Publicité
Publicité
Commentaire : Aidez-moi à désintaller baidu svp Merci
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.2.2.24 By Nicolas Coolman (2016/02/02)
~ Run by Sami (Administrator) (2016/02/03 08:22:57)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Sami\Desktop\ZHPDiag.txt
~ Report: C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10586)
---\\ Internet Browsers (1) - 0s
MSIE: Internet Explorer v11.20.10586.0
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (2) - 4s
Kaspersky Internet Security v16.0.0.614
Windows Defender (Deactivate)
---\\ Surveillance software (2) - 5s
Adobe Flash Player 20 NPAPI
Adobe Acrobat Reader DC - Français
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4027.26 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 55 GB () free of 99 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: LUJAIN
~ User Name: Sami
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 55 GB free of 99 GB (System)
~ Drive D: has 122 GB free of 205 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (24) - 1s
[MD5.4572EB3DDBD2DFA10DE7A037A6CC6D53] - 30/10/2015 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4502864] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.CAD491DD9EC00BB841EA407D9C498C4A] - 30/10/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [290856] =>.Microsoft Windows Publisher®
[MD5.AB4C1A9F37C0B8467AC923ED4AD727D6] - 22/11/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2647552] =>.Microsoft Corporation
[MD5.46C8E60DEDBDA95C102D1B2E74676578] - 30/10/2015 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [584704] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.E7B524818100B0FDE2B057C74B0C0DCD] - 30/10/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [686984] =>.Microsoft Windows®
[MD5.2796C0957F6F05A528DD64B8591371B6] - 30/10/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535088] =>.Microsoft Windows®
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 05/11/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.C9478D7DB7BE5D7ACE65CB1167F07320] - 30/10/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.61F9F27A8C3D7BCD287FE98A440421CE] - 30/10/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows®
[MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - 30/10/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279552] =>.Microsoft Corporation
[MD5.EFEFC245B884B1BE0401931398DCD707] - 01/12/2015 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152800] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.381B8F2311A0375676B635EA5E7C8AB0] - 30/10/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 05/11/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (16) - 13s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe =>.ASUS Cloud Corporation
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014 - .) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.®
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe =>.Nitro PDF Software®
O23 - Service: NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe =>.Nitro PDF Software®
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.EXE =>.Nitro PDF Software®
O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealTimes Desktop Service.) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe =>.RealNetworks, Inc.®
O23 - Service: RealTimes Desktop Service (RealTimes Desktop Service) . (.RealNetworks, Inc. - RealTimes Desktop Service.) - c:\program files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
O23 - Service: Service KMSELDI (Service KMSELDI) . (.@ByELDI - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: SMART Helper Service (SMARTHelperService) . (.SMART Technologies - SMART Helper Service For Windows.) - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
---\\ Services not Microsoft (SR=Run, SS=Stop) (22) - 80s
SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [20/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [31/05/2015] [ 71168] Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation.) - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe =>.ASUS Cloud Corporation
SR - Auto [02/02/2016] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
SS - Demand [26/01/2015] [ 1074480] FlexNet Licensing Service (FlexNet Licensing Service) . (.Flexera Software LLC.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe =>.Flexera Software LLC®
SS - Demand [26/01/2015] [ 1484080] FlexNet Licensing Service 64 (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe =>.Flexera Software LLC®
SR - Auto [20/08/2014] [ 242256] Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014.) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.®
SR - Auto [16/07/2014] [ 230920] NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software.) - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe =>.Nitro PDF Software®
SR - Auto [16/07/2014] [ 417800] NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe =>.Nitro PDF Software®
SR - Auto [16/07/2014] [ 69640] Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\NLSSRV32.EXE =>.Nitro PDF Software®
SS - Auto [21/09/2015] [ 1103656] RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc..) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
SR - Auto [16/09/2015] [ 33088] RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe =>.RealNetworks, Inc.®
SS - Auto [21/09/2015] [ 1103656] RealTimes Desktop Service (RealTimes Desktop Service) . (.RealNetworks, Inc..) - c:\program files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
SR - Auto [27/09/2015] [ 739520] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SS - Demand [18/04/2013] [ 737616] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe =>.Nokia®
SS - Auto [11/12/2014] [ 315496] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [09/12/2014] [ 695600] SMART Helper Service (SMARTHelperService) . (.SMART Technologies.) - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
SR - Auto [21/05/2015] [ 743688] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD®
SR - Auto [11/09/2015] [ 246472] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SS - Demand [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe =>.Kaspersky Lab®
---\\ Task Planned Automatically (28) - 6s
[MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] =>.Adobe Systems, Incorporated®
[MD5.295A5BFCE8D225D014DB4E6E69336279] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated®
[MD5.582F07F389C28CE5A511269AF927F0A3] [APT] [AutoKMS] (.CODYQX4.) -- C:\Windows\AutoKMS\AutoKMS.exe [5196288] =>HackTool.AutoKMS
[MD5.EBF9EE1FD3CAF93596208A4EF1A5B942] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [740032] =>HackTool.KMSpico
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core] (.Facebook Inc..) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] =>.Facebook, Inc.®
[MD5.00000000000000000000000000000000] [APT] [IBUpd2] (...) -- C:\Users\Sami\AppData\Local\BrowserAir\47.0.0.3\updater.exe (.not file.) [0] =>PUP.Optional.BrowserAir
[MD5.A6FB0D5DE6EA45EE92FE58987E038D5E] [APT] [RealDownloader Update Check] (.Copyright © RealNetworks, Inc. 1995-2012.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [598800] =>.RealNetworks, Inc.®
[MD5.7FDBA5B219A14E4EF5A422A0E97E237A] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [342824] =>.RealNetworks, Inc.®
[MD5.CC2B620248A8C8712ED2979E209959CC] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [143624] =>.RealNetworks, Inc.®
[MD5.CC2B620248A8C8712ED2979E209959CC] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [143624] =>.RealNetworks, Inc.®
[MD5.5D6E251C20366D498E0D6BCFB38A622E] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648] =>.Synaptics Incorporated®
[MD5.00000000000000000000000000000000] [APT] [{77CE527D-EC62-44B1-98AE-4EF84420BF16}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EBDD6B4D-1A4E-4C3B-8B74-C4D2781989E6}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] =>.Apple Inc.®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core.job [916] =>.Facebook Inc.
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job [264] =>.Synaptics Incorporated
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3816] =>.Adobe Systems Incorporated
O39 - APT: AutoKMS - (.CODYQX4.) -- C:\WINDOWS\System32\Tasks\AutoKMS [3808] =>HackTool.AutoKMS
O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3456] =>HackTool.KMSpico
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core - (.Facebook Inc..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core [3300] =>.Facebook Inc.
O39 - APT: IBUpd2 - (...) -- C:\WINDOWS\System32\Tasks\IBUpd2 [3302] (.Orphean.) =>PUP.Optional.BrowserAir
O39 - APT: RealDownloader Update Check - (.Copyright © RealNetworks, Inc. 1995-2012.) -- C:\WINDOWS\System32\Tasks\RealDownloader Update Check [2496]
O39 - APT: RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [2676] =>.RealNetworks, Inc.
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [2528] =>.RealNetworks, Inc.
O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [3602] =>.RealNetworks, Inc.
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements [2254] =>.Synaptics Incorporated
---\\ Process running (30) - 4s
[MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1884] =>.Adobe Systems, Incorporated®
[MD5.133F82B6391F3390BECFA429C23FB2BE] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) -- C:\Windows\System32\Crypserv.exe [122880] [PID.1952]
[MD5.50C3C62FFE6337E6E4F2F01CB07DF63C] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000] [PID.1984] =>.Kaspersky Lab®
[MD5.0E04ABFDF6A48FE6B2BFEF37B858FFE9] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.EXE [69640] [PID.1352] =>.Nitro PDF Software®
[MD5.2EF9F9A28CA7E0B5601ACF3FC7B78965] - (...) -- C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800] [PID.1584] =>.Nitro PDF Software®
[MD5.0FFFFF9ED9392A7A925B4EA70C43C874] - (.@ByELDI - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe [739520] [PID.1748] =>HackTool.KMSpico
[MD5.EA5EC8EA51F9214B3175BDA3B2724D96] - (...) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088] [PID.1808] =>.RealNetworks, Inc.®
[MD5.57BECA30181C7948B7D506EC81FD5EEC] - (.Nitro PDF Software - Nitro PDF Spool Service.) -- C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920] [PID.1844] =>.Nitro PDF Software®
[MD5.AED1BB51CAB8A180DEAC27350DA4935F] - (.SMART Technologies - SMART Helper Service For Windows.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [695600] [PID.2056] {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
[MD5.E1415A51EFD0FB87649954C76BEE32D9] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.2152] =>.Synaptics Incorporated®
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.2208] =>.DEVGURU CO LTD®
[MD5.53D6A8E4BAA773E1E628EF3A68413CD2] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168] [PID.2260] =>.ASUS Cloud Corporation
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.2284] =>.WIBU-SYSTEMS AG®
[MD5.533AA4A69EE91B1C53910EF57E314DEF] - (.Copyright (C) 2014 - .) -- C:\ProgramData\MobileBrServ\mbbservice.exe [242256] [PID.2364] =>.Huawei Technologies Co., Ltd.®
[MD5.932A21CF0DA4E951C7C4A62D27E6D8FB] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe [211712] [PID.4840] =>.Kaspersky Lab®
[MD5.5D6E251C20366D498E0D6BCFB38A622E] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648] [PID.4956] =>.Synaptics Incorporated®
[MD5.35E28307F14F9CFDF40376F344E79562] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [210120] [PID.3596] =>.Synaptics Incorporated®
[MD5.904CA475F6ADD4080B0EA5144D23FDF1] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe [144384] [PID.4916]
[MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.5340] =>.Microsoft Corporation®
[MD5.BA4177E3E3E0B3296C1579135CCEBBB6] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\lsas.exe [557184] [PID.6252] =>.Superfluous.Guangxi
[MD5.B262FD3ACE0042E4C71FE95379D82F1A] - (.RealNetworks, Inc. - RealTimes Service UI.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe [1217320] [PID.6472] =>.RealNetworks, Inc.®
[MD5.4A9F609B4120F616D44D087EBC462A3B] - (.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\SBWDKService.exe [5794304] [PID.6552] =>.Joyent, Inc
[MD5.A6FB0D5DE6EA45EE92FE58987E038D5E] - (.Copyright © RealNetworks, Inc. 1995-2012 - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [598800] [PID.6604] =>.RealNetworks, Inc.®
[MD5.4557929F118EBE411F22C7E6014596D5] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\auds.exe [208512] [PID.7052] =>.Superfluous.Guangxi
[MD5.B074BCA3C38CD75CBB45D7B00018B55F] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\tslog.exe [193152] [PID.7064] =>.Superfluous.Guangxi
[MD5.1A113EB5F555F55A031BFACF6A57DC6E] - (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe [2388336] [PID.6980] =>.Apple Inc.®
[MD5.7FDBA5B219A14E4EF5A422A0E97E237A] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [342824] [PID.1552] =>.RealNetworks, Inc.®
[MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.7264] =>.Apple Inc.®
[MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.4280] =>.Apple Inc.®
[MD5.13A8776C85A0B17F70AC4FAE92737641] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Sami\AppData\Local\Temp\mpwp7sde.tmp\ZHPDiag3.exe [2107392] [PID.3232] =>.Nicolas Coolman
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (11) - 1s
M0 - MFSP: prefs.js [Sami - 0s20p23z.default] http://www.google.fr/
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.FRA
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.xpt
P2 - EXT FILE: (...) -- C:\Users\Sami\AppData\Roaming\Mozilla\Firefox\Profiles\0s20p23z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Users\Sami\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll =>.Skype Limited
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@nitropdf.com/NitroPDF] - (.Nitro PDF.) -- C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll
P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Nokia.) -- C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll =>.Nokia
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=18.1.0.1236] - (.RealTimes.) -- c:\program files (x86)\Real\realplayer\Netscape6\nprpplugin.dll
---\\ Opera, Plugins,Start,Search (1) - 1s
B0 - OCSP: Preferences [Sami][HomePage] http://www.sweet-page.com/?type=hp&ts=1441706776&z=c6329c5e29ab10f50cc5aa8g7z5z0gembebqam0mbq&from=cor&uid=TOSHIBAXMK3263GSXN_30Q7F60WSXX30Q7F60WS
---\\ Internet Explorer Extensions, Start, Search (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKEY_USERS\S-1-5-21-3690107929-2776208281-3965692235-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Browser Helper Object (BHO) (7) - 0s
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealTimes Video Downloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll =>.RealNetworks, Inc.®
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: (no name) [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} (Orphean)
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (.not file.)
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll =>.Kaspersky Lab®
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
---\\ Auto loading programs from Registry and folders (27) - 2s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe =>.Facebook, Inc.®
O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia®
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\program files (x86)\Real\realplayer\Update\realsched.exe =>.RealNetworks, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [SMARTNotification] . (.SMART Technologies - SMART Notification.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [SMART Tray Tools] . (.SMART Technologies - SMART System Menu.) -- C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [SMART Board Service] . (.SMART Technologies - SMART Board Service.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [sbsdk-server] . (.SMART Technologies - Node Launcher.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [SMART Floating Tools] . (.SMART Technologies ULC - SMART Board Tools.) -- C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies ULC
O4 - HKLM\..\Wow6432Node\Run: [WebStorage] . (...) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe =>.ASUS Cloud Corporation®
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [RealDownloader] . (.Copyright © RealNetworks, Inc. 1995-2012 - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe =>.RealNetworks, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - HKLM\..\Wow6432Node\Run: [setup] C:\Users\Sami\AppData\Local\Temp\setup.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [MTview] C:\Program Files (x86)\MTV20151125\MTView.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe =>.Facebook, Inc.®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
---\\ Global shortcuts Startup (41) - 8s
O4 - GS\Desktop [Administrator]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Administrator]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\Desktop [Guest]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Guest]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Guest]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\Desktop [Sami]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Sami]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Sami]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Sami]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Sami]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Sami]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Sami]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Sami]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe
O4 - GS\sendTo [Sami]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
O4 - GS\CommonDesktop [Public]: Configure Kodu Game Lab.lnk . (.MSIT - BokuPreBoot.) C:\Program Files (x86)\Microsoft Research\Kodu Game Lab\BokuPreBoot.exe
O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\CommonDesktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: Kodu Game Lab.lnk . (.Microsoft Research - Kodu Game Lab.) C:\Program Files (x86)\Microsoft Research\Kodu Game Lab\Boku.exe =>.Microsoft Research
O4 - GS\CommonDesktop [Public]: Nitro Pro 9.lnk . (.Nitro PDF - .) C:\Program Files (x86)\Nitro\Pro 9\NitroPDF.exe
O4 - GS\CommonDesktop [Public]: Nokia Suite.lnk . (.Nokia - Nokia Suite.) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia®
O4 - GS\CommonDesktop [Public]: RealPlayer (RealTimes).lnk . (.RealNetworks, Inc. - RealTimes.) C:\program files (x86)\real\realplayer\RealPlay.exe =>.RealNetworks, Inc.®
O4 - GS\CommonDesktop [Public]: Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\CommonDesktop [Public]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\CommonDesktop [Public]: SMART Notebook 14.lnk . (.SMART Technologies ULC - SMART Notebook.) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies ULC
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Startup [Public]: RealTimes.lnk . (.RealNetworks, Inc. - RealTimes Service UI.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe =>.RealNetworks, Inc.®
---\\ Lop.com/Domain Hijackers (6) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5987cd7f-d36c-4056-9aee-eee6dd48609c}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74743d34-653e-4b29-b86a-d570a5904abd}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ab7dba65-ca52-4359-86a5-612b60f14c65}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e4668e03-9734-4409-a573-e1646eb7a73c}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ab7dba65-ca52-4359-86a5-612b60f14c65}: DhcpDomain = hi.link
---\\ Extra protocols (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb.16 [64Bits] - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Software installed (96) - 28s
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CC 2014 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D7A4F897-B20A-42D0-862D-CB5F6DB7391D} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc.
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 =>.Audacity Team
O42 - Logiciel: BitLord 2.3 - (.House of Life.) [HKLM][64Bits] -- BitLord =>PUP.Optional.WhenUSave
O42 - Logiciel: Canon Easy-PhotoPrint EX - (.Canon Inc..) [HKLM][64Bits] -- Easy-PhotoPrint EX =>.Canon Inc.®
O42 - Logiciel: Canon MX350 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series =>.Canon Inc.®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: EpsonNet Config V4 - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA} =>.SEIKO EPSON CORPORATION®
O42 - Logiciel: EpsonNet SetupManager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {BB828C7B-44A6-4A83-A96E-EF80B8680B8D} =>.Seiko Epson Corporation
O42 - Logiciel: EpsonNet SetupManager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D} =>.Seiko Epson Corporation
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} =>.Skype Limited
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B} =>.Microsoft Corporation
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
O42 - Logiciel: Kodu Game Lab - (.Microsoft Research.) [HKLM][64Bits] -- {4D172E50-1EF5-4B07-B408-A12DB50CC542} =>.Microsoft Research
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM][64Bits] -- LAME_is1
O42 - Logiciel: MEGA7 version 7.0.9 - (.iGEM.) [HKLM][64Bits] -- {0F8E7D37-27B9-4BFF-9AC7-96321D8467E5}_is1
O42 - Logiciel: Microsoft Access MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0015-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0117-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0090-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0016-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00BA-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0044-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00A1-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001A-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0018-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0019-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Skype for Business MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-012B-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001B-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Mobile Broadband HL Service =>.Huawei Technologies Co., Ltd.®
O42 - Logiciel: MSVC80_x64_v2 - (.Nokia.) [HKLM][64Bits] -- {4D668D4F-FAA2-4726-834C-31F4614F312E} =>.Nokia
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM][64Bits] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} =>.Nokia
O42 - Logiciel: MSVC90_x64 - (.Nokia.) [HKLM][64Bits] -- {AB071C8B-873C-459F-ACA9-9EBE03C3E89B} =>.Nokia
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM][64Bits] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} =>.Nokia
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58} =>.Sony Creative Software Inc.
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D66B7840-6A9B-11E4-8FED-F04DA23A5C58} =>.Sony Creative Software Inc.
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft
O42 - Logiciel: Nitro Pro 9 - (.Nitro.) [HKLM][64Bits] -- {1325EE91-6AB4-4250-9780-8713FABBBD9A} =>.Nitro
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM][64Bits] -- {29373274-977E-413C-A4DE-DC0F8E80C429} =>.Nokia
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- {88B6F9DE-C80F-4A70-ACF6-BEE933679170} =>.Nokia
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- Nokia Suite =>.Nokia®
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM][64Bits] -- {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B} =>.Nokia
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM][64Bits] -- {FB20AA56-F683-463A-8812-90A3507E96F9} =>.RealNetworks, Inc.
O42 - Logiciel: RealDownloader - (.RealNetworks.) [HKLM][64Bits] -- {0415f03a-c9b1-4179-ad1c-b7511ae49c2a} =>.RealNetworks, Inc.®
O42 - Logiciel: RealDownloader - (.RealNetworks.) [HKLM][64Bits] -- {E60834D5-24DD-4C76-A9A6-5A6766FB4448} =>.RealNetworks
O42 - Logiciel: RealPlayer Cloud - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 17.0 =>.RealNetworks, Inc.®
O42 - Logiciel: RealTimes (RealPlayer) - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 18.1 =>.RealNetworks, Inc.®
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.RealNetworks, Inc.
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} =>.Apple Inc.
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM][64Bits] -- SAMSUNG Mobile Modem
O42 - Logiciel: Samsung Mobile phone USB driver Drive Software - (...) [HKLM][64Bits] -- Samsung Mobile phone USB driver Drive
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem 1.0 =>.MCCI Corporation®
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem =>.MCCI Corporation®
O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {C79A37F3-C076-48BE-B290-F4C8676ABD74} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: Settings Manager - (.Aztec Media Inc.) [HKLM][64Bits] -- Settings Manager =>PUP.Optional.SystemK
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 7.0 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A.
O42 - Logiciel: SMART Arabic Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {CB886E2E-81D3-4995-BB75-C0D49E8DAFB1} =>.SMART Technologies ULC
O42 - Logiciel: SMART Common Platform - (.SMART Technologies ULC.) [HKLM][64Bits] -- {0E5DD7A3-BE29-430C-970B-C553F4A58C39} =>.SMART Technologies ULC
O42 - Logiciel: SMART English (United Kingdom) Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {D2EEF167-5418-4DD4-8370-E168D867E8E2} =>.SMART Technologies ULC
O42 - Logiciel: SMART French Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {41CE2133-DAA6-4360-8C57-01AE7896DCAE} =>.SMART Technologies ULC
O42 - Logiciel: SMART French Language Pack - (.SMART Technologies ULC.) [HKLM][64Bits] -- {3B86CEC2-94D4-4511-B4DD-13AA84A2B6A1} =>.SMART Technologies ULC
O42 - Logiciel: SMART Notebook - (.SMART Technologies ULC.) [HKLM][64Bits] -- {18E53BBD-971F-4A77-9620-EB2C1539E308} =>.SMART Technologies ULC
O42 - Logiciel: SMART Pilotes de produit - (.SMART Technologies ULC.) [HKLM][64Bits] -- {67F35E75-A186-4F80-B291-8283331D5550} =>.SMART Technologies ULC
O42 - Logiciel: Software Version Updater - (...) [HKLM][64Bits] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation®
O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM][64Bits] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37} =>.RealNetworks, Inc.
O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM][64Bits] -- Usbfix =>.El Desaparecido - www.usbfix.net - www.sosvirus.net
O42 - Logiciel: Video Downloader - (.RealNetworks.) [HKLM][64Bits] -- {E60AFF01-6087-47BD-8272-61FA3CFC309D} =>.RealNetworks
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484} =>.AVG Technologies
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WebStorage - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- WebStorage =>.ASUS Cloud Corporation
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) - (.Nokia.) [HKLM][64Bits] -- 62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F =>.Microsoft Windows®
O42 - Logiciel: WinRAR 5.10 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: XMedia Recode version 3.2.6.0 - (.XMedia Recode.) [HKLM][64Bits] -- {DDA3C325-47B2-4730-9672-BF3771C08799}_is1
---\\ HKCU & HKLM Software Keys (163) - 28s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Avg
HKLM\SOFTWARE\Wow6432Node\Bigasoft
HKLM\SOFTWARE\Wow6432Node\Canon
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Cisco
HKLM\SOFTWARE\Wow6432Node\Client
HKLM\SOFTWARE\Wow6432Node\ECAREME
HKLM\SOFTWARE\Wow6432Node\EpsonNet
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\Gentee
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Huawei technologies
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\Wow6432Node\iTinySoft
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Lame For Audacity
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision
HKLM\SOFTWARE\Wow6432Node\MarkAny
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nalpeiron
HKLM\SOFTWARE\Wow6432Node\National Instruments
HKLM\SOFTWARE\Wow6432Node\NewBlue
HKLM\SOFTWARE\Wow6432Node\Nokia
HKLM\SOFTWARE\Wow6432Node\Nokia Mobile Phones
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PC Connectivity Solution
HKLM\SOFTWARE\Wow6432Node\PCDataApp
HKLM\SOFTWARE\Wow6432Node\PCSuite
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION
HKLM\SOFTWARE\Wow6432Node\SHARP
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SMART Technologies
HKLM\SOFTWARE\Wow6432Node\SMART Technologies Inc.
HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\Wow6432Node\Sony Creative Software
HKLM\SOFTWARE\Wow6432Node\SOSVirus
HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery
HKLM\SOFTWARE\Wow6432Node\Stellar information Systems ltd.
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\SystemK =>PUP.Optional.SystemK
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WafCX
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp.
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Anvsoft
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\Avg Secure Update
HKCU\SOFTWARE\Bigasoft
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Bytescout
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\Clubic
HKCU\SOFTWARE\DirectShow
HKCU\SOFTWARE\DriverToolkit =>.Superfluous.DriverToolkit
HKCU\SOFTWARE\ECAREME
HKCU\SOFTWARE\EpsonNet
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Format Factory
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Freeware
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\InstallCore =>Adware.InstallCore
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Ligos
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Network Optix
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\Nitro
HKCU\SOFTWARE\Nokia
HKCU\SOFTWARE\O&O
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PCDataApp
HKCU\SOFTWARE\PCSuite
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Real
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Redemption
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\SHARP
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\SMART Technologies
HKCU\SOFTWARE\SMART Technologies Inc.
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\Softonic =>.Superfluous.Softonic
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\STA =>.Superfluous.ZhuWeiqin
HKCU\SOFTWARE\Streaming Video Recorder
HKCU\SOFTWARE\SWiSHzone.com
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\SystemK =>PUP.Optional.SystemK
HKCU\SOFTWARE\TAdvCheckList
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\tvp
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\UpdateStar
HKCU\SOFTWARE\Usbfix
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VideoLAN
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wintertree
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\WsAudio_Device
HKCU\SOFTWARE\WSVCUPlugin
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\MarkAny
---\\ Contents of the Common Files folders (274) - 45s
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 21/07/2014 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.®
O43 - CFD: 01/10/2014 - [] D -- C:\Program Files (x86)\ASUS
O43 - CFD: 27/07/2014 - [] AD -- C:\Program Files (x86)\Audacity
O43 - CFD: 17/06/2015 - [] D -- C:\Program Files (x86)\AVG Web TuneUp =>Toolbar.AVGSafeGuard
O43 - CFD: 12/09/2015 - [0] D -- C:\Program Files (x86)\Bitlord =>PUP.Optional.WhenUSave
O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\BitLord 2 =>PUP.Optional.WhenUSave
O43 - CFD: 13/12/2014 - [] D -- C:\Program Files (x86)\Canon
O43 - CFD: 29/09/2015 - [] D -- C:\Program Files (x86)\CDRoller
O43 - CFD: 28/09/2015 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG®
O43 - CFD: 27/01/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 11/06/2015 - [] D -- C:\Program Files (x86)\Eduserv
O43 - CFD: 20/04/2015 - [] D -- C:\Program Files (x86)\EpsonNet =>.SEIKO EPSON Corporation®
O43 - CFD: 15/01/2015 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software Incorporated®
O43 - CFD: 28/09/2015 - [0] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 31/08/2014 - [] D -- C:\Program Files (x86)\GUMD13A.tmp =>.Google Inc®
O43 - CFD: 24/10/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 30/12/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Kaspersky Lab =>.Kaspersky Lab®
O43 - CFD: 31/07/2014 - [] AD -- C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation®
O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 28/10/2015 - [] D -- C:\Program Files (x86)\Microsoft Research
O43 - CFD: 30/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 25/04/2015 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 02/02/2016 - [] AD -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 10/08/2014 - [] D -- C:\Program Files (x86)\Nitro
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files (x86)\Nokia
O43 - CFD: 11/09/2015 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 22/06/2014 - [] AD -- C:\Program Files (x86)\PC Connectivity Solution =>.Microsoft Windows®
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Real =>.RealNetworks, Inc.®
O43 - CFD: 21/09/2015 - [] AD -- C:\Program Files (x86)\RealNetworks =>.RealNetworks, Inc.®
O43 - CFD: 06/03/2015 - [] AD -- C:\Program Files (x86)\Safari =>.Apple Inc.®
O43 - CFD: 29/09/2015 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics CO., LTD.®
O43 - CFD: 28/01/2016 - [0] D -- C:\Program Files (x86)\Settings Manager =>PUP.Optional.SettingsManager
O43 - CFD: 28/09/2015 - [0] D -- C:\Program Files (x86)\SHARP
O43 - CFD: 18/01/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl®
O43 - CFD: 26/01/2015 - [] AD -- C:\Program Files (x86)\SMART Technologies {527D6AFB843C2E8BE75BF8BBA4E8B734}
O43 - CFD: 28/09/2015 - [] D -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery =>.Stellar Information Systems Limited®
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Total Video Converter
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\t_201601241301 =>.Superfluous.Guangxi
O43 - CFD: 26/12/2015 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 02/07/2014 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 25/04/2015 - [] AD -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation®
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 14/07/2014 - [] AD -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®
O43 - CFD: 21/09/2015 - [] AD -- C:\Program Files (x86)\XMedia Recode
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 21/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitlord =>PUP.Optional.WhenUSave
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet
O43 - CFD: 30/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
O43 - CFD: 02/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA7
O43 - CFD: 26/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
O43 - CFD: 24/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies
O43 - CFD: 25/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
O43 - CFD: 24/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÃÀͼä¯ÀÀ
O43 - CFD: 11/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÎÏãÇÊ ãÏÑÓíøÉ
O43 - CFD: 19/12/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\خدمات مدرسيّة
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 21/07/2014 - [] D -- C:\ProgramData\Apple
O43 - CFD: 21/07/2014 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\ASUS WebStorage
O43 - CFD: 06/12/2014 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 28/01/2016 - [0] D -- C:\ProgramData\Baidu
O43 - CFD: 17/12/2014 - [] HD -- C:\ProgramData\CanonBJ
O43 - CFD: 13/12/2014 - [0] HD -- C:\ProgramData\CanonEPP
O43 - CFD: 13/12/2014 - [0] HD -- C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 06/03/2015 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Denyalive
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Dim@net
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\Foxit ContentPlatform
O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\HP
O43 - CFD: 12/07/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 03/02/2016 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\LAT 2.0 - FR
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 26/12/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 28/01/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 26/06/2015 - [] D -- C:\ProgramData\MobileBrServ
O43 - CFD: 21/06/2014 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 10/08/2014 - [] D -- C:\ProgramData\Nitro
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Nokia
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\OO Software
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 25/06/2014 - [] D -- C:\ProgramData\PC Suite
O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 21/12/2014 - [] D -- C:\ProgramData\Real
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\RealNetworks
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 26/01/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\SAS
O43 - CFD: 23/12/2014 - [] D -- C:\ProgramData\Skype
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\SMART Technologies
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\SysDev Laboratories
O43 - CFD: 21/12/2014 - [0] D -- C:\ProgramData\systemk =>PUP.Optional.SystemK
O43 - CFD: 28/09/2015 - [0] D -- C:\ProgramData\TEMP
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\WebStorage
O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 13/09/2015 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate
O43 - CFD: 13/09/2015 - [0] D -- C:\ProgramData\xml_param
O43 - CFD: 21/08/2015 - [] D -- C:\ProgramData\Yammer
O43 - CFD: 24/12/2015 - [] AD -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 03/07/2015 - [] D -- C:\Program Files (x86)\Common Files\AWS
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Config
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Common Files\eSellerate
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/01/2015 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 10/08/2014 - [] AD -- C:\Program Files (x86)\Common Files\Nitro
O43 - CFD: 02/08/2015 - [] AD -- C:\Program Files (x86)\Common Files\Nokia
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 16/12/2014 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 26/01/2015 - [] AD -- C:\Program Files (x86)\Common Files\SMART Technologies
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 25/04/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 30/09/2014 - [] D -- C:\Program Files (x86)\Common Files\xing shared
O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Adobe
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Anvsoft
O43 - CFD: 21/12/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Apowersoft
O43 - CFD: 20/08/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Apple Computer
O43 - CFD: 07/03/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Audacity
O43 - CFD: 23/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\avidemux
O43 - CFD: 03/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\awsRun
O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Bigasoft Total Video Converter 5
O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 01/08/2014 - [0] D -- C:\Users\Sami\AppData\Roaming\DMCache
O43 - CFD: 10/08/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Downloaded Installations
O43 - CFD: 04/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\ESET
O43 - CFD: 21/12/2014 - [] D -- C:\Users\Sami\AppData\Roaming\FirefoxToolbar
O43 - CFD: 23/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Foxit Software
O43 - CFD: 08/09/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Identities
O43 - CFD: 23/04/2015 - [] D -- C:\Users\Sami\AppData\Roaming\InstallShield
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Macromedia
O43 - CFD: 15/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\MediaInfo
O43 - CFD: 11/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA6_6140226
O43 - CFD: 26/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64
O43 - CFD: 27/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA_Global
O43 - CFD: 26/12/2015 - [] SD -- C:\Users\Sami\AppData\Roaming\Microsoft
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Mozilla
O43 - CFD: 21/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Nitro
O43 - CFD: 18/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Nitro PDF
O43 - CFD: 30/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Nokia
O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Nokia Suite
O43 - CFD: 08/09/2015 - [0] D -- C:\Users\Sami\AppData\Roaming\notepad
O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Opera Software
O43 - CFD: 18/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\PC Suite
O43 - CFD: 21/09/2015 - [0] D -- C:\Users\Sami\AppData\Roaming\Publish Providers
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Python-Eggs
O43 - CFD: 01/02/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Real
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\RealNetworks
O43 - CFD: 24/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Samsung
O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Shortcut
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Skype
O43 - CFD: 26/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\SMART Technologies
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\SMART Technologies Inc
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Sony
O43 - CFD: 27/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\SysDev Laboratories
O43 - CFD: 25/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Temp
O43 - CFD: 06/03/2015 - [] D -- C:\Users\Sami\AppData\Roaming\TuneUp Software
O43 - CFD: 02/02/2016 - [] D -- C:\Users\Sami\AppData\Roaming\vlc
O43 - CFD: 30/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\WebStorage
O43 - CFD: 21/06/2014 - [0] SHD -- C:\Users\Sami\AppData\Roaming\WindowsDebugger
O43 - CFD: 14/07/2014 - [] D -- C:\Users\Sami\AppData\Roaming\WinRAR
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Wondershare Video Converter Ultimate
O43 - CFD: 21/08/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Yammer
O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Roaming\ZHP
O43 - CFD: 26/12/2015 - [0] D -- C:\Users\Sami\AppData\Local\ActiveSync
O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Adobe
O43 - CFD: 21/07/2014 - [] D -- C:\Users\Sami\AppData\Local\Apple
O43 - CFD: 01/08/2014 - [] D -- C:\Users\Sami\AppData\Local\Apple Computer
O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\Application Data
O43 - CFD: 21/08/2015 - [] D -- C:\Users\Sami\AppData\Local\Apps
O43 - CFD: 21/05/2015 - [] D -- C:\Users\Sami\AppData\Local\Avg
O43 - CFD: 07/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Avg2015
O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sami\AppData\Local\CEF
O43 - CFD: 27/12/2015 - [] D -- C:\Users\Sami\AppData\Local\Comms
O43 - CFD: 27/01/2016 - [0] D -- C:\Users\Sami\AppData\Local\Diagnostics
O43 - CFD: 03/02/2016 - [0] D -- C:\Users\Sami\AppData\Local\ElevatedDiagnostics
O43 - CFD: 11/09/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\EmieSiteList
O43 - CFD: 11/09/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\EmieUserList
O43 - CFD: 17/06/2015 - [] D -- C:\Users\Sami\AppData\Local\ESET
O43 - CFD: 31/07/2014 - [] D -- C:\Users\Sami\AppData\Local\Facebook
O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Local\fontconfig
O43 - CFD: 16/05/2015 - [] D -- C:\Users\Sami\AppData\Local\Foxit Reader
O43 - CFD: 24/11/2015 - [] D -- C:\Users\Sami\AppData\Local\Google
O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\History
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Macromedia
O43 - CFD: 06/03/2015 - [] D -- C:\Users\Sami\AppData\Local\MFAData
O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Local\Microsoft
O43 - CFD: 29/01/2016 - [] D -- C:\Users\Sami\AppData\Local\Microsoft Help
O43 - CFD: 18/09/2015 - [] D -- C:\Users\Sami\AppData\Local\MicrosoftEdge
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Mozilla
O43 - CFD: 11/09/2015 - [0] D -- C:\Users\Sami\AppData\Local\NetworkTiles
O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Nokia
O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Local\NokiaAccount
O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Local\Opera Software
O43 - CFD: 01/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Packages
O43 - CFD: 23/12/2014 - [0] D -- C:\Users\Sami\AppData\Local\PackageStaging
O43 - CFD: 12/09/2015 - [0] D -- C:\Users\Sami\AppData\Local\PeerDistRepub
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Programs
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Publishers
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Real
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Samsung
O43 - CFD: 15/07/2014 - [] D -- C:\Users\Sami\AppData\Local\SAS
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Skype
O43 - CFD: 26/01/2015 - [] D -- C:\Users\Sami\AppData\Local\SMART Technologies
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\SMART Technologies Inc
O43 - CFD: 29/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Sony
O43 - CFD: 23/10/2015 - [] D -- C:\Users\Sami\AppData\Local\speech
O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Temp
O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\Temporary Internet Files
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\TileDataLayer
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\VirtualStore
O43 - CFD: 26/10/2015 - [] D -- C:\Users\Sami\AppData\Local\Windows Live
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Wondershare
O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 27/01/2016 - [0] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
---\\ Latest files created in Prefetcher (3) - 12s
O45 - LFCP:[MD5.F5DB5CF8162E39BA4B6156A75F8AE67C] 24/01/2016 A -- C:\WINDOWS\Prefetch\BROWSERAIR.EXE-BE55F020.pf =>PUP.Optional.BrowserAir
O45 - LFCP:[MD5.3F5F3C2EE68A5C6B7CD7203B8850FAC0] 27/01/2016 A -- C:\WINDOWS\Prefetch\SH_INSTALLER.EXE-AF58EEE7.pf =>.Superfluous.SpyHunter
O45 - LFCP:[MD5.188FF314060D600FD52F13C29267CE87] 27/01/2016 A -- C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-83704D5A.pf =>.Superfluous.SpyHunter
---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
---\\ System Drivers List (88) - 19s
O58 - SDL:2015/10/30 08:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2011/11/28 14:51:44 A . (.AnvSoft Inc. - AnvSoft Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\anvsnddrv.sys [33872] =>.AnvSoft Co., Ltd.®
O58 - SDL:2014/04/09 22:05:52 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [31920] =>.APOWERSOFT LIMITED®
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 08:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\WINDOWS\System32\drivers\cm_km.sys [389816] =>.Kaspersky Lab®
O58 - SDL:2014/09/22 09:20:06 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\WINDOWS\System32\drivers\EpfwLWF.sys [44632] =>.ESET, spol. s r.o.®
O58 - SDL:2015/01/04 12:48:48 A . (.ESET - ESET Cleaners Driver.) -- C:\WINDOWS\System32\drivers\ESETCleanersDriver.sys [170280] =>.ESET, spol. s r.o.®
O58 - SDL:2016/01/27 00:07:25 A . (...) -- C:\WINDOWS\System32\drivers\EsgScanner.sys [22704] =>.Superfluous.SpyHunter
O58 - SDL:2015/10/30 08:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows®
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys [117248] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys [87040] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys [98304] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys [72192] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys [28672] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [13952] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2015/10/30 08:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows®
O58 - SDL:2012/03/23 18:13:28 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [10627744] =>.Intel Corporation
O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [53432] =>.Kaspersky Lab®
O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [70512] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:51:00 A . (.Kaspersky Lab ZAO - Virtual Disk [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kldisk.sys [68280] =>.Kaspersky Lab®
O58 - SDL:2015/06/24 01:28:32 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [30328] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2016/02/03 02:42:00 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [181640] =>.Kaspersky Lab®
O58 - SDL:2016/02/02 23:46:32 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [227512] =>.Kaspersky Lab®
O58 - SDL:2016/02/03 02:42:01 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [934272] =>.Kaspersky Lab®
O58 - SDL:2015/06/11 19:35:38 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [39608] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2016/02/03 02:42:02 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [41352] =>.Kaspersky Lab®
O58 - SDL:2016/02/03 02:42:02 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [87944] =>.Kaspersky Lab®
O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [102584] =>.Kaspersky Lab®
O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kneps.sys [187056] =>.Kaspersky Lab®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2014/12/09 17:47:52 A . (.Copyright (C) 2009 - NWHIDFil.) -- C:\WINDOWS\System32\drivers\NWLowRider.sys [25456] {309768CB6AA9FEDD5F445CD83298E4E2}
O58 - SDL:2014/12/09 17:47:52 A . (.Copyright (C) 2009 - Kernel.) -- C:\WINDOWS\System32\drivers\NWTransLibLR.sys [157552] {309768CB6AA9FEDD5F445CD83298E4E2}
O58 - SDL:2012/10/17 14:53:46 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\drivers\pccsmcfdx64.sys [26112] =>.Nokia
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [589824] =>.Realtek
O58 - SDL:2015/10/30 08:17:18 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\WINDOWS\System32\drivers\rtl8192se.sys [1222656] =>.Realtek Semiconductor Corporation
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2014/12/09 17:47:36 A . (.SMART Technologies - Mouse Upper Filter Driver.) -- C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [10240] =>.SMART Technologies
O58 - SDL:2014/12/09 17:47:50 A . (.SMART Technologies - Driver for SMART HID Device.) -- C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216] =>.SMART Technologies
O58 - SDL:2014/12/09 17:47:32 A . (.SMART Technologies ULC - Driver for SMART Virtual TabletPC HID Devic.) -- C:\WINDOWS\System32\drivers\SMARTVTabletPCx64.sys [70656] =>.SMART Technologies ULC
O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [42184] =>.Synaptics Incorporated®
O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [42696] =>.Synaptics Incorporated®
O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [42696] =>.Synaptics Incorporated®
O58 - SDL:2015/05/21 07:02:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\ssm_cm.sys [15360] =>.MCCI Corporation®
O58 - SDL:2015/05/21 07:02:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\ssm_wh.sys [15872] =>.MCCI Corporation®
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [110720] =>.DEVGURU CO LTD®
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2015/10/30 08:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2015/09/11 15:01:26 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [613576] =>.Synaptics Incorporated®
O58 - SDL:2016/01/24 13:04:45 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [128312] =>.Superfluous.Tencent
O58 - SDL:2010/06/14 09:32:54 A . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\WINDOWS\System32\drivers\TFsExDisk.sys [16448] =>.Teruten, Inc.®
O58 - SDL:2013/08/19 12:32:10 A . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\WINDOWS\System32\drivers\Thotkey.sys [32624] =>.TOSHIBA CORPORATION®
O58 - SDL:2014/03/19 02:37:36 A . (.Seiko Epson Corporation - EPSON USB Device Driver for TM/BA/EU Printe.) -- C:\WINDOWS\System32\drivers\TMUSB64.sys [63096] =>.Seiko Epson Corporation
O58 - SDL:2013/08/15 09:13:32 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\WINDOWS\System32\drivers\TVALZ_O.SYS [32832] =>.TOSHIBA CORPORATION®
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows®
O58 - SDL:2008/03/17 18:12:26 A . (...) -- C:\WINDOWS\System32\Ckldrv.sys [28664] {07ECE39AB9F0557AA8FCED94B40D204F}
---\\ Last modified or created user files (16) - 113s
O61 - LFC: 2016/01/26 12:41:08 A . (.iGEM.) -- C:\Users\Sami\Downloads\MEGA7.0.9_beta_win64_setup.exe [32440723]
O61 - LFC: 2016/02/02 10:46:10 A . (..) -- C:\Users\Sami\AppData\Roaming\Microsoft\UProof\CMAdj.9.bin [68]
O61 - LFC: 2016/01/28 11:43:52 A . (..) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\MUSCLE\muscle.exe [531968]
O61 - LFC: 2016/01/28 11:43:52 A . (..) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\MUSCLE\muscleWin64.exe [531968]
O61 - LFC: 2016/01/28 11:20:06 A . (.WPCubed GmbH - www.wpcubed.com.) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\DLL\wPDF300W64.dll [1689544] {0D1A94960725EDF5AE85CF6F5D799B7B}
O61 - LFC: 2016/01/28 15:16:00 A . (.Copyright © 2013.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Q42.WinRT.Portable\7631f412fc66d626094994fddc019311\Q42.WinRT.Portable.ni.dll [44032]
O61 - LFC: 2016/01/28 15:16:07 A . (.Copyright © 2012.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Q42.WinRT\f78c7598742cc0647abb150639b190e3\Q42.WinRT.ni.dll [239616]
O61 - LFC: 2016/01/28 15:15:59 A . (.Copyright © 2014.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\NRJ\c5bcc2d1182e25eb3abc8d75328bf6ba\NRJ.ni.exe [1869312]
O61 - LFC: 2016/01/28 15:16:09 A . (.Copyright © 2011.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\cd3dbbce858ec74ff99988d686defac1\NotificationsExtensions.ni.dll [241664]
O61 - LFC: 2016/01/28 15:16:08 A . (.Copyright © 2013.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\ATWinStoreLib\b96b5bb3e6a2577a01e4861d6ff73b08\ATWinStoreLib.ni.dll [161280]
O61 - LFC: 2016/01/26 22:27:35 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [24616]
O61 - LFC: 2016/02/02 10:34:31 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2016/02/02 22:25:34 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635900364982878667.bin [66472]
O61 - LFC: 2016/02/03 07:29:54 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2016/01/26 17:42:10 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [403885]
O61 - LFC: 2016/01/26 22:11:21 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635894136668762467.bin [58396]
---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe http://www.istartsurf.com/ =>.Apple Inc.®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.
---\\ Search Browser Infection (5) - 14s
O69 - SBI: prefs.js [Sami - 0s20p23z.default] user_pref("browser.newtab.url", "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G1Ozamobl10924,f8a9f8bd-b356-4332-ab6e[...] =>PUP.Optional.SearchingCom
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Search Svchost Services (42) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1338368] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [958464] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [1012224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2058240] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [203776] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [457728] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2280448] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [360448] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [360960] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1130496] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948224] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [200192] =>.Microsoft Corporation
---\\ Firewall Active Exception List (54) - 9s
O87 - FAEL: "UDP Query User{D64279E8-62DD-43BC-A5E6-4E7B49E17E82}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "TCP Query User{F9B6B75D-C1AB-43B0-BB81-A4C28CB9207F}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "{AEF68EEC-8911-4522-9059-55D160BD8CA2}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe (.not file.)
O87 - FAEL: "{67644433-D2E4-495D-BC6C-C701A29CB601}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe (.not file.)
O87 - FAEL: "{4B54A765-5D85-406D-9162-D4BA0973A2D7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe (.not file.)
O87 - FAEL: "{6DFD9D5E-F7DB-4688-B2B0-797FD618D08A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe (.not file.)
O87 - FAEL: "{85D097BD-2630-47A3-B6F6-CD1E3DD76549}" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "{CF550519-2E91-40B2-A98E-1008354D5AAD}" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "{DCE17A55-CB63-4A48-9D87-5245180F76CD}" [In-None-P17-TRUE] .(...) -- C:\Program Files\PCDApp\dgen.exe (.not file.)
O87 - FAEL: "{8EA85A7E-C9F2-411F-B3F4-3A558C11BAC1}" [In-None-P6-TRUE] .(...) -- C:\Program Files\PCDApp\dgen.exe (.not file.)
O87 - FAEL: "{8443A095-3B45-4ECB-92AD-FBA8769CDDE3}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{2999EC54-5FE2-4649-B9F2-79403EFE41C4}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{65274C97-19E5-4237-B5E1-02F77A2E2B7B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{ACC0AD74-8595-4C26-BE54-E0BE56AA2653}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{87DE2CEB-18CD-4E8E-B332-B1439FC76499}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (.not file.)
O87 - FAEL: "{A770D764-F829-482E-B1D9-15DF3F44FDAB}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (.not file.)
O87 - FAEL: "{5EB1F344-6692-47BC-9476-5BB80DE2688A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (.not file.)
O87 - FAEL: "{62ED000E-EEAF-45F7-9394-7FEA9E114EB4}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (.not file.)
O87 - FAEL: "TCP Query User{B70E271F-5FC9-4BF5-A053-453E635E25FF}C:\program files (x86)\smart technologies\education software\ucgui.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucgui.exe (.not file.)
O87 - FAEL: "UDP Query User{8794C1D3-9454-49AA-A713-72A4BC6D22F9}C:\program files (x86)\smart technologies\education software\ucgui.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucgui.exe (.not file.)
O87 - FAEL: "TCP Query User{2D6BB53C-2B92-45FB-97FD-9F1B2F718438}C:\program files (x86)\smart technologies\education software\ucservice.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucservice.exe (.not file.)
O87 - FAEL: "UDP Query User{B572551C-425D-4BA9-91B9-38AF859D1006}C:\program files (x86)\smart technologies\education software\ucservice.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucservice.exe (.not file.)
O87 - FAEL: "{E6C90F6E-2A12-4103-AB96-CBEE91771093}" [In-None-P6-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{4E4C49DA-3E90-49E8-85BA-1C26F23E39E0}" [In-None-P17-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{6EB8B37D-BAD0-46CE-82B5-FD060FA6BF19}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (.not file.)
O87 - FAEL: "{363D11BE-C954-4B01-9208-A0674F916E31}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (.not file.)
O87 - FAEL: "{88D3A529-EC5A-4BB5-872B-DBE5ED26CA55}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (.not file.)
O87 - FAEL: "{7FBB0029-C448-470E-933D-033D95F9DE48}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (.not file.)
O87 - FAEL: "{66267072-E6A2-4997-901F-603E8AA43A8C}" [Out-None-P6-TRUE] .(...) -- C:\Users\Sami\AppData\Local\Temp\nsj2C79.tmp\CnetInstaller-75586860.exe (.not file.)
O87 - FAEL: "{B291913D-191F-462C-8AA8-C6AE94C4F517}" [In-None-P6-TRUE] .(...) -- C:\Users\Sami\AppData\Local\Temp\nsj2C79.tmp\CnetInstaller-75586860.exe (.not file.)
O87 - FAEL: "{AD891D20-77DE-429F-A39B-3AE2A084EBE4}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (.not file.)
O87 - FAEL: "{35116F7F-7E81-4B4E-94D3-233D46666D8F}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (.not file.)
O87 - FAEL: "{31728723-3987-4378-AAA9-5A48B8CAAFB0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (.not file.)
O87 - FAEL: "{538F46DB-9902-4421-9A5F-D0E082C2A941}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (.not file.)
O87 - FAEL: "{E784ADC4-4BBF-427E-9C0A-0F0D471DAF8A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (.not file.)
O87 - FAEL: "{AD5457FA-D8EC-483B-9E24-513BCFCF8EA3}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (.not file.)
O87 - FAEL: "{B8EF95C7-7B69-486A-A5FE-348158FEB840}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (.not file.)
O87 - FAEL: "{2D64FD10-BD69-4E31-9DE4-A330A344B13D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (.not file.)
O87 - FAEL: "{60C8B623-66B8-46B1-90A7-94D948C206D0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (.not file.)
O87 - FAEL: "{FC4EF9AF-3172-4FBB-B7AC-EE766CF2AB5D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (.not file.)
O87 - FAEL: "{3AC2F41B-669A-4A01-A488-0067A0A27B60}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (.not file.)
O87 - FAEL: "{D5C59EDD-B660-4012-83BB-B1530B7DB8C0}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (.not file.)
O87 - FAEL: "{58406AF2-A788-4F3B-9EAB-ABDA8276B9AA}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (.not file.)
O87 - FAEL: "{2FC9A6FC-A799-4A6D-96EE-7C72111C3D1D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (.not file.)
O87 - FAEL: "TCP Query User{DA85B204-B309-41DA-ADAF-ABD8F979E450}C:\program files (x86)\mozilla firefox\firefox.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\mozilla firefox\firefox.exe (.not file.)
O87 - FAEL: "UDP Query User{CC917D9A-3389-486C-96D3-5EB63B124B30}C:\program files (x86)\mozilla firefox\firefox.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\mozilla firefox\firefox.exe (.not file.)
O87 - FAEL: "{603F2A84-2F87-42D6-B242-21D11B237AD7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (.not file.)
O87 - FAEL: "{55CBC8D7-2D63-4611-BE02-65928CE46B8F}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (.not file.)
O87 - FAEL: "{2A9D63EC-5FD2-4784-A6AA-0C11FBDF309F}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe (.not file.)
O87 - FAEL: "{A733CDCB-B921-4C2A-AD8B-6788046E57FA}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe (.not file.)
O87 - FAEL: "{B91D2D3F-C320-480F-AA29-2E94D3F74480}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe (.not file.)
O87 - FAEL: "{D2F9C968-A0E0-4887-8F81-32BC450ACE62}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe (.not file.)
O87 - FAEL: "{303E3010-0F13-4D26-8C99-F6E9982EA303}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (.not file.)
O87 - FAEL: "{FB09B914-400D-48AD-9028-515461ADB04B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (.not file.)
---\\ Additional Scan (O88) (46) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\AutoKMS =>HackTool.AutoKMS
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\IBUpd2 =>PUP.Optional.BrowserAir
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager =>PUP.Optional.SystemK
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager =>PUP.Optional.SystemK
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\SystemK =>PUP.Optional.SystemK
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\DriverToolkit =>.Superfluous.DriverToolkit
HKCU\SOFTWARE\InstallCore =>Adware.InstallCore
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\Softonic =>.Superfluous.Softonic
HKCU\SOFTWARE\STA =>.Superfluous.ZhuWeiqin
HKCU\SOFTWARE\SystemK =>PUP.Optional.SystemK
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\Program Files (x86)\AVG Web TuneUp =>Toolbar.AVGSafeGuard
C:\Program Files (x86)\Bitlord =>PUP.Optional.WhenUSave
C:\Program Files (x86)\BitLord 2 =>PUP.Optional.WhenUSave
C:\Program Files (x86)\Settings Manager =>PUP.Optional.SettingsManager
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitlord =>PUP.Optional.WhenUSave
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\systemk =>PUP.Optional.SystemK
C:\Users\Sami\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave
C:\WINDOWS\Prefetch\BROWSERAIR.EXE-BE55F020.pf =>PUP.Optional.BrowserAir
C:\WINDOWS\Prefetch\SH_INSTALLER.EXE-AF58EEE7.pf =>.Superfluous.SpyHunter
C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-83704D5A.pf =>.Superfluous.SpyHunter
C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
---\\ Summary of the elements found (21) - 0s
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS
http://www.nicolascoolman.fr/pup-optional-browserair/ =>PUP.Optional.BrowserAir
http://www.nicolascoolman.fr/?p=596 =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/?p=880 =>PUP.Optional.WhenUSave
http://www.nicolascoolman.fr/?p=56 =>PUP.Optional.SystemK
http://www.nicolascoolman.fr/?p=641 =>PUP.Optional.SoftwareUpdater
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SettingsManager
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.WdsManPro
http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.DriverToolkit
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Softonic
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.ZhuWeiqin
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=5143 =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.SpyHunter
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SearchingCom
~ End of the scan, 46441 items in 00h07mn38s (1160)(0)
~ Run by Sami (Administrator) (2016/02/03 08:22:57)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\Sami\Desktop\ZHPDiag.txt
~ Report: C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 64-bit (Build 10586)
---\\ Internet Browsers (1) - 0s
MSIE: Internet Explorer v11.20.10586.0
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (2) - 4s
Kaspersky Internet Security v16.0.0.614
Windows Defender (Deactivate)
---\\ Surveillance software (2) - 5s
Adobe Flash Player 20 NPAPI
Adobe Acrobat Reader DC - Français
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4027.26 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 55 GB () free of 99 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: LUJAIN
~ User Name: Sami
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 55 GB free of 99 GB (System)
~ Drive D: has 122 GB free of 205 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (24) - 1s
[MD5.4572EB3DDBD2DFA10DE7A037A6CC6D53] - 30/10/2015 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4502864] =>.Microsoft Windows®
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.CAD491DD9EC00BB841EA407D9C498C4A] - 30/10/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [290856] =>.Microsoft Windows Publisher®
[MD5.AB4C1A9F37C0B8467AC923ED4AD727D6] - 22/11/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2647552] =>.Microsoft Corporation
[MD5.46C8E60DEDBDA95C102D1B2E74676578] - 30/10/2015 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [584704] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.E7B524818100B0FDE2B057C74B0C0DCD] - 30/10/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [686984] =>.Microsoft Windows®
[MD5.2796C0957F6F05A528DD64B8591371B6] - 30/10/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535088] =>.Microsoft Windows®
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 05/11/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows®
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows®
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.C9478D7DB7BE5D7ACE65CB1167F07320] - 30/10/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.61F9F27A8C3D7BCD287FE98A440421CE] - 30/10/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows®
[MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - 30/10/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279552] =>.Microsoft Corporation
[MD5.EFEFC245B884B1BE0401931398DCD707] - 01/12/2015 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152800] =>.Microsoft Windows®
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.381B8F2311A0375676B635EA5E7C8AB0] - 30/10/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 05/11/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows®
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (16) - 13s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe =>.ASUS Cloud Corporation
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014 - .) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.®
O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe =>.Nitro PDF Software®
O23 - Service: NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe =>.Nitro PDF Software®
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.EXE =>.Nitro PDF Software®
O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealTimes Desktop Service.) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe =>.RealNetworks, Inc.®
O23 - Service: RealTimes Desktop Service (RealTimes Desktop Service) . (.RealNetworks, Inc. - RealTimes Desktop Service.) - c:\program files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
O23 - Service: Service KMSELDI (Service KMSELDI) . (.@ByELDI - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: SMART Helper Service (SMARTHelperService) . (.SMART Technologies - SMART Helper Service For Windows.) - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
---\\ Services not Microsoft (SR=Run, SS=Stop) (22) - 80s
SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [20/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [31/05/2015] [ 71168] Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation.) - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe =>.ASUS Cloud Corporation
SR - Auto [02/02/2016] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab®
SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
SS - Demand [26/01/2015] [ 1074480] FlexNet Licensing Service (FlexNet Licensing Service) . (.Flexera Software LLC.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe =>.Flexera Software LLC®
SS - Demand [26/01/2015] [ 1484080] FlexNet Licensing Service 64 (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe =>.Flexera Software LLC®
SR - Auto [20/08/2014] [ 242256] Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014.) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.®
SR - Auto [16/07/2014] [ 230920] NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software.) - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe =>.Nitro PDF Software®
SR - Auto [16/07/2014] [ 417800] NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe =>.Nitro PDF Software®
SR - Auto [16/07/2014] [ 69640] Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\NLSSRV32.EXE =>.Nitro PDF Software®
SS - Auto [21/09/2015] [ 1103656] RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc..) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
SR - Auto [16/09/2015] [ 33088] RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe =>.RealNetworks, Inc.®
SS - Auto [21/09/2015] [ 1103656] RealTimes Desktop Service (RealTimes Desktop Service) . (.RealNetworks, Inc..) - c:\program files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
SR - Auto [27/09/2015] [ 739520] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SS - Demand [18/04/2013] [ 737616] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe =>.Nokia®
SS - Auto [11/12/2014] [ 315496] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [09/12/2014] [ 695600] SMART Helper Service (SMARTHelperService) . (.SMART Technologies.) - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
SR - Auto [21/05/2015] [ 743688] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD®
SR - Auto [11/09/2015] [ 246472] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SS - Demand [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe =>.Kaspersky Lab®
---\\ Task Planned Automatically (28) - 6s
[MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] =>.Adobe Systems, Incorporated®
[MD5.295A5BFCE8D225D014DB4E6E69336279] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated®
[MD5.582F07F389C28CE5A511269AF927F0A3] [APT] [AutoKMS] (.CODYQX4.) -- C:\Windows\AutoKMS\AutoKMS.exe [5196288] =>HackTool.AutoKMS
[MD5.EBF9EE1FD3CAF93596208A4EF1A5B942] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [740032] =>HackTool.KMSpico
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core] (.Facebook Inc..) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] =>.Facebook, Inc.®
[MD5.00000000000000000000000000000000] [APT] [IBUpd2] (...) -- C:\Users\Sami\AppData\Local\BrowserAir\47.0.0.3\updater.exe (.not file.) [0] =>PUP.Optional.BrowserAir
[MD5.A6FB0D5DE6EA45EE92FE58987E038D5E] [APT] [RealDownloader Update Check] (.Copyright © RealNetworks, Inc. 1995-2012.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [598800] =>.RealNetworks, Inc.®
[MD5.7FDBA5B219A14E4EF5A422A0E97E237A] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [342824] =>.RealNetworks, Inc.®
[MD5.CC2B620248A8C8712ED2979E209959CC] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [143624] =>.RealNetworks, Inc.®
[MD5.CC2B620248A8C8712ED2979E209959CC] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [143624] =>.RealNetworks, Inc.®
[MD5.5D6E251C20366D498E0D6BCFB38A622E] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648] =>.Synaptics Incorporated®
[MD5.00000000000000000000000000000000] [APT] [{77CE527D-EC62-44B1-98AE-4EF84420BF16}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EBDD6B4D-1A4E-4C3B-8B74-C4D2781989E6}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] =>.Apple Inc.®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core.job [916] =>.Facebook Inc.
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job [264] =>.Synaptics Incorporated
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3816] =>.Adobe Systems Incorporated
O39 - APT: AutoKMS - (.CODYQX4.) -- C:\WINDOWS\System32\Tasks\AutoKMS [3808] =>HackTool.AutoKMS
O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3456] =>HackTool.KMSpico
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core - (.Facebook Inc..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core [3300] =>.Facebook Inc.
O39 - APT: IBUpd2 - (...) -- C:\WINDOWS\System32\Tasks\IBUpd2 [3302] (.Orphean.) =>PUP.Optional.BrowserAir
O39 - APT: RealDownloader Update Check - (.Copyright © RealNetworks, Inc. 1995-2012.) -- C:\WINDOWS\System32\Tasks\RealDownloader Update Check [2496]
O39 - APT: RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [2676] =>.RealNetworks, Inc.
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [2528] =>.RealNetworks, Inc.
O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [3602] =>.RealNetworks, Inc.
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements [2254] =>.Synaptics Incorporated
---\\ Process running (30) - 4s
[MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1884] =>.Adobe Systems, Incorporated®
[MD5.133F82B6391F3390BECFA429C23FB2BE] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) -- C:\Windows\System32\Crypserv.exe [122880] [PID.1952]
[MD5.50C3C62FFE6337E6E4F2F01CB07DF63C] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000] [PID.1984] =>.Kaspersky Lab®
[MD5.0E04ABFDF6A48FE6B2BFEF37B858FFE9] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.EXE [69640] [PID.1352] =>.Nitro PDF Software®
[MD5.2EF9F9A28CA7E0B5601ACF3FC7B78965] - (...) -- C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800] [PID.1584] =>.Nitro PDF Software®
[MD5.0FFFFF9ED9392A7A925B4EA70C43C874] - (.@ByELDI - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe [739520] [PID.1748] =>HackTool.KMSpico
[MD5.EA5EC8EA51F9214B3175BDA3B2724D96] - (...) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088] [PID.1808] =>.RealNetworks, Inc.®
[MD5.57BECA30181C7948B7D506EC81FD5EEC] - (.Nitro PDF Software - Nitro PDF Spool Service.) -- C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920] [PID.1844] =>.Nitro PDF Software®
[MD5.AED1BB51CAB8A180DEAC27350DA4935F] - (.SMART Technologies - SMART Helper Service For Windows.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [695600] [PID.2056] {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
[MD5.E1415A51EFD0FB87649954C76BEE32D9] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.2152] =>.Synaptics Incorporated®
[MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.2208] =>.DEVGURU CO LTD®
[MD5.53D6A8E4BAA773E1E628EF3A68413CD2] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168] [PID.2260] =>.ASUS Cloud Corporation
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.2284] =>.WIBU-SYSTEMS AG®
[MD5.533AA4A69EE91B1C53910EF57E314DEF] - (.Copyright (C) 2014 - .) -- C:\ProgramData\MobileBrServ\mbbservice.exe [242256] [PID.2364] =>.Huawei Technologies Co., Ltd.®
[MD5.932A21CF0DA4E951C7C4A62D27E6D8FB] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe [211712] [PID.4840] =>.Kaspersky Lab®
[MD5.5D6E251C20366D498E0D6BCFB38A622E] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648] [PID.4956] =>.Synaptics Incorporated®
[MD5.35E28307F14F9CFDF40376F344E79562] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [210120] [PID.3596] =>.Synaptics Incorporated®
[MD5.904CA475F6ADD4080B0EA5144D23FDF1] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe [144384] [PID.4916]
[MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.5340] =>.Microsoft Corporation®
[MD5.BA4177E3E3E0B3296C1579135CCEBBB6] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\lsas.exe [557184] [PID.6252] =>.Superfluous.Guangxi
[MD5.B262FD3ACE0042E4C71FE95379D82F1A] - (.RealNetworks, Inc. - RealTimes Service UI.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe [1217320] [PID.6472] =>.RealNetworks, Inc.®
[MD5.4A9F609B4120F616D44D087EBC462A3B] - (.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\SBWDKService.exe [5794304] [PID.6552] =>.Joyent, Inc
[MD5.A6FB0D5DE6EA45EE92FE58987E038D5E] - (.Copyright © RealNetworks, Inc. 1995-2012 - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [598800] [PID.6604] =>.RealNetworks, Inc.®
[MD5.4557929F118EBE411F22C7E6014596D5] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\auds.exe [208512] [PID.7052] =>.Superfluous.Guangxi
[MD5.B074BCA3C38CD75CBB45D7B00018B55F] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\tslog.exe [193152] [PID.7064] =>.Superfluous.Guangxi
[MD5.1A113EB5F555F55A031BFACF6A57DC6E] - (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe [2388336] [PID.6980] =>.Apple Inc.®
[MD5.7FDBA5B219A14E4EF5A422A0E97E237A] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [342824] [PID.1552] =>.RealNetworks, Inc.®
[MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.7264] =>.Apple Inc.®
[MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.4280] =>.Apple Inc.®
[MD5.13A8776C85A0B17F70AC4FAE92737641] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Sami\AppData\Local\Temp\mpwp7sde.tmp\ZHPDiag3.exe [2107392] [PID.3232] =>.Nicolas Coolman
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (11) - 1s
M0 - MFSP: prefs.js [Sami - 0s20p23z.default] http://www.google.fr/
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.FRA
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.xpt
P2 - EXT FILE: (...) -- C:\Users\Sami\AppData\Roaming\Mozilla\Firefox\Profiles\0s20p23z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Users\Sami\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll =>.Skype Limited
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll =>.Adobe Systems Incorporated
P2 - FPN: [HKLM] [@nitropdf.com/NitroPDF] - (.Nitro PDF.) -- C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll
P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Nokia.) -- C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll =>.Nokia
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=18.1.0.1236] - (.RealTimes.) -- c:\program files (x86)\Real\realplayer\Netscape6\nprpplugin.dll
---\\ Opera, Plugins,Start,Search (1) - 1s
B0 - OCSP: Preferences [Sami][HomePage] http://www.sweet-page.com/?type=hp&ts=1441706776&z=c6329c5e29ab10f50cc5aa8g7z5z0gembebqam0mbq&from=cor&uid=TOSHIBAXMK3263GSXN_30Q7F60WSXX30Q7F60WS
---\\ Internet Explorer Extensions, Start, Search (16) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKEY_USERS\S-1-5-21-3690107929-2776208281-3965692235-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Browser Helper Object (BHO) (7) - 0s
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealTimes Video Downloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll =>.RealNetworks, Inc.®
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: (no name) [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} (Orphean)
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (.not file.)
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll =>.Kaspersky Lab®
O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
---\\ Auto loading programs from Registry and folders (27) - 2s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe =>.Facebook, Inc.®
O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia®
O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] (Orphean)
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\program files (x86)\Real\realplayer\Update\realsched.exe =>.RealNetworks, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [SMARTNotification] . (.SMART Technologies - SMART Notification.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [SMART Tray Tools] . (.SMART Technologies - SMART System Menu.) -- C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [SMART Board Service] . (.SMART Technologies - SMART Board Service.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [sbsdk-server] . (.SMART Technologies - Node Launcher.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies
O4 - HKLM\..\Wow6432Node\Run: [SMART Floating Tools] . (.SMART Technologies ULC - SMART Board Tools.) -- C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies ULC
O4 - HKLM\..\Wow6432Node\Run: [WebStorage] . (...) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe =>.ASUS Cloud Corporation®
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [RealDownloader] . (.Copyright © RealNetworks, Inc. 1995-2012 - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe =>.RealNetworks, Inc.®
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - HKLM\..\Wow6432Node\Run: [setup] C:\Users\Sami\AppData\Local\Temp\setup.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [MTview] C:\Program Files (x86)\MTV20151125\MTView.exe (.not file.)
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe =>.Facebook, Inc.®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation®
O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation®
---\\ Global shortcuts Startup (41) - 8s
O4 - GS\Desktop [Administrator]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Administrator]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrator]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\Desktop [Guest]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Guest]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Guest]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Guest]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\Desktop [Sami]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\Desktop [Sami]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Sami]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\Quicklaunch [Sami]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\Quicklaunch [Sami]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Sami]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Sami]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Sami]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe
O4 - GS\sendTo [Sami]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated®
O4 - GS\CommonDesktop [Public]: Configure Kodu Game Lab.lnk . (.MSIT - BokuPreBoot.) C:\Program Files (x86)\Microsoft Research\Kodu Game Lab\BokuPreBoot.exe
O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated®
O4 - GS\CommonDesktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: Kodu Game Lab.lnk . (.Microsoft Research - Kodu Game Lab.) C:\Program Files (x86)\Microsoft Research\Kodu Game Lab\Boku.exe =>.Microsoft Research
O4 - GS\CommonDesktop [Public]: Nitro Pro 9.lnk . (.Nitro PDF - .) C:\Program Files (x86)\Nitro\Pro 9\NitroPDF.exe
O4 - GS\CommonDesktop [Public]: Nokia Suite.lnk . (.Nokia - Nokia Suite.) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia®
O4 - GS\CommonDesktop [Public]: RealPlayer (RealTimes).lnk . (.RealNetworks, Inc. - RealTimes.) C:\program files (x86)\real\realplayer\RealPlay.exe =>.RealNetworks, Inc.®
O4 - GS\CommonDesktop [Public]: Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\CommonDesktop [Public]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\CommonDesktop [Public]: SMART Notebook 14.lnk . (.SMART Technologies ULC - SMART Notebook.) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies ULC
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Startup [Public]: RealTimes.lnk . (.RealNetworks, Inc. - RealTimes Service UI.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe =>.RealNetworks, Inc.®
---\\ Lop.com/Domain Hijackers (6) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5987cd7f-d36c-4056-9aee-eee6dd48609c}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74743d34-653e-4b29-b86a-d570a5904abd}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ab7dba65-ca52-4359-86a5-612b60f14c65}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e4668e03-9734-4409-a573-e1646eb7a73c}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ab7dba65-ca52-4359-86a5-612b60f14c65}: DhcpDomain = hi.link
---\\ Extra protocols (24) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation
O18 - Handler: mso-minsb.16 [64Bits] - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Software installed (96) - 28s
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CC 2014 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D7A4F897-B20A-42D0-862D-CB5F6DB7391D} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc.
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 =>.Audacity Team
O42 - Logiciel: BitLord 2.3 - (.House of Life.) [HKLM][64Bits] -- BitLord =>PUP.Optional.WhenUSave
O42 - Logiciel: Canon Easy-PhotoPrint EX - (.Canon Inc..) [HKLM][64Bits] -- Easy-PhotoPrint EX =>.Canon Inc.®
O42 - Logiciel: Canon MX350 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series =>.Canon Inc.®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: EpsonNet Config V4 - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA} =>.SEIKO EPSON CORPORATION®
O42 - Logiciel: EpsonNet SetupManager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {BB828C7B-44A6-4A83-A96E-EF80B8680B8D} =>.Seiko Epson Corporation
O42 - Logiciel: EpsonNet SetupManager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D} =>.Seiko Epson Corporation
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} =>.Skype Limited
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 =>.Foxit Software Incorporated®
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B} =>.Microsoft Corporation
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab
O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
O42 - Logiciel: Kodu Game Lab - (.Microsoft Research.) [HKLM][64Bits] -- {4D172E50-1EF5-4B07-B408-A12DB50CC542} =>.Microsoft Research
O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM][64Bits] -- LAME_is1
O42 - Logiciel: MEGA7 version 7.0.9 - (.iGEM.) [HKLM][64Bits] -- {0F8E7D37-27B9-4BFF-9AC7-96321D8467E5}_is1
O42 - Logiciel: Microsoft Access MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0015-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0117-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0090-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0016-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00BA-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0044-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00A1-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001A-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0018-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0019-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Skype for Business MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-012B-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Word MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001B-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Mobile Broadband HL Service =>.Huawei Technologies Co., Ltd.®
O42 - Logiciel: MSVC80_x64_v2 - (.Nokia.) [HKLM][64Bits] -- {4D668D4F-FAA2-4726-834C-31F4614F312E} =>.Nokia
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM][64Bits] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} =>.Nokia
O42 - Logiciel: MSVC90_x64 - (.Nokia.) [HKLM][64Bits] -- {AB071C8B-873C-459F-ACA9-9EBE03C3E89B} =>.Nokia
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM][64Bits] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} =>.Nokia
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58} =>.Sony Creative Software Inc.
O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D66B7840-6A9B-11E4-8FED-F04DA23A5C58} =>.Sony Creative Software Inc.
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft
O42 - Logiciel: Nitro Pro 9 - (.Nitro.) [HKLM][64Bits] -- {1325EE91-6AB4-4250-9780-8713FABBBD9A} =>.Nitro
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM][64Bits] -- {29373274-977E-413C-A4DE-DC0F8E80C429} =>.Nokia
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- {88B6F9DE-C80F-4A70-ACF6-BEE933679170} =>.Nokia
O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- Nokia Suite =>.Nokia®
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM][64Bits] -- {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B} =>.Nokia
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM][64Bits] -- {FB20AA56-F683-463A-8812-90A3507E96F9} =>.RealNetworks, Inc.
O42 - Logiciel: RealDownloader - (.RealNetworks.) [HKLM][64Bits] -- {0415f03a-c9b1-4179-ad1c-b7511ae49c2a} =>.RealNetworks, Inc.®
O42 - Logiciel: RealDownloader - (.RealNetworks.) [HKLM][64Bits] -- {E60834D5-24DD-4C76-A9A6-5A6766FB4448} =>.RealNetworks
O42 - Logiciel: RealPlayer Cloud - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 17.0 =>.RealNetworks, Inc.®
O42 - Logiciel: RealTimes (RealPlayer) - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 18.1 =>.RealNetworks, Inc.®
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.RealNetworks, Inc.
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} =>.Apple Inc.
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM][64Bits] -- SAMSUNG Mobile Modem
O42 - Logiciel: Samsung Mobile phone USB driver Drive Software - (...) [HKLM][64Bits] -- Samsung Mobile phone USB driver Drive
O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem 1.0 =>.MCCI Corporation®
O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem =>.MCCI Corporation®
O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {C79A37F3-C076-48BE-B290-F4C8676ABD74} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: Settings Manager - (.Aztec Media Inc.) [HKLM][64Bits] -- Settings Manager =>PUP.Optional.SystemK
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 7.0 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A.
O42 - Logiciel: SMART Arabic Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {CB886E2E-81D3-4995-BB75-C0D49E8DAFB1} =>.SMART Technologies ULC
O42 - Logiciel: SMART Common Platform - (.SMART Technologies ULC.) [HKLM][64Bits] -- {0E5DD7A3-BE29-430C-970B-C553F4A58C39} =>.SMART Technologies ULC
O42 - Logiciel: SMART English (United Kingdom) Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {D2EEF167-5418-4DD4-8370-E168D867E8E2} =>.SMART Technologies ULC
O42 - Logiciel: SMART French Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {41CE2133-DAA6-4360-8C57-01AE7896DCAE} =>.SMART Technologies ULC
O42 - Logiciel: SMART French Language Pack - (.SMART Technologies ULC.) [HKLM][64Bits] -- {3B86CEC2-94D4-4511-B4DD-13AA84A2B6A1} =>.SMART Technologies ULC
O42 - Logiciel: SMART Notebook - (.SMART Technologies ULC.) [HKLM][64Bits] -- {18E53BBD-971F-4A77-9620-EB2C1539E308} =>.SMART Technologies ULC
O42 - Logiciel: SMART Pilotes de produit - (.SMART Technologies ULC.) [HKLM][64Bits] -- {67F35E75-A186-4F80-B291-8283331D5550} =>.SMART Technologies ULC
O42 - Logiciel: Software Version Updater - (...) [HKLM][64Bits] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation®
O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM][64Bits] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37} =>.RealNetworks, Inc.
O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM][64Bits] -- Usbfix =>.El Desaparecido - www.usbfix.net - www.sosvirus.net
O42 - Logiciel: Video Downloader - (.RealNetworks.) [HKLM][64Bits] -- {E60AFF01-6087-47BD-8272-61FA3CFC309D} =>.RealNetworks
O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484} =>.AVG Technologies
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: WebStorage - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- WebStorage =>.ASUS Cloud Corporation
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) - (.Nokia.) [HKLM][64Bits] -- 62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F =>.Microsoft Windows®
O42 - Logiciel: WinRAR 5.10 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: XMedia Recode version 3.2.6.0 - (.XMedia Recode.) [HKLM][64Bits] -- {DDA3C325-47B2-4730-9672-BF3771C08799}_is1
---\\ HKCU & HKLM Software Keys (163) - 28s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Avg
HKLM\SOFTWARE\Wow6432Node\Bigasoft
HKLM\SOFTWARE\Wow6432Node\Canon
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Cisco
HKLM\SOFTWARE\Wow6432Node\Client
HKLM\SOFTWARE\Wow6432Node\ECAREME
HKLM\SOFTWARE\Wow6432Node\EpsonNet
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\Gentee
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\Huawei technologies
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\Wow6432Node\iTinySoft
HKLM\SOFTWARE\Wow6432Node\KasperskyLab
HKLM\SOFTWARE\Wow6432Node\Lame For Audacity
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Macrovision
HKLM\SOFTWARE\Wow6432Node\MarkAny
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nalpeiron
HKLM\SOFTWARE\Wow6432Node\National Instruments
HKLM\SOFTWARE\Wow6432Node\NewBlue
HKLM\SOFTWARE\Wow6432Node\Nokia
HKLM\SOFTWARE\Wow6432Node\Nokia Mobile Phones
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PC Connectivity Solution
HKLM\SOFTWARE\Wow6432Node\PCDataApp
HKLM\SOFTWARE\Wow6432Node\PCSuite
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION
HKLM\SOFTWARE\Wow6432Node\SHARP
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SMART Technologies
HKLM\SOFTWARE\Wow6432Node\SMART Technologies Inc.
HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\Wow6432Node\Sony Creative Software
HKLM\SOFTWARE\Wow6432Node\SOSVirus
HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery
HKLM\SOFTWARE\Wow6432Node\Stellar information Systems ltd.
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\SystemK =>PUP.Optional.SystemK
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\VideoLAN
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WafCX
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp.
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Anvsoft
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\Avg Secure Update
HKCU\SOFTWARE\Bigasoft
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Bytescout
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\Clubic
HKCU\SOFTWARE\DirectShow
HKCU\SOFTWARE\DriverToolkit =>.Superfluous.DriverToolkit
HKCU\SOFTWARE\ECAREME
HKCU\SOFTWARE\EpsonNet
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\Format Factory
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Freeware
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\InstallCore =>Adware.InstallCore
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Ligos
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Mine
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Network Optix
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\Nitro
HKCU\SOFTWARE\Nokia
HKCU\SOFTWARE\O&O
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PCDataApp
HKCU\SOFTWARE\PCSuite
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Real
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Redemption
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\SHARP
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\SMART Technologies
HKCU\SOFTWARE\SMART Technologies Inc.
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\Softonic =>.Superfluous.Softonic
HKCU\SOFTWARE\Sony Creative Software
HKCU\SOFTWARE\STA =>.Superfluous.ZhuWeiqin
HKCU\SOFTWARE\Streaming Video Recorder
HKCU\SOFTWARE\SWiSHzone.com
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\SystemK =>PUP.Optional.SystemK
HKCU\SOFTWARE\TAdvCheckList
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\tvp
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\UpdateStar
HKCU\SOFTWARE\Usbfix
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VideoLAN
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wintertree
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\WsAudio_Device
HKCU\SOFTWARE\WSVCUPlugin
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\MarkAny
---\\ Contents of the Common Files folders (274) - 45s
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 21/07/2014 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.®
O43 - CFD: 01/10/2014 - [] D -- C:\Program Files (x86)\ASUS
O43 - CFD: 27/07/2014 - [] AD -- C:\Program Files (x86)\Audacity
O43 - CFD: 17/06/2015 - [] D -- C:\Program Files (x86)\AVG Web TuneUp =>Toolbar.AVGSafeGuard
O43 - CFD: 12/09/2015 - [0] D -- C:\Program Files (x86)\Bitlord =>PUP.Optional.WhenUSave
O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\BitLord 2 =>PUP.Optional.WhenUSave
O43 - CFD: 13/12/2014 - [] D -- C:\Program Files (x86)\Canon
O43 - CFD: 29/09/2015 - [] D -- C:\Program Files (x86)\CDRoller
O43 - CFD: 28/09/2015 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG®
O43 - CFD: 27/01/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 11/06/2015 - [] D -- C:\Program Files (x86)\Eduserv
O43 - CFD: 20/04/2015 - [] D -- C:\Program Files (x86)\EpsonNet =>.SEIKO EPSON Corporation®
O43 - CFD: 15/01/2015 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software Incorporated®
O43 - CFD: 28/09/2015 - [0] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 31/08/2014 - [] D -- C:\Program Files (x86)\GUMD13A.tmp =>.Google Inc®
O43 - CFD: 24/10/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 30/12/2015 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Kaspersky Lab =>.Kaspersky Lab®
O43 - CFD: 31/07/2014 - [] AD -- C:\Program Files (x86)\Lame For Audacity
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation®
O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 28/10/2015 - [] D -- C:\Program Files (x86)\Microsoft Research
O43 - CFD: 30/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 25/04/2015 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 02/02/2016 - [] AD -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 10/08/2014 - [] D -- C:\Program Files (x86)\Nitro
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files (x86)\Nokia
O43 - CFD: 11/09/2015 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 22/06/2014 - [] AD -- C:\Program Files (x86)\PC Connectivity Solution =>.Microsoft Windows®
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Real =>.RealNetworks, Inc.®
O43 - CFD: 21/09/2015 - [] AD -- C:\Program Files (x86)\RealNetworks =>.RealNetworks, Inc.®
O43 - CFD: 06/03/2015 - [] AD -- C:\Program Files (x86)\Safari =>.Apple Inc.®
O43 - CFD: 29/09/2015 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics CO., LTD.®
O43 - CFD: 28/01/2016 - [0] D -- C:\Program Files (x86)\Settings Manager =>PUP.Optional.SettingsManager
O43 - CFD: 28/09/2015 - [0] D -- C:\Program Files (x86)\SHARP
O43 - CFD: 18/01/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl®
O43 - CFD: 26/01/2015 - [] AD -- C:\Program Files (x86)\SMART Technologies {527D6AFB843C2E8BE75BF8BBA4E8B734}
O43 - CFD: 28/09/2015 - [] D -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery =>.Stellar Information Systems Limited®
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Total Video Converter
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\t_201601241301 =>.Superfluous.Guangxi
O43 - CFD: 26/12/2015 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 02/07/2014 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 25/04/2015 - [] AD -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation®
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 14/07/2014 - [] AD -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®
O43 - CFD: 21/09/2015 - [] AD -- C:\Program Files (x86)\XMedia Recode
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
O43 - CFD: 21/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitlord =>PUP.Optional.WhenUSave
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet
O43 - CFD: 30/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
O43 - CFD: 02/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA7
O43 - CFD: 26/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research
O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
O43 - CFD: 24/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies
O43 - CFD: 25/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
O43 - CFD: 24/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÃÀͼä¯ÀÀ
O43 - CFD: 11/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÎÏãÇÊ ãÏÑÓíøÉ
O43 - CFD: 19/12/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\خدمات مدرسيّة
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 21/07/2014 - [] D -- C:\ProgramData\Apple
O43 - CFD: 21/07/2014 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\ASUS WebStorage
O43 - CFD: 06/12/2014 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 28/01/2016 - [0] D -- C:\ProgramData\Baidu
O43 - CFD: 17/12/2014 - [] HD -- C:\ProgramData\CanonBJ
O43 - CFD: 13/12/2014 - [0] HD -- C:\ProgramData\CanonEPP
O43 - CFD: 13/12/2014 - [0] HD -- C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 06/03/2015 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Denyalive
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Dim@net
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\Foxit ContentPlatform
O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\HP
O43 - CFD: 12/07/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 03/02/2016 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\LAT 2.0 - FR
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\MFAData
O43 - CFD: 26/12/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 28/01/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 26/06/2015 - [] D -- C:\ProgramData\MobileBrServ
O43 - CFD: 21/06/2014 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 10/08/2014 - [] D -- C:\ProgramData\Nitro
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Nokia
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\OO Software
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 25/06/2014 - [] D -- C:\ProgramData\PC Suite
O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 21/12/2014 - [] D -- C:\ProgramData\Real
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\RealNetworks
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 26/01/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\SAS
O43 - CFD: 23/12/2014 - [] D -- C:\ProgramData\Skype
O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\SMART Technologies
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\SysDev Laboratories
O43 - CFD: 21/12/2014 - [0] D -- C:\ProgramData\systemk =>PUP.Optional.SystemK
O43 - CFD: 28/09/2015 - [0] D -- C:\ProgramData\TEMP
O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\WebStorage
O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 13/09/2015 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate
O43 - CFD: 13/09/2015 - [0] D -- C:\ProgramData\xml_param
O43 - CFD: 21/08/2015 - [] D -- C:\ProgramData\Yammer
O43 - CFD: 24/12/2015 - [] AD -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 03/07/2015 - [] D -- C:\Program Files (x86)\Common Files\AWS
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Config
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Common Files\eSellerate
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 26/01/2015 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 10/08/2014 - [] AD -- C:\Program Files (x86)\Common Files\Nitro
O43 - CFD: 02/08/2015 - [] AD -- C:\Program Files (x86)\Common Files\Nokia
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 16/12/2014 - [] AD -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 26/01/2015 - [] AD -- C:\Program Files (x86)\Common Files\SMART Technologies
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 25/04/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 30/09/2014 - [] D -- C:\Program Files (x86)\Common Files\xing shared
O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Adobe
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Anvsoft
O43 - CFD: 21/12/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Apowersoft
O43 - CFD: 20/08/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Apple Computer
O43 - CFD: 07/03/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Audacity
O43 - CFD: 23/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\avidemux
O43 - CFD: 03/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\awsRun
O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Bigasoft Total Video Converter 5
O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 01/08/2014 - [0] D -- C:\Users\Sami\AppData\Roaming\DMCache
O43 - CFD: 10/08/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Downloaded Installations
O43 - CFD: 04/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\ESET
O43 - CFD: 21/12/2014 - [] D -- C:\Users\Sami\AppData\Roaming\FirefoxToolbar
O43 - CFD: 23/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Foxit Software
O43 - CFD: 08/09/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Identities
O43 - CFD: 23/04/2015 - [] D -- C:\Users\Sami\AppData\Roaming\InstallShield
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Macromedia
O43 - CFD: 15/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\MediaInfo
O43 - CFD: 11/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA6_6140226
O43 - CFD: 26/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64
O43 - CFD: 27/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA_Global
O43 - CFD: 26/12/2015 - [] SD -- C:\Users\Sami\AppData\Roaming\Microsoft
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Mozilla
O43 - CFD: 21/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Nitro
O43 - CFD: 18/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Nitro PDF
O43 - CFD: 30/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Nokia
O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Nokia Suite
O43 - CFD: 08/09/2015 - [0] D -- C:\Users\Sami\AppData\Roaming\notepad
O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Opera Software
O43 - CFD: 18/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\PC Suite
O43 - CFD: 21/09/2015 - [0] D -- C:\Users\Sami\AppData\Roaming\Publish Providers
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Python-Eggs
O43 - CFD: 01/02/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Real
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\RealNetworks
O43 - CFD: 24/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Samsung
O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Shortcut
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Skype
O43 - CFD: 26/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\SMART Technologies
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\SMART Technologies Inc
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Sony
O43 - CFD: 27/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\SysDev Laboratories
O43 - CFD: 25/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Temp
O43 - CFD: 06/03/2015 - [] D -- C:\Users\Sami\AppData\Roaming\TuneUp Software
O43 - CFD: 02/02/2016 - [] D -- C:\Users\Sami\AppData\Roaming\vlc
O43 - CFD: 30/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\WebStorage
O43 - CFD: 21/06/2014 - [0] SHD -- C:\Users\Sami\AppData\Roaming\WindowsDebugger
O43 - CFD: 14/07/2014 - [] D -- C:\Users\Sami\AppData\Roaming\WinRAR
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Wondershare Video Converter Ultimate
O43 - CFD: 21/08/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Yammer
O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Roaming\ZHP
O43 - CFD: 26/12/2015 - [0] D -- C:\Users\Sami\AppData\Local\ActiveSync
O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Adobe
O43 - CFD: 21/07/2014 - [] D -- C:\Users\Sami\AppData\Local\Apple
O43 - CFD: 01/08/2014 - [] D -- C:\Users\Sami\AppData\Local\Apple Computer
O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\Application Data
O43 - CFD: 21/08/2015 - [] D -- C:\Users\Sami\AppData\Local\Apps
O43 - CFD: 21/05/2015 - [] D -- C:\Users\Sami\AppData\Local\Avg
O43 - CFD: 07/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Avg2015
O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sami\AppData\Local\CEF
O43 - CFD: 27/12/2015 - [] D -- C:\Users\Sami\AppData\Local\Comms
O43 - CFD: 27/01/2016 - [0] D -- C:\Users\Sami\AppData\Local\Diagnostics
O43 - CFD: 03/02/2016 - [0] D -- C:\Users\Sami\AppData\Local\ElevatedDiagnostics
O43 - CFD: 11/09/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\EmieSiteList
O43 - CFD: 11/09/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\EmieUserList
O43 - CFD: 17/06/2015 - [] D -- C:\Users\Sami\AppData\Local\ESET
O43 - CFD: 31/07/2014 - [] D -- C:\Users\Sami\AppData\Local\Facebook
O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Local\fontconfig
O43 - CFD: 16/05/2015 - [] D -- C:\Users\Sami\AppData\Local\Foxit Reader
O43 - CFD: 24/11/2015 - [] D -- C:\Users\Sami\AppData\Local\Google
O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\History
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Macromedia
O43 - CFD: 06/03/2015 - [] D -- C:\Users\Sami\AppData\Local\MFAData
O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Local\Microsoft
O43 - CFD: 29/01/2016 - [] D -- C:\Users\Sami\AppData\Local\Microsoft Help
O43 - CFD: 18/09/2015 - [] D -- C:\Users\Sami\AppData\Local\MicrosoftEdge
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Mozilla
O43 - CFD: 11/09/2015 - [0] D -- C:\Users\Sami\AppData\Local\NetworkTiles
O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Nokia
O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Local\NokiaAccount
O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Local\Opera Software
O43 - CFD: 01/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Packages
O43 - CFD: 23/12/2014 - [0] D -- C:\Users\Sami\AppData\Local\PackageStaging
O43 - CFD: 12/09/2015 - [0] D -- C:\Users\Sami\AppData\Local\PeerDistRepub
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Programs
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Publishers
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Real
O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Samsung
O43 - CFD: 15/07/2014 - [] D -- C:\Users\Sami\AppData\Local\SAS
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Skype
O43 - CFD: 26/01/2015 - [] D -- C:\Users\Sami\AppData\Local\SMART Technologies
O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\SMART Technologies Inc
O43 - CFD: 29/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Sony
O43 - CFD: 23/10/2015 - [] D -- C:\Users\Sami\AppData\Local\speech
O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Temp
O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\Temporary Internet Files
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\TileDataLayer
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\VirtualStore
O43 - CFD: 26/10/2015 - [] D -- C:\Users\Sami\AppData\Local\Windows Live
O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Wondershare
O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 27/01/2016 - [0] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
---\\ Latest files created in Prefetcher (3) - 12s
O45 - LFCP:[MD5.F5DB5CF8162E39BA4B6156A75F8AE67C] 24/01/2016 A -- C:\WINDOWS\Prefetch\BROWSERAIR.EXE-BE55F020.pf =>PUP.Optional.BrowserAir
O45 - LFCP:[MD5.3F5F3C2EE68A5C6B7CD7203B8850FAC0] 27/01/2016 A -- C:\WINDOWS\Prefetch\SH_INSTALLER.EXE-AF58EEE7.pf =>.Superfluous.SpyHunter
O45 - LFCP:[MD5.188FF314060D600FD52F13C29267CE87] 27/01/2016 A -- C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-83704D5A.pf =>.Superfluous.SpyHunter
---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation®
---\\ System Drivers List (88) - 19s
O58 - SDL:2015/10/30 08:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows®
O58 - SDL:2011/11/28 14:51:44 A . (.AnvSoft Inc. - AnvSoft Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\anvsnddrv.sys [33872] =>.AnvSoft Co., Ltd.®
O58 - SDL:2014/04/09 22:05:52 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [31920] =>.APOWERSOFT LIMITED®
O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 08:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows®
O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\WINDOWS\System32\drivers\cm_km.sys [389816] =>.Kaspersky Lab®
O58 - SDL:2014/09/22 09:20:06 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\WINDOWS\System32\drivers\EpfwLWF.sys [44632] =>.ESET, spol. s r.o.®
O58 - SDL:2015/01/04 12:48:48 A . (.ESET - ESET Cleaners Driver.) -- C:\WINDOWS\System32\drivers\ESETCleanersDriver.sys [170280] =>.ESET, spol. s r.o.®
O58 - SDL:2016/01/27 00:07:25 A . (...) -- C:\WINDOWS\System32\drivers\EsgScanner.sys [22704] =>.Superfluous.SpyHunter
O58 - SDL:2015/10/30 08:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows®
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys [117248] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys [87040] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys [98304] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys [72192] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys [28672] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [13952] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2015/10/30 08:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows®
O58 - SDL:2012/03/23 18:13:28 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [10627744] =>.Intel Corporation
O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [53432] =>.Kaspersky Lab®
O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [70512] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:51:00 A . (.Kaspersky Lab ZAO - Virtual Disk [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kldisk.sys [68280] =>.Kaspersky Lab®
O58 - SDL:2015/06/24 01:28:32 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [30328] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2016/02/03 02:42:00 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [181640] =>.Kaspersky Lab®
O58 - SDL:2016/02/02 23:46:32 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [227512] =>.Kaspersky Lab®
O58 - SDL:2016/02/03 02:42:01 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [934272] =>.Kaspersky Lab®
O58 - SDL:2015/06/11 19:35:38 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [39608] =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [41656] =>.Kaspersky Lab®
O58 - SDL:2016/02/03 02:42:02 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [41352] =>.Kaspersky Lab®
O58 - SDL:2016/02/03 02:42:02 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [87944] =>.Kaspersky Lab®
O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [102584] =>.Kaspersky Lab®
O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kneps.sys [187056] =>.Kaspersky Lab®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows®
O58 - SDL:2014/12/09 17:47:52 A . (.Copyright (C) 2009 - NWHIDFil.) -- C:\WINDOWS\System32\drivers\NWLowRider.sys [25456] {309768CB6AA9FEDD5F445CD83298E4E2}
O58 - SDL:2014/12/09 17:47:52 A . (.Copyright (C) 2009 - Kernel.) -- C:\WINDOWS\System32\drivers\NWTransLibLR.sys [157552] {309768CB6AA9FEDD5F445CD83298E4E2}
O58 - SDL:2012/10/17 14:53:46 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\drivers\pccsmcfdx64.sys [26112] =>.Nokia
O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [589824] =>.Realtek
O58 - SDL:2015/10/30 08:17:18 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\WINDOWS\System32\drivers\rtl8192se.sys [1222656] =>.Realtek Semiconductor Corporation
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows®
O58 - SDL:2014/12/09 17:47:36 A . (.SMART Technologies - Mouse Upper Filter Driver.) -- C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [10240] =>.SMART Technologies
O58 - SDL:2014/12/09 17:47:50 A . (.SMART Technologies - Driver for SMART HID Device.) -- C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216] =>.SMART Technologies
O58 - SDL:2014/12/09 17:47:32 A . (.SMART Technologies ULC - Driver for SMART Virtual TabletPC HID Devic.) -- C:\WINDOWS\System32\drivers\SMARTVTabletPCx64.sys [70656] =>.SMART Technologies ULC
O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [42184] =>.Synaptics Incorporated®
O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [42696] =>.Synaptics Incorporated®
O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [42696] =>.Synaptics Incorporated®
O58 - SDL:2015/05/21 07:02:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\ssm_cm.sys [15360] =>.MCCI Corporation®
O58 - SDL:2015/05/21 07:02:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\ssm_wh.sys [15872] =>.MCCI Corporation®
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [110720] =>.DEVGURU CO LTD®
O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD®
O58 - SDL:2015/10/30 08:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows®
O58 - SDL:2015/09/11 15:01:26 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [613576] =>.Synaptics Incorporated®
O58 - SDL:2016/01/24 13:04:45 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [128312] =>.Superfluous.Tencent
O58 - SDL:2010/06/14 09:32:54 A . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\WINDOWS\System32\drivers\TFsExDisk.sys [16448] =>.Teruten, Inc.®
O58 - SDL:2013/08/19 12:32:10 A . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\WINDOWS\System32\drivers\Thotkey.sys [32624] =>.TOSHIBA CORPORATION®
O58 - SDL:2014/03/19 02:37:36 A . (.Seiko Epson Corporation - EPSON USB Device Driver for TM/BA/EU Printe.) -- C:\WINDOWS\System32\drivers\TMUSB64.sys [63096] =>.Seiko Epson Corporation
O58 - SDL:2013/08/15 09:13:32 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\WINDOWS\System32\drivers\TVALZ_O.SYS [32832] =>.TOSHIBA CORPORATION®
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows®
O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows®
O58 - SDL:2008/03/17 18:12:26 A . (...) -- C:\WINDOWS\System32\Ckldrv.sys [28664] {07ECE39AB9F0557AA8FCED94B40D204F}
---\\ Last modified or created user files (16) - 113s
O61 - LFC: 2016/01/26 12:41:08 A . (.iGEM.) -- C:\Users\Sami\Downloads\MEGA7.0.9_beta_win64_setup.exe [32440723]
O61 - LFC: 2016/02/02 10:46:10 A . (..) -- C:\Users\Sami\AppData\Roaming\Microsoft\UProof\CMAdj.9.bin [68]
O61 - LFC: 2016/01/28 11:43:52 A . (..) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\MUSCLE\muscle.exe [531968]
O61 - LFC: 2016/01/28 11:43:52 A . (..) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\MUSCLE\muscleWin64.exe [531968]
O61 - LFC: 2016/01/28 11:20:06 A . (.WPCubed GmbH - www.wpcubed.com.) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\DLL\wPDF300W64.dll [1689544] {0D1A94960725EDF5AE85CF6F5D799B7B}
O61 - LFC: 2016/01/28 15:16:00 A . (.Copyright © 2013.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Q42.WinRT.Portable\7631f412fc66d626094994fddc019311\Q42.WinRT.Portable.ni.dll [44032]
O61 - LFC: 2016/01/28 15:16:07 A . (.Copyright © 2012.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Q42.WinRT\f78c7598742cc0647abb150639b190e3\Q42.WinRT.ni.dll [239616]
O61 - LFC: 2016/01/28 15:15:59 A . (.Copyright © 2014.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\NRJ\c5bcc2d1182e25eb3abc8d75328bf6ba\NRJ.ni.exe [1869312]
O61 - LFC: 2016/01/28 15:16:09 A . (.Copyright © 2011.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\cd3dbbce858ec74ff99988d686defac1\NotificationsExtensions.ni.dll [241664]
O61 - LFC: 2016/01/28 15:16:08 A . (.Copyright © 2013.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\ATWinStoreLib\b96b5bb3e6a2577a01e4861d6ff73b08\ATWinStoreLib.ni.dll [161280]
O61 - LFC: 2016/01/26 22:27:35 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [24616]
O61 - LFC: 2016/02/02 10:34:31 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2016/02/02 22:25:34 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635900364982878667.bin [66472]
O61 - LFC: 2016/02/03 07:29:54 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2016/01/26 17:42:10 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [403885]
O61 - LFC: 2016/01/26 22:11:21 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635894136668762467.bin [58396]
---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (5) - 14s
O69 - SBI: prefs.js [Sami - 0s20p23z.default] user_pref("browser.newtab.url", "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G1Ozamobl10924,f8a9f8bd-b356-4332-ab6e[...] =>PUP.Optional.SearchingCom
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Search Svchost Services (42) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1338368] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [958464] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [1012224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2058240] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [203776] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [457728] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2280448] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [360448] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [360960] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1130496] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948224] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [200192] =>.Microsoft Corporation
---\\ Firewall Active Exception List (54) - 9s
O87 - FAEL: "UDP Query User{D64279E8-62DD-43BC-A5E6-4E7B49E17E82}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "TCP Query User{F9B6B75D-C1AB-43B0-BB81-A4C28CB9207F}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "{AEF68EEC-8911-4522-9059-55D160BD8CA2}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe (.not file.)
O87 - FAEL: "{67644433-D2E4-495D-BC6C-C701A29CB601}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe (.not file.)
O87 - FAEL: "{4B54A765-5D85-406D-9162-D4BA0973A2D7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe (.not file.)
O87 - FAEL: "{6DFD9D5E-F7DB-4688-B2B0-797FD618D08A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe (.not file.)
O87 - FAEL: "{85D097BD-2630-47A3-B6F6-CD1E3DD76549}" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "{CF550519-2E91-40B2-A98E-1008354D5AAD}" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "{DCE17A55-CB63-4A48-9D87-5245180F76CD}" [In-None-P17-TRUE] .(...) -- C:\Program Files\PCDApp\dgen.exe (.not file.)
O87 - FAEL: "{8EA85A7E-C9F2-411F-B3F4-3A558C11BAC1}" [In-None-P6-TRUE] .(...) -- C:\Program Files\PCDApp\dgen.exe (.not file.)
O87 - FAEL: "{8443A095-3B45-4ECB-92AD-FBA8769CDDE3}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{2999EC54-5FE2-4649-B9F2-79403EFE41C4}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{65274C97-19E5-4237-B5E1-02F77A2E2B7B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{ACC0AD74-8595-4C26-BE54-E0BE56AA2653}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS
O87 - FAEL: "{87DE2CEB-18CD-4E8E-B332-B1439FC76499}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (.not file.)
O87 - FAEL: "{A770D764-F829-482E-B1D9-15DF3F44FDAB}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (.not file.)
O87 - FAEL: "{5EB1F344-6692-47BC-9476-5BB80DE2688A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (.not file.)
O87 - FAEL: "{62ED000E-EEAF-45F7-9394-7FEA9E114EB4}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (.not file.)
O87 - FAEL: "TCP Query User{B70E271F-5FC9-4BF5-A053-453E635E25FF}C:\program files (x86)\smart technologies\education software\ucgui.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucgui.exe (.not file.)
O87 - FAEL: "UDP Query User{8794C1D3-9454-49AA-A713-72A4BC6D22F9}C:\program files (x86)\smart technologies\education software\ucgui.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucgui.exe (.not file.)
O87 - FAEL: "TCP Query User{2D6BB53C-2B92-45FB-97FD-9F1B2F718438}C:\program files (x86)\smart technologies\education software\ucservice.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucservice.exe (.not file.)
O87 - FAEL: "UDP Query User{B572551C-425D-4BA9-91B9-38AF859D1006}C:\program files (x86)\smart technologies\education software\ucservice.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucservice.exe (.not file.)
O87 - FAEL: "{E6C90F6E-2A12-4103-AB96-CBEE91771093}" [In-None-P6-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{4E4C49DA-3E90-49E8-85BA-1C26F23E39E0}" [In-None-P17-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{6EB8B37D-BAD0-46CE-82B5-FD060FA6BF19}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (.not file.)
O87 - FAEL: "{363D11BE-C954-4B01-9208-A0674F916E31}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (.not file.)
O87 - FAEL: "{88D3A529-EC5A-4BB5-872B-DBE5ED26CA55}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (.not file.)
O87 - FAEL: "{7FBB0029-C448-470E-933D-033D95F9DE48}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (.not file.)
O87 - FAEL: "{66267072-E6A2-4997-901F-603E8AA43A8C}" [Out-None-P6-TRUE] .(...) -- C:\Users\Sami\AppData\Local\Temp\nsj2C79.tmp\CnetInstaller-75586860.exe (.not file.)
O87 - FAEL: "{B291913D-191F-462C-8AA8-C6AE94C4F517}" [In-None-P6-TRUE] .(...) -- C:\Users\Sami\AppData\Local\Temp\nsj2C79.tmp\CnetInstaller-75586860.exe (.not file.)
O87 - FAEL: "{AD891D20-77DE-429F-A39B-3AE2A084EBE4}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (.not file.)
O87 - FAEL: "{35116F7F-7E81-4B4E-94D3-233D46666D8F}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (.not file.)
O87 - FAEL: "{31728723-3987-4378-AAA9-5A48B8CAAFB0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (.not file.)
O87 - FAEL: "{538F46DB-9902-4421-9A5F-D0E082C2A941}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (.not file.)
O87 - FAEL: "{E784ADC4-4BBF-427E-9C0A-0F0D471DAF8A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (.not file.)
O87 - FAEL: "{AD5457FA-D8EC-483B-9E24-513BCFCF8EA3}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (.not file.)
O87 - FAEL: "{B8EF95C7-7B69-486A-A5FE-348158FEB840}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (.not file.)
O87 - FAEL: "{2D64FD10-BD69-4E31-9DE4-A330A344B13D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (.not file.)
O87 - FAEL: "{60C8B623-66B8-46B1-90A7-94D948C206D0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (.not file.)
O87 - FAEL: "{FC4EF9AF-3172-4FBB-B7AC-EE766CF2AB5D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (.not file.)
O87 - FAEL: "{3AC2F41B-669A-4A01-A488-0067A0A27B60}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (.not file.)
O87 - FAEL: "{D5C59EDD-B660-4012-83BB-B1530B7DB8C0}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (.not file.)
O87 - FAEL: "{58406AF2-A788-4F3B-9EAB-ABDA8276B9AA}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (.not file.)
O87 - FAEL: "{2FC9A6FC-A799-4A6D-96EE-7C72111C3D1D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (.not file.)
O87 - FAEL: "TCP Query User{DA85B204-B309-41DA-ADAF-ABD8F979E450}C:\program files (x86)\mozilla firefox\firefox.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\mozilla firefox\firefox.exe (.not file.)
O87 - FAEL: "UDP Query User{CC917D9A-3389-486C-96D3-5EB63B124B30}C:\program files (x86)\mozilla firefox\firefox.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\mozilla firefox\firefox.exe (.not file.)
O87 - FAEL: "{603F2A84-2F87-42D6-B242-21D11B237AD7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (.not file.)
O87 - FAEL: "{55CBC8D7-2D63-4611-BE02-65928CE46B8F}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (.not file.)
O87 - FAEL: "{2A9D63EC-5FD2-4784-A6AA-0C11FBDF309F}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe (.not file.)
O87 - FAEL: "{A733CDCB-B921-4C2A-AD8B-6788046E57FA}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe (.not file.)
O87 - FAEL: "{B91D2D3F-C320-480F-AA29-2E94D3F74480}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe (.not file.)
O87 - FAEL: "{D2F9C968-A0E0-4887-8F81-32BC450ACE62}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe (.not file.)
O87 - FAEL: "{303E3010-0F13-4D26-8C99-F6E9982EA303}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (.not file.)
O87 - FAEL: "{FB09B914-400D-48AD-9028-515461ADB04B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (.not file.)
---\\ Additional Scan (O88) (46) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\AutoKMS =>HackTool.AutoKMS
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\IBUpd2 =>PUP.Optional.BrowserAir
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager =>PUP.Optional.SystemK
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager =>PUP.Optional.SystemK
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater
HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch
HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart
HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager
HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage
HKLM\SOFTWARE\Wow6432Node\SystemK =>PUP.Optional.SystemK
HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\DriverToolkit =>.Superfluous.DriverToolkit
HKCU\SOFTWARE\InstallCore =>Adware.InstallCore
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager
HKCU\SOFTWARE\Softonic =>.Superfluous.Softonic
HKCU\SOFTWARE\STA =>.Superfluous.ZhuWeiqin
HKCU\SOFTWARE\SystemK =>PUP.Optional.SystemK
HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader
HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\Program Files (x86)\AVG Web TuneUp =>Toolbar.AVGSafeGuard
C:\Program Files (x86)\Bitlord =>PUP.Optional.WhenUSave
C:\Program Files (x86)\BitLord 2 =>PUP.Optional.WhenUSave
C:\Program Files (x86)\Settings Manager =>PUP.Optional.SettingsManager
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitlord =>PUP.Optional.WhenUSave
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\systemk =>PUP.Optional.SystemK
C:\Users\Sami\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave
C:\WINDOWS\Prefetch\BROWSERAIR.EXE-BE55F020.pf =>PUP.Optional.BrowserAir
C:\WINDOWS\Prefetch\SH_INSTALLER.EXE-AF58EEE7.pf =>.Superfluous.SpyHunter
C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-83704D5A.pf =>.Superfluous.SpyHunter
C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave
---\\ Summary of the elements found (21) - 0s
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS
http://www.nicolascoolman.fr/pup-optional-browserair/ =>PUP.Optional.BrowserAir
http://www.nicolascoolman.fr/?p=596 =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/?p=880 =>PUP.Optional.WhenUSave
http://www.nicolascoolman.fr/?p=56 =>PUP.Optional.SystemK
http://www.nicolascoolman.fr/?p=641 =>PUP.Optional.SoftwareUpdater
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SweetSearch
http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SettingsManager
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.WdsManPro
http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.DriverToolkit
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Softonic
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.ZhuWeiqin
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader
http://www.nicolascoolman.fr/?p=5143 =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.SpyHunter
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SearchingCom
~ End of the scan, 46441 items in 00h07mn38s (1160)(0)