] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\Program Files\IDT\WDM\AESTSr64.exe [89600] [PID.2332] ©
[MD5.50C3C62FFE6337E6E4F2F01CB07DF63C] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe [194000] [PID.2360] ©
[MD5.EA569D48B2E755AF6D96F03F3335D98A] - (.Realtek - RtlService MFC Application.) -- C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe [36864] [PID.2408] ©
[MD5.B8408423BF7A25D5A11CE53BE7680301] - (.Realtek Semiconductor Corp. - RtWLan.) -- C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtWLan.exe [1961984] [PID.2436] ©
[MD5.69F918D9C2991226BBAB914C429F466A] - (.Baidu, Inc. - Baidu Antivirus Service.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe [2572928] [PID.2444] ©
[MD5.DC7D54AE67F4D5F065F19011E3D123C2] - (.IObit - Performance Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [1517344] [PID.2692] ©
[MD5.9E2EBFAB12A9F91FB89DCE6A7D475174] - (.Baidu, Inc. - Baidu Antivirus Hips Service.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe [531232] [PID.2748] ©
[MD5.E90DA42B87D684DEBFB73B38A718A006] - (.Copyright (C) 2008 - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService64.exe [346976] [PID.3068]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.2512] ©
[MD5.0043EC20C06FD9FE339B5D37474B731E] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [629984] [PID.2024] ©
[MD5.71412A396A63B5123EB134A624D4CC48] - (.Lavasoft Limited - .) -- C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2748720] [PID.2796] ©
[MD5.7CD1112772DEA1500E3C0684D6E93FCB] - (.Copyright © 2014 - SPWindowsService.) -- C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [17768] [PID.3080]
[MD5.31A85304F914C7F48B4B6C9B8078C501] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe [1664000] [PID.3988] ©
[MD5.2C78CB3320998F23C1E70A7453AF86A9] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [172016] [PID.4040] ©
[MD5.4F64EEC70495C61E76785236A3EA3BF3] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [399856] [PID.444] ©
[MD5.75186D02630109E9045BCFD677507CF4] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2825456] [PID.1576] ©
[MD5.C0F28122ABC09F7D7EC224E2F8DE4327] - (.Connectify - Connectify Hotspot.) -- C:\Program Files (x86)\Connectify\Connectify.exe [4170528] [PID.1292] ©
[MD5.73F8700DB9F9344D8564E9D50AEBDC3A] - (.Connectify - Connectify Dispatch.) -- C:\Program Files (x86)\Connectify\DispatchUI.exe [2217760] [PID.1544] ©
[MD5.5E38FC48BFC05DDAB644C0C645396748] - (.Slimware Utilities Holdings, Inc. - SlimCleaner Plus.) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [26179864] [PID.3816]
[MD5.918C73F0275D7813E6F01E100B39DBD9] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584] [PID.4424] ©
[MD5.AA6B542E0CBBF704CBA58CB8F074B41A] - (.SlimWare Utilities, Inc. - SlimServiceFactory.) -- C:\Program Files\SlimService\SlimServiceFactory.exe [245016] [PID.2064]
[MD5.3E15C2DBC338ACC2DAA132B290E99E5F] - (.SlimWare Utilities, Inc. - SlimService.) -- C:\Program Files\SlimService\SlimService.exe [4821272] [PID.5156]
[MD5.4ED9384529BED5AE37FD13ED9A2354EC] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [200944] [PID.5376] ©
[MD5.1251E5861A822764DAD25552FF78179D] - (.Baidu, Inc. - Baidu Antivirus Hook Monitor.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\bavhm.exe [447984] [PID.5812] ©
[MD5.7CEC6E1B6E2F540120025DCDBC07EA90] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.6164] ©
[MD5.5AA6357A56B79B46C904173B87070D37] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3882576] [PID.6252] ©
[MD5.EFA3DEAC7254F19FC53C241425A32921] - (.AO Kaspersky Lab - WMI x64 Helper.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\wmi64.exe [21488] [PID.6932]
[MD5.932A21CF0DA4E951C7C4A62D27E6D8FB] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avpui.exe [211712] [PID.7016] ©
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.6224] ©
[MD5.811EDCF199557324A51BF944F8226622] - (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavTray.exe [1997296] [PID.3044] ©
[MD5.909A77678E447339DB1880CDB1EA2F47] - (.Baidu, Inc. - Baidu PC Faster Service.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448] [PID.4080] ©
[MD5.909A77678E447339DB1880CDB1EA2F47] - (.Baidu, Inc. - Baidu PC Faster Service.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe [1714448] [PID.5108] ©
[MD5.1CF45B67AF6370CAF2E7622B3EBC34AC] - (.Baidu, Inc. - PC Faster Tray.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe [2333152] [PID.8084] ©
[MD5.445314773746F320CEA0D6975A075CA4] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZHP\ZHPDiag3.exe [1979392] [PID.7868] ©
[MD5.445314773746F320CEA0D6975A075CA4] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZHP\ZHPDiag3.exe [1979392] [PID.8092] ©
[MD5.48F3E5A87D0FBA6EACAC740AF4C6310E] - (.Baidu, Inc. - Baidu Antivirus ReportCommRetry.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\ReportCommRetryPCF.exe [220528] [PID.8744] ©

---\\ Google Chrome, Start,Search,Extensions (1) - 0s
G2 - GCE: Preference [User Data\Default] [fcfenmboojpjinhpgggodefccipikbpd] __MSG_ExtnName__

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll ©
P2 - FPN: [HKLM] [@meadco.com/neptune plugin,version=2.0.0.29] - (.MeadCo Corp..) -- C:\Program Files (x86)\MeadCo Neptune\npmeadax.dll

---\\ Opera, Plugins,Start,Search (1) - 0s
B2 - EXT: [Opera Stable] C:\Users\WeLtMeiSteR\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp

---\\ Internet Explorer Extensions, Start, Search (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (18)

---\\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} (Orphean)
O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\IEExt\ie_plugin.dll

---\\ Internet Explorer Toolbars (1) - 0s
O3 - Toolbar: (no name) - [HKLM]{3507FA00-ADA2-4A02-99B9-51AD26CA9120} (Orphean)

---\\ Auto loading programs from Registry and folders (23) - 1s
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe ©
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe ©
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [Connectify Hotspot] . (.Connectify - Connectify Hotspot.) -- C:\Program Files (x86)\Connectify\Connectify.exe ©
O4 - HKLM\..\Run: [Connectify Dispatch] . (.Connectify - Connectify Dispatch.) -- C:\Program Files (x86)\Connectify\DispatchUI.exe ©
O4 - HKCU\..\Run: [EPSON SX230 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE ©
O4 - HKCU\..\Run: [SlimCleaner Plus] . (.Slimware Utilities Holdings, Inc. - SlimCleaner Plus.) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- c:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Baidu Antivirus] . (.Baidu, Inc. - Baidu Antivirus Tray Application.) -- C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavTray.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 5.1.0.0] . (.Baidu, Inc. - PC Faster Tray.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Baidu PC Faster 4.0.0.0] . (.Baidu, Inc. - PC Faster Tray.) -- C:\Program Files (x86)\PC Faster\5.1.0.0\PCFTray.exe ©
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe ©
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe ©
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe ©
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe ©
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-21-1056088385-1201271728-3744532705-1000\..\Run: [EPSON SX230 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE ©
O4 - HKUS\S-1-5-21-1056088385-1201271728-3744532705-1000\..\Run: [SlimCleaner Plus] . (.Slimware Utilities Holdings, Inc. - SlimCleaner Plus.) -- C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
O4 - HKUS\S-1-5-21-1056088385-1201271728-3744532705-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©

---\\ Global shortcuts Startup (3) - 3s
O4 - GS\Quicklaunch [Administrator]: CrossBrowser.lnk . (...) C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
O4 - GS\Quicklaunch [Guest]: CrossBrowser.lnk . (...) C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
O4 - GS\Quicklaunch [WeLtMeiSteR]: CrossBrowser.lnk . (...) C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser

---\\ Winsock hijacker (Layered Service Provider) (5) - 1s
O10 - WLSP:\Catalog_Entries64\000000000001\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000002\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000003\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000004\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries64\000000000021\Winsock LSP File . (.EasyTech.) -- C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock

---\\ Lop.com/Domain Hijackers (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 95.170.200.200 93.91.200.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 95.170.200.200 93.91.200.200
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 95.170.200.200 93.91.200.200
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ Extra protocols (26) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: gopher [64Bits] - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ©

---\\ Contents of the Common Files folders (398) - 39s
O43 - CFD: 19/02/2015 - [] D -- C:\Program Files (x86)\ AV Vcs 7.0
O43 - CFD: 15/03/2015 - [] D -- C:\Program Files (x86)\50CaouPons
O43 - CFD: 27/02/2015 - [] D -- C:\Program Files (x86)\AD Sound Recorder
O43 - CFD: 30/11/2015 - [0] D -- C:\Program Files (x86)\Adguard
O43 - CFD: 07/04/2015 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 29/05/2015 - [0] D -- C:\Program Files (x86)\Aimersoft
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files (x86)\AoaoPhoto Digital Studio
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 12/03/2015 - [] D -- C:\Program Files (x86)\Auralog
O43 - CFD: 25/05/2015 - [] D -- C:\Program Files (x86)\AVG
O43 - CFD: 18/02/2015 - [] D -- C:\Program Files (x86)\AVI ReComp
O43 - CFD: 04/09/2015 - [0] D -- C:\Program Files (x86)\AVN Products
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\B-Link
O43 - CFD: 25/03/2015 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 03/07/2015 - [] D -- C:\Program Files (x86)\Baidu Security
O43 - CFD: 15/03/2015 - [] D -- C:\Program Files (x86)\Better CDCS
O43 - CFD: 27/11/2014 - [] D -- C:\Program Files (x86)\Bluetooth Suite
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\BuitSaVeer =>PUP.Optional.Multiplug
O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 24/06/2015 - [] D -- C:\Program Files (x86)\cmcm
O43 - CFD: 31/10/2015 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 24/07/2015 - [0] D -- C:\Program Files (x86)\compfix
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\Connectify
O43 - CFD: 23/02/2015 - [] D -- C:\Program Files (x86)\Corel
O43 - CFD: 06/02/2015 - [] D -- C:\Program Files (x86)\CouupExteeNsionn =>PUP.Optional.Multiplug
O43 - CFD: 14/05/2015 - [] D -- C:\Program Files (x86)\Deepnet Explorer
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\DiscountExtenSia =>PUP.Optional.Multiplug
O43 - CFD: 23/02/2015 - [] D -- C:\Program Files (x86)\DoowNNSavve =>PUP.Optional.Multiplug
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Driver Checker
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\DSPRobotics
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files (x86)\Easy-Hide-IP VPN
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\Ed2kHelper
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\Free Window Registry Repair
O43 - CFD: 20/06/2015 - [0] D -- C:\Program Files (x86)\Freemake
O43 - CFD: 20/12/2014 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\FunDealsi =>PUP.Optional.Multiplug
O43 - CFD: 18/02/2015 - [] D -- C:\Program Files (x86)\Gabest
O43 - CFD: 22/11/2015 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 17/05/2015 - [0] D -- C:\Program Files (x86)\goopad
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\Haeppy22SaavE =>PUP.Optional.Multiplug
O43 - CFD: 26/11/2014 - [] D -- C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\Highlight to Search
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\Hotspot Shield
O43 - CFD: 01/12/2015 - [] D -- C:\Program Files (x86)\IDM
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\Image-Line
O43 - CFD: 20/11/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 01/01/2015 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 03/09/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 22/11/2015 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 18/11/2014 - [] D -- C:\Program Files (x86)\JMicron
O43 - CFD: 04/09/2015 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\Kaspersky Lab
O43 - CFD: 25/05/2015 - [] D -- C:\Program Files (x86)\Lavasoft
O43 - CFD: 01/12/2015 - [] D -- C:\Program Files (x86)\Longman
O43 - CFD: 28/05/2015 - [] D -- C:\Program Files (x86)\MeadCo Neptune
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Microsoft
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 05/01/2015 - [] D -- C:\Program Files (x86)\MKVToolNix
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Movavi Video Converter 15
O43 - CFD: 21/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 24/06/2015 - [0] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 27/02/2015 - [] D -- C:\Program Files (x86)\MyXOFT
O43 - CFD: 20/06/2015 - [] D -- C:\Program Files (x86)\NCH Software
O43 - CFD: 06/02/2015 - [] D -- C:\Program Files (x86)\New Tab Redirect Plus
O43 - CFD: 03/12/2015 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 16/11/2014 - [0] D -- C:\Program Files (x86)\oTweak =>PUP.Optional.oTweak
O43 - CFD: 02/07/2015 - [] D -- C:\Program Files (x86)\PC Faster
O43 - CFD: 16/03/2015 - [] D -- C:\Program Files (x86)\Photodex
O43 - CFD: 25/09/2015 - [] D -- C:\Program Files (x86)\Photoshop CS6
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\PHP Notepad
O43 - CFD: 12/04/2015 - [] D -- C:\Program Files (x86)\PlotSoft
O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\Qualcomm Atheros
O43 - CFD: 20/06/2015 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\Realtek WLAN Driver
O43 - CFD: 07/08/2015 - [] D -- C:\Program Files (x86)\reber Quick
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 01/01/2015 - [] D -- C:\Program Files (x86)\Reimageplus.com =>PUP.Optional.ReImageRepair
O43 - CFD: 18/11/2014 - [] D -- C:\Program Files (x86)\Renesas Electronics
O43 - CFD: 03/12/2015 - [] D -- C:\Program Files (x86)\Resource Hacker
O43 - CFD: 30/01/2015 - [] D -- C:\Program Files (x86)\SaverExteinsion =>PUP.Optional.Multiplug
O43 - CFD: 30/01/2015 - [] D -- C:\Program Files (x86)\Send Link by Email or Gmail
O43 - CFD: 02/12/2015 - [] D -- C:\Program Files (x86)\SEO Website Analysis
O43 - CFD: 30/12/2014 - [] D -- C:\Program Files (x86)\SmartSound Software
O43 - CFD: 26/09/2015 - [] D -- C:\Program Files (x86)\Sony
O43 - CFD: 30/07/2015 - [0] D -- C:\Program Files (x86)\StatFoobar
O43 - CFD: 15/05/2015 - [0] D -- C:\Program Files (x86)\StatMaker =>PUP.Optional.Graftor
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\SubtitleCreator
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\TabsPlus
O43 - CFD: 16/02/2015 - [0] D -- C:\Program Files (x86)\TampaGeneration =>PUP.Optional.TampaGeneration
O43 - CFD: 20/06/2015 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 20/06/2015 - [0] D -- C:\Program Files (x86)\TerminusDefender
O43 - CFD: 23/03/2015 - [] D -- C:\Program Files (x86)\Topaz Labs
O43 - CFD: 18/05/2015 - [] D -- C:\Program Files (x86)\TweakBit
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\Tweaking.com
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\uniisales =>PUP.Optional.Multiplug
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\unisiales =>PUP.Optional.Multiplug
O43 - CFD: 06/09/2015 - [] D -- C:\Program Files (x86)\Universal Mind
O43 - CFD: 16/01/2015 - [] D -- C:\Program Files (x86)\unnisualiess =>PUP.Optional.Multiplug
O43 - CFD: 24/04/2015 - [0] D -- C:\Program Files (x86)\UpgradeLeader
O43 - CFD: 02/09/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Windows Live SkyDrive
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 04/08/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 24/06/2015 - [] D -- C:\Program Files (x86)\Wise
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files (x86)\WnSoft PicturesToExe
O43 - CFD: 15/03/2015 - [] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Xilisoft
O43 - CFD: 18/02/2015 - [] D -- C:\Program Files (x86)\Xvid
O43 - CFD: 24/12/2014 - [] D -- C:\Program Files (x86)\Yahoo!
O43 - CFD: 31/12/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AD Sound Recorder
O43 - CFD: 26/06/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\B-Link 11n USB Wireless LAN Utility
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Antivirus
O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser
O43 - CFD: 03/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 02/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
O43 - CFD: 14/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deepnet Explorer
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 20/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
O43 - CFD: 16/11/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
O43 - CFD: 19/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 18/05/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 10/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
O43 - CFD: 24/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 02/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 05/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
O43 - CFD: 16/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
O43 - CFD: 12/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill
O43 - CFD: 07/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reber Quick
O43 - CFD: 19/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
O43 - CFD: 03/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
O43 - CFD: 01/08/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons
O43 - CFD: 29/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 24/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
O43 - CFD: 18/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True BoxShot
O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
O43 - CFD: 18/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
O43 - CFD: 19/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
O43 - CFD: 18/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
O43 - CFD: 22/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\2f73a9e1eef825d0
O43 - CFD: 30/11/2015 - [] D -- C:\ProgramData\Adguard
O43 - CFD: 26/04/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\Aimersoft Video Converter Ultimate
O43 - CFD: 25/11/2014 - [0] D -- C:\ProgramData\AMD
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\AollSauvver =>PUP.Optional.Multiplug
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\Apple
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 27/11/2014 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 01/12/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\AVG
O43 - CFD: 02/07/2015 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\Baidu Security
O43 - CFD: 02/12/2015 - [0] D -- C:\ProgramData\BavSvc_exe
O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\BCloudScan_exe
O43 - CFD: 04/11/2015 - [0] D -- C:\ProgramData\Cache
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\cmcm
O43 - CFD: 16/11/2014 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Connectify
O43 - CFD: 27/04/2015 - [] D -- C:\ProgramData\cutevideocutterfree
O43 - CFD: 07/08/2015 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\Easy-Hide-IP VPN
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\eSellerate
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 19/05/2015 - [0] D -- C:\ProgramData\feaa68f000005594
O43 - CFD: 20/06/2015 - [0] D -- C:\ProgramData\Freemake
O43 - CFD: 16/01/2015 - [] D -- C:\ProgramData\Google
O43 - CFD: 19/05/2015 - [] D -- C:\ProgramData\GroupPolicy
O43 - CFD: 26/11/2015 - [] D -- C:\ProgramData\Hotspot Shield
O43 - CFD: 16/11/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 18/05/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 22/11/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 17/01/2015 - [] D -- C:\ProgramData\IsolatedStorage
O43 - CFD: 03/12/2015 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 24/06/2015 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\Lavasoft
O43 - CFD: 20/06/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 29/08/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 16/02/2015 - [] D -- C:\ProgramData\Movavi
O43 - CFD: 14/09/2015 - [] D -- C:\ProgramData\Movavi Video Converter 15
O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 17/03/2015 - [] D -- C:\ProgramData\NCH Software
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\NewSeaVVer =>PUP.Optional.Multiplug
O43 - CFD: 30/11/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 02/07/2015 - [] D -- C:\ProgramData\PC Faster
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Photodex
O43 - CFD: 12/04/2015 - [0] D -- C:\ProgramData\PlotSoft
O43 - CFD: 22/11/2015 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\Protexis64
O43 - CFD: 25/11/2014 - [] D -- C:\ProgramData\Qualcomm Atheros
O43 - CFD: 15/07/2015 - [] D -- C:\ProgramData\reber Quick
O43 - CFD: 24/01/2015 - [] D -- C:\ProgramData\RegularrDeoaLs =>PUP.Optional.Multiplug
O43 - CFD: 24/06/2015 - [0] D -- C:\ProgramData\Skype
O43 - CFD: 25/11/2015 - [] D -- C:\ProgramData\SlimWare Utilities Inc
O43 - CFD: 18/05/2015 - [] D -- C:\ProgramData\SlimWare Utilities, Inc
O43 - CFD: 30/12/2014 - [] D -- C:\ProgramData\SmartSound Software Inc
O43 - CFD: 26/09/2015 - [] D -- C:\ProgramData\Sony
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 16/11/2014 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\TweakBit
O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Wondershare Video Editor
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\XDMessagingv4
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Xilisoft
O43 - CFD: 22/12/2014 - [] D -- C:\ProgramData\Yahoo!
O43 - CFD: 04/05/2015 - [] D -- C:\ProgramData\{2c189564-8fd0-8147-2c18-895648fd5592}
O43 - CFD: 15/05/2015 - [] D -- C:\ProgramData\{393f89fa-6997-cfe7-393f-f89fa69927e9}
O43 - CFD: 18/05/2015 - [] D -- C:\ProgramData\{3f779e7e-3005-4ed7-3f77-79e7e30079f8}
O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\{73657672-ac5d-3ae7-7365-57672ac5d9ca}
O43 - CFD: 17/05/2015 - [] D -- C:\ProgramData\{776c412d-ad55-2b2d-776c-c412dad504b6}
O43 - CFD: 24/03/2015 - [] HDC -- C:\ProgramData\{7E8842F4-ECF1-457B-9B22-AA8299B810D9}
O43 - CFD: 16/01/2015 - [] D -- C:\ProgramData\{8185900e-8a1c-9d42-8185-5900e8a1403a}
O43 - CFD: 16/01/2015 - [] D -- C:\ProgramData\{947e691a-274f-d443-947e-e691a274a468}
O43 - CFD: 04/08/2015 - [] D -- C:\ProgramData\{a539fbff-b972-5d86-a539-9fbffb97effe}
O43 - CFD: 31/12/2014 - [0] D -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
O43 - CFD: 13/06/2015 - [] D -- C:\ProgramData\{bf9a13e9-69be-b8ff-bf9a-a13e969b4fa5}
O43 - CFD: 24/03/2015 - [] HDC -- C:\ProgramData\{D9F9C87D-6338-4977-AD5C-EE6EE6F6B6EC}
O43 - CFD: 21/11/2015 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 31/03/2015 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 07/04/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 30/12/2014 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 27/11/2014 - [] D -- C:\Program Files (x86)\Common Files\Atheros
O43 - CFD: 19/02/2015 - [] D -- C:\Program Files (x86)\Common Files\ConvexSoft
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 21/11/2014 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 16/11/2014 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 21/11/2015 - [] D -- C:\Program Files (x86)\Common Files\IObit
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 01/01/2015 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 25/02/2015 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software
O43 - CFD: 27/11/2014 - [] D -- C:\Program Files (x86)\Common Files\QCA_Bluetooth
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 24/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Topaz Labs
O43 - CFD: 19/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 27/02/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AD Sound Recorder
O43 - CFD: 11/04/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Adobe
O43 - CFD: 14/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Aegisub
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Aimersoft Video Converter Ultimate
O43 - CFD: 03/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AMD
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Anvsoft
O43 - CFD: 31/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Apple Computer
O43 - CFD: 27/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Atheros
O43 - CFD: 24/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ATI
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Avant Downloader
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Avant Profiles
O43 - CFD: 01/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AVAST Software
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AVG
O43 - CFD: 29/10/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\AVI ReComp
O43 - CFD: 21/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\avidemux
O43 - CFD: 19/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Avnex
O43 - CFD: 02/08/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Baidu
O43 - CFD: 23/11/2014 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\BandExtend
O43 - CFD: 03/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\BavMini
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Deepnet Explorer
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\DMCache
O43 - CFD: 18/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Easeware
O43 - CFD: 15/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ExpressFiles =>PUP.Optional.ExpressFiles
O43 - CFD: 14/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\fontconfig
O43 - CFD: 29/06/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Google
O43 - CFD: 24/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Heavy Village
O43 - CFD: 26/11/2014 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Hewlett-Packard
O43 - CFD: 26/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Hotspot Shield
O43 - CFD: 26/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\hpqLog
O43 - CFD: 15/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Identities
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IDM
O43 - CFD: 24/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IDT
O43 - CFD: 18/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\iFunbox_UserCache
O43 - CFD: 25/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Image-Line
O43 - CFD: 18/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Imagenomic
O43 - CFD: 03/04/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ImTOO Software Studio
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Innovative Solutions
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\InstallShield
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Intel Corporation
O43 - CFD: 21/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IObit
O43 - CFD: 17/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\IsolatedStorage
O43 - CFD: 23/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\KastorFreeAudioExtractor
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Lavasoft
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Media Center Programs
O43 - CFD: 03/12/2015 - [] SD -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\mkvtoolnix
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Mozilla
O43 - CFD: 01/12/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\MPC-HC
O43 - CFD: 17/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\NCH Software
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Netscape
O43 - CFD: 18/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Nik Software
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Opera Software
O43 - CFD: 02/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\PC Faster
O43 - CFD: 03/07/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Performersoft =>PUP.Optional.PerformerSoft
O43 - CFD: 30/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Performix LLC
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Photodex
O43 - CFD: 31/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ProductData
O43 - CFD: 17/01/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Publish Providers
O43 - CFD: 25/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\RHEng =>PUP.Optional.Conduit
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\rmi
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Skype
O43 - CFD: 24/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\SkypEmoticons
O43 - CFD: 26/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Sony
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\TuneUp Software
O43 - CFD: 23/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Ulead Systems
O43 - CFD: 01/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent
O43 - CFD: 17/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Vegasaur
O43 - CFD: 17/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\WinRAR
O43 - CFD: 24/06/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Wise Registry Cleaner
O43 - CFD: 09/10/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\WiseUpdate
O43 - CFD: 21/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Xilisoft
O43 - CFD: 30/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Yahoo!
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZHP
O43 - CFD: 05/08/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZTEEVDO
O43 - CFD: 05/08/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\ZTEMTUI
O43 - CFD: 23/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\{37E99E86-D615-4B08-937F-F8F935C455F3}_ANZHUANG
O43 - CFD: 25/05/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 29/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Adobe
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\AHD
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Aimersoft
O43 - CFD: 15/11/2014 - [0] SHD -- C:\Users\WeLtMeiSteR\AppData\Local\Application Data
O43 - CFD: 24/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\ATI
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Avg
O43 - CFD: 27/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\BMExplorer
O43 - CFD: 03/12/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Local\CrashDumps
O43 - CFD: 01/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser =>PUP.Optional.CrossBrowser
O43 - CFD: 14/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Diagnostics
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Downloaded Installations
O43 - CFD: 25/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Downloaded Installers
O43 - CFD: 31/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\FreemakeVideoConverter
O43 - CFD: 23/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 16/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Google
O43 - CFD: 15/11/2014 - [0] SHD -- C:\Users\WeLtMeiSteR\AppData\Local\History
O43 - CFD: 12/12/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\IE Tab
O43 - CFD: 25/11/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Innovative Solutions
O43 - CFD: 17/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\IsolatedStorage
O43 - CFD: 25/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Lavasoft
O43 - CFD: 18/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Macromedia
O43 - CFD: 03/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Microsoft
O43 - CFD: 21/08/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Microsoft Games
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Microsoft Help
O43 - CFD: 14/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Movavi
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Mozilla
O43 - CFD: 16/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\NikLicenseFiles
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Opera Software
O43 - CFD: 24/03/2015 - [0] D -- C:\Users\WeLtMeiSteR\AppData\Local\PackageAware =>PUP.Optional.BearShare
O43 - CFD: 16/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Packages
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Programs
O43 - CFD: 14/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\RockMelt
O43 - CFD: 26/11/2015 - [] RSHD -- C:\Users\WeLtMeiSteR\AppData\Local\S-1-5-31-1286970278978-5713669491-166975984-320
O43 - CFD: 16/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Skype
O43 - CFD: 18/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\SlimWare Utilities Inc
O43 - CFD: 16/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Software =>PUP.Optional.Boxore
O43 - CFD: 26/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Sony
O43 - CFD: 02/12/2015 - [0] RSHD -- C:\Users\WeLtMeiSteR\AppData\Local\Start
O43 - CFD: 05/01/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\SubtitleCreator
O43 - CFD: 03/12/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Temp
O43 - CFD: 15/11/2014 - [0] SHD -- C:\Users\WeLtMeiSteR\AppData\Local\Temporary Internet Files
O43 - CFD: 18/09/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\True BoxShot
O43 - CFD: 16/11/2014 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\TuneUp Software
O43 - CFD: 16/02/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\videoconverter
O43 - CFD: 24/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\VirtualStore
O43 - CFD: 14/03/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Local\Wondershare
O43 - CFD: 02/09/2015 - [] RD -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/07/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 28/05/2015 - [] D -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mead & Company
O43 - CFD: 02/12/2015 - [] RD -- C:\Users\WeLtMeiSteR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp

---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll ©

---\\ ShareTools MSconfig StartupReg (8) - 3s
O53 - SMSR:HKLM\...\startupreg\BtvStack [Key] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe ©
O53 - SMSR:HKLM\...\startupreg\EPSON SX230 Series [Key] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATIHKE.EXE ©
O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe ©
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe ©
O53 - SMSR:HKLM\...\startupreg\NUSB3MON [Key] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe ©
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent\uTorrent.exe
O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ©
O53 - SMSR:HKLM\...\startupreg\Xvid [Key] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe

---\\ System Drivers List (125) - 40s
O58 - SDL:2011/05/13 18:57:58 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [43320] ©
O58 - SDL:2015/06/02 17:38:12 A . (.Copyright (C) Performix LLC 2015 - Adguard WFP network driver.) -- C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [55800]
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] ©
O58 - SDL:2014/09/16 01:29:04 A . (.Advanced Micro Devices - AMD ACP Kernel Service Driver.) -- C:\Windows\System32\drivers\amdacpksd.sys [293088] ©
O58 - SDL:2013/12/12 02:32:24 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmpfd.sys [36608] ©
O58 - SDL:2015/11/29 19:56:30 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] ©
O58 - SDL:2009/07/14 04:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] ©
O58 - SDL:2015/11/29 19:56:30 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] ©
O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] ©
O58 - SDL:2014/08/11 02:33:54 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athrx.sys [4060672] ©
O58 - SDL:2014/09/16 01:26:58 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [16750080] ©
O58 - SDL:2014/09/16 00:59:06 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [576000] ©
O58 - SDL:2009/06/10 23:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] ©
O58 - SDL:2015/05/15 06:09:47 A . (. - bdark.) -- C:\Windows\System32\drivers\bdark64.sys [78792]
O58 - SDL:2015/03/05 08:12:10 A . (.Baidu, Inc. - Baidu Antivirus Sandbox.) -- C:\Windows\System32\drivers\BdSandbox.sys [236920] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\drivers\Bfilter.sys [62920] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu FS Monitor Driver.) -- C:\Windows\System32\drivers\Bfmon.sys [38344] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus NetBase Driver.) -- C:\Windows\System32\drivers\bnbasex64.sys [62792] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus NetDefense Driver.) -- C:\Windows\System32\drivers\bndef64.sys [485672] ©
O58 - SDL:2015/07/03 09:45:49 A . (.Baidu, Inc. - Baidu Antivirus Selfprotect Driver.) -- C:\Windows\System32\drivers\Bprotect.sys [169416] ©
O58 - SDL:2015/03/31 09:22:56 A . (.Baidu, Inc. - Baidu Antivirus Minifilter Driver.) -- C:\Windows\System32\drivers\BprotectEx.sys [93512] ©
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] ©
O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] ©
O58 - SDL:2009/07/14 04:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] ©
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] ©
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] ©
O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] ©
O58 - SDL:2012/08/19 21:36:42 A . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\drivers\btath_a2dp.sys [344216] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\drivers\btath_avdt.sys [114840] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\drivers\btath_bus.sys [33944] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\drivers\btath_flt.sys [88728] ©
O58 - SDL:2012/08/19 21:36:44 A . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\drivers\btath_hcrp.sys [178840] ©
O58 - SDL:2012/08/19 21:36:46 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\drivers\btath_lwflt.sys [77464] ©
O58 - SDL:2012/08/19 21:36:46 A . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\drivers\btath_rcp.sys [135832] ©
O58 - SDL:2014/12/31 16:25:40 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys [590024] ©
O58 - SDL:2009/06/10 23:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] ©
O58 - SDL:2009/07/14 04:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] ©
O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\Windows\System32\drivers\cm_km.sys [389816] ©
O58 - SDL:2015/07/23 23:07:21 A . (.Connectify - NDIS filter driver.) -- C:\Windows\System32\drivers\cnnctfy2.sys [31344] ©
O58 - SDL:2015/07/24 13:04:24 A . (.Connectify - NDISRD helper driver.) -- C:\Windows\System32\drivers\cnnctfy3.sys [35352] ©
O58 - SDL:2011/12/05 16:22:30 A . (.ZTEMT Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\CT_ZTEMT_U_USBSER.sys [120704]
O58 - SDL:2009/07/14 04:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] ©
O58 - SDL:2009/06/10 23:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] ©
O58 - SDL:2010/10/08 11:59:40 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys [32768] ©
O58 - SDL:2011/12/31 04:20:58 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys [225920] ©
O58 - SDL:2012/04/26 06:04:11 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys [450048] ©
O58 - SDL:2010/09/26 13:09:28 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [22016] ©
O58 - SDL:2010/07/27 04:52:16 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [117248] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [90112] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [104448] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [76800] ©
O58 - SDL:2012/04/23 04:57:08 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [30720] ©
O58 - SDL:2012/04/23 04:58:46 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [238080] ©
O58 - SDL:2010/03/20 07:06:58 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [13952] ©
O58 - SDL:2009/06/10 23:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] ©
O58 - SDL:2011/11/10 01:04:14 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [60184] ©
O58 - SDL:2011/05/13 18:58:16 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [30008] ©
O58 - SDL:2010/11/20 16:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] ©
O58 - SDL:2015/05/08 02:20:26 A . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\drivers\hssdrv6.sys [44744] ©
O58 - SDL:2013/11/08 11:22:00 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [632168] ©
O58 - SDL:2013/11/08 11:22:00 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008] ©
O58 - SDL:2015/11/29 19:56:30 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] ©
O58 - SDL:2015/06/12 05:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] ©
O58 - SDL:2014/03/20 08:40:46 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [5363520] ©
O58 - SDL:2009/07/14 04:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] ©
O58 - SDL:2014/12/31 16:26:51 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [454416] ©
O58 - SDL:2013/04/26 11:40:22 A . (.JMicron Technology Corporation - JMicron PCIe Flash Media Controller Driver.) -- C:\Windows\System32\drivers\jmcr.sys [176880] ©
O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys [478392] ©
O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\Windows\System32\drivers\klbackupdisk.sys [53432] ©
O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_wlh_x64].) -- C:\Windows\System32\drivers\klbackupflt.sys [70000] ©
O58 - SDL:2015/06/06 08:51:00 A . (.Kaspersky Lab ZAO - Virtual Disk [fre_wnet_x64].) -- C:\Windows\System32\drivers\kldisk.sys [68280] ©
O58 - SDL:2015/12/02 03:34:16 A . (.AO Kaspersky Lab - Filter Core [fre_wlh_x64].) -- C:\Windows\System32\drivers\klflt.sys [181640]
O58 - SDL:2015/12/02 03:33:00 A . (.AO Kaspersky Lab - klhk [fre_wlh_x64].) -- C:\Windows\System32\drivers\klhk.sys [227000]
O58 - SDL:2015/12/02 16:26:27 A . (.AO Kaspersky Lab - Core System Interceptors [fre_wlh_x64].) -- C:\Windows\System32\drivers\klif.sys [940928]
O58 - SDL:2015/06/11 19:32:42 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\Windows\System32\drivers\klim6.sys [39096] ©
O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_wlh_x64].) -- C:\Windows\System32\drivers\klkbdflt.sys [41144] ©
O58 - SDL:2015/06/07 01:50:04 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_wlh_x64].) -- C:\Windows\System32\drivers\klmouflt.sys [41648] ©
O58 - SDL:2015/12/02 03:34:17 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\Windows\System32\drivers\klpd.sys [41352]
O58 - SDL:2015/06/11 15:56:56 A . (.Kaspersky Lab ZAO - Network filtering component [fre_wnet_amd64.) -- C:\Windows\System32\drivers\kltdi.sys [65208] ©
O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\Windows\System32\drivers\klwtp.sys [103096] ©
O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\Windows\System32\drivers\kneps.sys [187056] ©
O58 - SDL:2015/06/24 21:51:03 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi.sys [81768]
O58 - SDL:2015/06/24 21:51:03 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi64.sys [56680]
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] ©
O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] ©
O58 - SDL:2010/08/06 02:43:20 A . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\drivers\mod7700.sys [1001472]
O58 - SDL:2009/07/14 04:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] ©
O58 - SDL:2012/05/10 16:33:54 A . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\nusb3hub.sys [97792] ©
O58 - SDL:2012/05/10 16:33:56 A . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\Windows\System32\drivers\nusb3xhc.sys [217600] ©
O58 - SDL:2015/11/29 19:56:30 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] ©
O58 - SDL:2015/11/29 19:56:30 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] ©
O58 - SDL:2009/07/14 04:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] ©
O58 - SDL:2009/07/14 04:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] ©
O58 - SDL:2015/12/02 01:04:49 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\rjpxmink.sys [450504] ©
O58 - SDL:2014/12/31 16:47:52 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [942808] ©
O58 - SDL:2014/12/31 16:47:27 A . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\RTL8187.sys [448512] ©
O58 - SDL:2010/03/31 17:10:18 A . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187B.sys [450048] ©
O58 - SDL:2010/04/01 20:01:10 A . (.Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8187Se.sys [442368] ©
O58 - SDL:2012/05/19 00:50:04 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192ce.sys [878696] ©
O58 - SDL:2011/06/20 23:07:08 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\System32\drivers\rtl8192se.sys [1225832] ©
O58 - SDL:2010/12/22 22:24:00 A . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\Windows\System32\drivers\rtl819xp.sys [626792] ©
O58 - SDL:2012/05/22 18:54:30 A . (.Realtek Semiconductor Corporation - Realtek PCIE NDIS Driverr.) -- C:\Windows\System32\drivers\rtwlane.sys [1142416] ©
O58 - SDL:2011/07/13 04:29:22 A . (.Realtek Semiconductor Corporation - Realtek WLAN USB NDIS Driver.) -- C:\Windows\System32\drivers\rtwlanu.sys [1045608] ©
O58 - SDL:2009/06/10 23:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2009/07/14 04:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] ©
O58 - SDL:2009/07/14 04:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] ©
O58 - SDL:2015/11/22 04:04:05 A . (.Sunplus - AVStream.) -- C:\Windows\System32\drivers\SPUVCBv_x64.sys [674592] ©
O58 - SDL:2014/12/31 16:25:31 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [103448] ©
O58 - SDL:2009/07/14 04:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] ©
O58 - SDL:2014/12/31 16:24:42 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt64.sys [543744] ©
O58 - SDL:2015/11/28 18:57:34 A . (.SlimWare Utilities, Inc. - Driver Update Installer Monitor.) -- C:\Windows\System32\drivers\SWDUMon.sys [16056]
O58 - SDL:2014/05/16 15:45:48 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\Windows\System32\drivers\SynTP.sys [540160] ©
O58 - SDL:2015/05/08 02:22:16 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184] ©
O58 - SDL:2014/10/10 09:37:16 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [129312] ©
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] ©
O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] ©
O58 - SDL:2015/11/04 14:57:55 A . (...) -- C:\Windows\System32\drivers\wintvnetwork.sys [139952]

---\\ Last modified or created user files (7) - 121s
O61 - LFC: 2015/12/02 18:55:02 A . (..) -- C:\Users\PC\Downloads\isotousb_setup [1].exe [553059]
O61 - LFC: 2015/12/03 05:41:47 A . (..) -- C:\Users\PC\Downloads\Programs\reshacker_setup.exe [2781137]
O61 - LFC: 2015/12/02 20:55:59 A . (..) -- C:\Users\PC\AppData\Roaming\AMD\GLCache\5b29effe650b9c07_21.bin [4216877]
O61 - LFC: 2015/12/02 20:32:27 A . (..) -- C:\Users\PC\AppData\Roaming\AMD\GLCache\b169ddc631f65d92_21.bin [29718]
O61 - LFC: 2015/11/30 22:51:42 A . (.Software Internet Application.) -- C:\Users\PC\AppData\Local\isotousb_setup.exe [1014921]
O61 - LFC: 2015/11/28 18:57:34 A . (.SlimWare Utilities, Inc..) -- C:\Users\PC\AppData\Local\SlimWare Utilities Inc\SlimDrivers\SWDUMon.sys [16056]
O61 - LFC: 2015/12/01 14:48:55 A . (..) -- C:\Users\PC\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [129040]

---\\ File Associations Shell Spawning (10) - 3s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (12) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Copyright (C) 2011 - spark.) -- C:\PROGRAM FILES (X86)\BAIDU\BAIDU BROWSER\SPARK.EXE
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe ©

---\\ Search Browser Infection (2) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [859648] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [680960] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [681984] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2606080] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [90624] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] ©

---\\ Firewall Active Exception List (11) - 3s
O87 - FAEL: "TCP Query User{0463C377-CB78-4044-A09D-7E9FF17407D5}C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe
O87 - FAEL: "UDP Query User{984C8F2C-F470-4BC3-AE41-D8661A9BB151}C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\users\weltmeister\appdata\roaming\utorrent\utorrent.exe
O87 - FAEL: "{F0B44C5A-2DF1-45BD-BAF9-D4CE26960D8F}" [In-None-P17-TRUE] .(...) -- C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
O87 - FAEL: "{7CD309B9-7431-46B4-8614-6E1843CA8919}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{084EB4DD-3CC9-418F-A0D9-C4D67E726AC1}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\WeLtMeiSteR\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{07F2DAD8-554D-44EE-995B-1C3871A51B7F}C:\program files (x86)\photodex\proshow gold\proshow.exe" [In-None-P6-TRUE] .(.Photodex - ProShow.) -- C:\program files (x86)\photodex\proshow gold\proshow.exe
O87 - FAEL: "UDP Query User{918BBE76-02DE-4426-B9DB-78078FA5D012}C:\program files (x86)\photodex\proshow gold\proshow.exe" [In-None-P17-TRUE] .(.Photodex - ProShow.) -- C:\program files (x86)\photodex\proshow gold\proshow.exe
O87 - FAEL: "{C6E9A64E-8B57-4EE2-8BAA-F83D1B60B7BE}" [In-None-P6-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
O87 - FAEL: "{EE4BBC18-1EB3-47E4-A358-35137745B6C9}" [In-None-P17-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe
O87 - FAEL: "TCP Query User{10D8A215-842C-457A-BE7D-D3D18B5A7A64}C:\program files (x86)\deepnet explorer\deepnet.exe" [In-None-P6-TRUE] .(.Deepnet Technologies - Deepnet.) -- C:\program files (x86)\deepnet explorer\deepnet.exe
O87 - FAEL: "UDP Query User{07F3F80D-D462-47E1-825B-0EB7F24AAAAF}C:\program files (x86)\deepnet explorer\deepnet.exe" [In-None-P17-TRUE] .(.Deepnet Technologies - Deepnet.) -- C:\program files (x86)\deepnet explorer\deepnet.exe

---\\ Services not Microsoft (SR=Run, SS=Stop) (37) - 101s

SS - Demand [12/06/2015] [ 82112] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [30/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [04/11/2015] [ 827680] Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe ©
SR - Auto [31/12/2014] [ 89600] Andrea ST Filters Service (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe ©
SR - Auto [16/09/2014] [ 239616] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe ©
SS - Demand [19/08/2012] [ 211584] AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe ©
SR - Auto [02/12/2015] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\avp.exe ©
SR - Auto [16/04/2010] [ 36864] B-Link11nCU (B-Link11nCU) . (.Realtek.) - C:\Program Files (x86)\B-Link\11n USB Wireless LAN Utility\RtlService.exe ©
SS - Demand [17/12/2014] [ 208928] Baidu MoboMarket Service (BASSVC) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\MoboMarket\1.2.8.4379\bassvc.exe ©
SR - Auto [03/07/2015] [ 2572928] Baidu Antivirus Service (BavSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BavSvc.exe ©
SS - Demand [05/03/2015] [ 490528] Baidu BdSandbox Virtual Service (BdSandboxSrv) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BdSandboxSrv64.exe ©
SR - Auto [03/07/2015] [ 531232] Baidu Hips Service (BHipsSvc) . (.Baidu, Inc..) - C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.4.3.133394.0\BHipsSvc.exe ©
SS - Demand [24/06/2015] [ 315240] Clean Master Core Service (cmcore) . (.Kingsoft Corporation.) - c:\program files (x86)\cmcm\Clean Master\cmcore.exe
SS - Demand [24/03/2014] [ 487936] Connectify (Connectify) . (.Connectify.) - C:\Program Files (x86)\Connectify\ConnectifyService.exe ©
SS - Demand [09/04/2014] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe ©
SS - Demand [12/01/2011] [ 168448] EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE ©
SS - Demand [12/01/2011] [ 131072] EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE ©
SR - Auto [13/05/2011] [ 30520] HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe ©
SR - Auto [14/03/2011] [ 346976] HWDeviceService64.exe (HWDeviceService64.exe) . (.Copyright (C) 2008.) - C:\ProgramData\DatacardService\HWDeviceService64.exe
SR - Auto [08/11/2013] [ 15720] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe ©
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe ©
SR - Auto [07/03/2012] [ 629984] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SR - Auto [10/10/2014] [ 158496] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
SR - Auto [30/04/2015] [ 2748720] LavasoftTcpService (LavasoftTcpService) . (.Lavasoft Limited.) - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe ©
SS - Demand [09/10/2015] [ 2934048] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe ©
SS - Demand [10/10/2014] [ 409376] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SR - Demand [07/05/2015] [ 1714448] Baidu PC Faster Service 5.1.0.0 (PCFasterSvc_{PCFaster_5.1.0.0}) . (.Baidu, Inc..) - C:\Program Files (x86)\PC Faster\5.1.0.0\PCFasterSvc.exe ©
SS - Demand [23/12/2011] [ 655712] reber Quick. OUC (reber Quick. RunOuc) . (...) - C:\Program Files (x86)\reber Quick\UpdateDog\ouc.exe
SR - Auto [30/04/2015] [ 17768] IE Search Set (SearchProtectionService) . (.Copyright © 2014.) - C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
SR - Demand [16/11/2015] [ 245016] SlimWare Utility Service Launcher (SlimService) . (.SlimWare Utilities, Inc..) - C:\Program Files\SlimService\SlimServiceFactory.exe
SS - Demand [05/11/2015] [ 97080] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe
SS - Demand [13/03/2015] [ 1359040] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe
SR - Auto [31/12/2014] [ 327680] @C:\Windows\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\stacsv64.exe ©
SS - Demand [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\x64\vssbridge64.exe
SS - Demand [09/11/2008] [ 602392] Yahoo! Updater (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe ©
SR - Auto [19/08/2012] [ 323584] ZAtheros Bt&Wlan Coex Agent (ZAtheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe ©

---\\ Search Tracing Registry Key (8) - 5s
HKLM\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASMANCS =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\Reimage_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\Reimage_RASMANCS =>PUP.Optional.ReImageRepair
HKLM\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASAPI32 =>PUP.Optional.TornTV
HKLM\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASAPI32 =>PUP.Optional.CrossBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASMANCS =>PUP.Optional.CrossBrowser

---\\ Additional Scan (O88) (63) - 0s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{78b2995} =>PUP.Optional.Graftor
C:\Program Files (x86)\SaverExteinsion =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46} =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E} =>PUP.Optional.Multiplug
C:\Program Files (x86)\Ed2kHelper =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51417852-174C-88D4-34A0-D0FE7858BE47} =>PUP.Optional.Multiplug
C:\Program Files (x86)\CouupExteeNsionn =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6933C2BA-C67D-42C7-8C77-1FF4B364AF54} =>PUP.Optional.Multiplug
C:\Program Files (x86)\New Tab Redirect Plus =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4} =>PUP.Optional.Multiplug
C:\Program Files (x86)\BuitSaVeer =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A3FC46A0-9B62-0EF3-B475-743B3A2762B1} =>PUP.Optional.Multiplug
C:\Program Files (x86)\DiscountExtenSia =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9} =>PUP.Optional.Multiplug
C:\Program Files (x86)\PHP Notepad =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CA1838EF-A497-194E-3850-37A62CEE398B} =>PUP.Optional.Multiplug
C:\Program Files (x86)\50CaouPons =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CF987D06-1DCF-7B36-5B43-13BC8699C44C} =>PUP.Optional.Multiplug
C:\Program Files (x86)\Haeppy22SaavE =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E957849A-94AC-6F46-4623-C31474E3C170} =>PUP.Optional.Multiplug
C:\Program Files (x86)\Better CDCS =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\b838b835-8636-e368-5f87-c3652edc7963 =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Wow6432Node\ExpressFiles =>PUP.Optional.ExpressFiles
HKLM\SOFTWARE\Wow6432Node\PIP =>Toolbar.Ask
HKLM\SOFTWARE\Wow6432Node\SiteSee =>PUP.Optional.SiteSee
HKLM\SOFTWARE\Wow6432Node\YourFileDownloader =>PUP.Optional.YourFileDownloader
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\ExpressFiles =>PUP.Optional.ExpressFiles
HKCU\SOFTWARE\oTweak =>PUP.Optional.oTweak
HKCU\SOFTWARE\Reimage =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\reimagerepair =>PUP.Optional.ReImageRepair
HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic
C:\Windows\system32\EasyRedirect64.dll =>Hijacker.Winsock
C:\Program Files (x86)\DoowNNSavve =>PUP.Optional.Multiplug
C:\Program Files (x86)\FunDealsi =>PUP.Optional.Multiplug
C:\Program Files (x86)\oTweak =>PUP.Optional.oTweak
C:\Program Files (x86)\Reimageplus.com =>PUP.Optional.ReImageRepair
C:\Program Files (x86)\StatMaker =>PUP.Optional.Graftor
C:\Program Files (x86)\TampaGeneration =>PUP.Optional.TampaGeneration
C:\Program Files (x86)\uniisales =>PUP.Optional.Multiplug
C:\Program Files (x86)\unisiales =>PUP.Optional.Multiplug
C:\Program Files (x86)\unnisualiess =>PUP.Optional.Multiplug
C:\ProgramData\AollSauvver =>PUP.Optional.Multiplug
C:\ProgramData\NewSeaVVer =>PUP.Optional.Multiplug
C:\ProgramData\RegularrDeoaLs =>PUP.Optional.Multiplug
C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
C:\Users\PC\AppData\Roaming\ExpressFiles =>PUP.Optional.ExpressFiles
C:\Users\PC\AppData\Roaming\Performersoft =>PUP.Optional.PerformerSoft
C:\Users\PC\AppData\Roaming\RHEng =>PUP.Optional.Conduit
C:\Users\PC\AppData\Local\CrossBrowser =>PUP.Optional.CrossBrowser
C:\Users\PC\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\PC\AppData\Local\PackageAware =>PUP.Optional.BearShare
C:\Users\PC\AppData\Local\Software =>PUP.Optional.Boxore
C:\Users\WeLtMeiSteR\AppData\Local\CrossBrowser\Application\crossbrowser.exe =>PUP.Optional.CrossBrowser
HKLM64\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\ReimageReminder_RASMANCS =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\Reimage_RASAPI32 =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\Reimage_RASMANCS =>PUP.Optional.ReImageRepair
HKLM64\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASAPI32 =>PUP.Optional.TornTV
HKLM64\SOFTWARE\Microsoft\Tracing\TornTVSvc_RASMANCS =>PUP.Optional.TornTV
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASAPI32 =>PUP.Optional.CrossBrowser
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\crossbrowser_RASMANCS =>PUP.Optional.CrossBrowser

---\\ Summary of the elements found (19) - 0s
http://www.nicolascoolman.fr/?p=2460 =>PUP.Optional.Graftor
http://www.nicolascoolman.fr/?p=1402 =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=1272 =>PUP.Optional.ExpressFiles
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SiteSee
http://www.nicolascoolman.fr/?p=1128 =>PUP.Optional.YourFileDownloader
http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.oTweak
http://www.nicolascoolman.fr/?p=1075 =>PUP.Optional.ReImageRepair
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Softonic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.CrossBrowser
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.TampaGeneration
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.PerformerSoft
http://www.nicolascoolman.fr/?p=2156 =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/?p=343 =>PUP.Optional.BearShare
http://www.nicolascoolman.fr/?p=90 =>PUP.Optional.Boxore
http://www.nicolascoolman.fr/?p=290 =>PUP.Optional.TornTV

~ End of the scan, 29240 items in 380 seconds (1310)(0)

Publicité


Signaler le contenu de ce document

Publicité