~ ZHPDiag v2015.7.26.102 By Nicolas Coolman (2015/07/26) ~ Run by Eagle (Administrator) (2015/07/27 14:48:32) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Eagle\Desktop\ZHPDiag.txt ~ Report: C:\Users\Eagle\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) ~ Windows 7, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v43.0.2357.134 MFIE: Mozilla Firefox 38.0.1 (x86 en-US) v38.0.1 MSIE: Internet Explorer v10.0.9200.16521 ---\\ Windows Product Information (4) - 9s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK (Auto) Windows Activation Technologies : OK ---\\ System protection software (2) - 2s Microsoft Security Client v4.2.0223.1 Microsoft Security Essentials v4.2.223.1 ---\\ Surveillance software (2) - 2s Adobe Flash Player 18 NPAPI Adobe Reader XI ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 4153.716 MB (55% free) ~ System Restore: Activé (Enable) ~ System drive C: has 91 GB free of 461 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: EAGLE-PC ~ User Name: Eagle ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 91 GB free of 461 GB (System) ---\\ State of the Windows Security Center (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (22) - 1s [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [129024] [MD5.69F1D418B4C4EC23033D598E4CBC6B73] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2240512] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [261632] [MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1659760] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [295808] ---\\ Process running (32) - 6s [MD5.5697FB5DCF36ADA09C153378E88AE6AD] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe [244736] [PID.324] [MD5.80FB6539A72E03BC39A8CA38C75550F8] - (.Cisco Systems, Inc. - VPN Agent Service.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480] [PID.1176] [MD5.E397DCDE31D1D49FDA7ADDD2859F4D02] - (.Taiwan Shui Mu Chih Ching Technology Limited - Picexa service.) -- C:\Program Files (x86)\Picexa\PicexaSvc.exe [396952] [PID.1356] =>PUP.Optional.Picexa [MD5.911F179646EBF2FAEE370C1C55D3D307] - (.Windows SysTool - Windows SysTool.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [545280] [PID.1424] =>PUP.Optional.Fuyu [MD5.F431DC5D94F4B2FDBC927655D8A9B10E] - (.Autodesk, Inc. - Content Service.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232] [PID.1928] [MD5.9C246DA8A95CD2A8A1A457E87357BE29] - (.Plus HDV11.04 - PlusHD Cinema 2.1cV11.04 exe.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-10.exe [1344000] [PID.1548] [MD5.862323C8C5CFFB0644166F448597DD36] - (.Copyright (C) 2015 - Updater.) -- C:\Users\Eagle\AppData\Roaming\ogzly2rxzgs1bwn\ogzly2rxzgs1bwn.exe [1019904] [PID.2168] [MD5.FBA90C2ADEC874D7D2DE982733E6188C] - (.Plus HDV11.04 - PlusHD Cinema 2.1cV11.04 exe.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-6.exe [1367552] [PID.2176] [MD5.A1DE55B9ECA6E74245A5B3F46AF335D4] - (.Plus HDV11.04 - PlusHD Cinema 2.1cV11.04 exe.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-1-6.exe [1408512] [PID.2628] [MD5.E98C5CFA4051BFA3E2CB0AFB10FF4CAB] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files (x86)\XTab\ProtectService.exe [158816] [PID.2220] =>PUP.Optional.MiuiTab [MD5.0AAE19D87D7245D224BA7924CA15CE7C] - (...) -- C:\Users\Eagle\AppData\Roaming\4C4C4544-1428751199-5810-8059-B6C04F474C31\jnsqC607.tmp [132096] [PID.2312] =>PUP.Optional.CrossRider [MD5.7E4E734D5ADBBC4026A5DB2E63C29D40] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files (x86)\XTab\CmdShell.exe [48224] [PID.2380] [MD5.E89DC1FAC143BC54385DC3DDBBC7B5A8] - (...) -- C:\Users\Eagle\AppData\Local\4C4C4544-1428780411-5810-8059-B6C04F474C31\snsi34A4.tmp [196096] [PID.2400] =>PUP.Optional.CrossRider [MD5.E4A9FC27FA70F62C01D6439E7E07AA16] - (...) -- C:\Users\Eagle\AppData\Local\4C4C4544-1428782843-5810-8059-B6C04F474C31\insc4603.tmp [116224] [PID.2456] =>PUP.Optional.CrossRider [MD5.AF1ACB2AF788A85B60ECDAD718B15604] - (.Mentor Graphics Corporation - Dispatcher service.) -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe [51848] [PID.1880] [MD5.8C15F35314EADBE08375DD47AD62439A] - (.XTab system - SupHPNot.exe.) -- C:\Program Files (x86)\XTab\HPNotify.exe [673888] [PID.2524] =>PUP.Optional.MiuiTab [MD5.E28D8B0BCFBA42BFA6E30722E39217A8] - (.Mentor Graphics Corporation - FloEFD Remote Solver Dispatcher.) -- C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\dispatcher.exe [418440] [PID.2516] [MD5.BEAF0275507F165FBE4C89942CAB3D41] - (...) -- C:\Users\Eagle\AppData\Local\4C4C4544-1428780366-5810-8059-B6C04F474C31\cnssB192.tmp [162816] [PID.620] =>PUP.Optional.CrossRider [MD5.31C1C7CC1C176CA6231384A33C28F5F7] - (...) -- C:\Program Files (x86)\Coupoon\UpdateCheck.exe [53040] [PID.740] [MD5.2A751BF970588F2D50F1C83469A3CBE3] - (.Unique Solutions - DesktopSearch Service.) -- C:\ProgramData\cLexsT\elIdMiPL.exe [2731488] [PID.2412] =>PUP.Optional.UniqueSolutions [MD5.91D8873DC696D3BF5B076350FD7EB97B] - (...) -- C:\Users\Eagle\AppData\Local\gmsd_au_198\upgmsd_au_198.exe [3305928] [PID.3424] [MD5.5BF94D45E79C5FADDFC8A92E4BE28A48] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [384296] [PID.3620] [MD5.A60DB2C4E19913B42E82B1095045E305] - (.Tango Inc. - Tango.) -- C:\Program Files (x86)\Tango\Tango.exe [13489992] [PID.3752] [MD5.68C54757AD5F0A434B7406A4B7177BC2] - (.WordWeb Software - WordWeb.) -- C:\Program Files (x86)\WordWeb\wweb32.exe [77056] [PID.3760] [MD5.00D1FB0073B4A8BD2989EA8FF4CC792B] - (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064] [PID.3952] [MD5.ED617CEBED57C320945E727501078F9E] - (.Autodesk, Inc. - Autodesk Download Manager.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1632216] [PID.4008] [MD5.340ACAAD76DE94000DCEAC541349A27C] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [66856] [PID.3824] [MD5.A781EF31ACD0756CAFA350FA61D78B22] - (.Copyright © 2015 - ivvsifei.) -- C:\ProgramData\Wseulair\1.0.4.1\ivvsifei.exe [156672] [PID.3852] [MD5.D7FCD621FC17B4EDD453D0F5C22A7DA6] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\hidfind.exe [91648] [PID.3920] [MD5.85A112B729EFF69669461ED39A5213FE] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\ApntEx.exe [24064] [PID.3804] [MD5.A781EF31ACD0756CAFA350FA61D78B22] - (.Copyright © 2015 - ivvsifei.) -- C:\ProgramData\Wseulair\1.0.4.1\ivvsifei.exe [156672] [PID.1268] [MD5.D630B6F2E8379B6F10DC16E82A426552] - (.SupportSoft, Inc. - SupportSoft Agent Service.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe [206064] [PID.4844] ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (21) - 1s G0 - GCSP: Preferences [User Data\Default][HomePage] http://mynamedomain.koko/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.%3Chtml%3E/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://cdncache-a.akamaihd.net/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients1.google.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://epicunitscan.info/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com.au/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com/ G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com/ G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.\u003Chtml>?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [papbadoldddalgcjcicnikcfenodpghp] PlusHD Cinema 2.1cV11.04 G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (20) - 3s M0 - MFSP: prefs.js [Eagle - 92kuxi8s.default] http://www.google.com/ P2 - EXT: (. - NPAPI Extension for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppluginrichmediaplayer.dll P2 - EXT FILE: (...) -- C:\Users\Eagle\AppData\Roaming\Mozilla\Firefox\Profiles\92kuxi8s.default\searchplugins\buenosearch.xml =>PUP.Optional.BuenoSearch P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} P2 - EXT: (. - shoppi.) -- C:\Users\Eagle\AppData\Roaming\Mozilla\Firefox\Profiles\92kuxi8s.default\extensions\ieligo_ucdwun@xpuqxupwsulfep.com P2 - EXT: (...) -- C:\Users\Eagle\AppData\Roaming\Mozilla\Firefox\Profiles\92kuxi8s.default\extensions\staged P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.40.2] - (.Oracle Corporation.) -- C:\Windows\SysWOW64\npdeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.40.2] - (.Oracle Corporation.) -- C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (23) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com/ =>PUP.Optional.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com/ =>PUP.Optional.SmartBar R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com/ =>PUP.Optional.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com/ =>PUP.Optional.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com/ =>PUP.Optional.SmartBar R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/ =>PUP.Optional.IsStart R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (R5) (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ---\\ Hosts file redirection (O1) (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Internet Explorer Toolbars (O3) (2) - 0s O3 - Toolbar: 0xEF44FA216D37534D9B0F8A89D3229068 - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} . (...) -- (.not file.) O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.) ---\\ Auto loading programs from Registry and folders (O4) (21) - 1s O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [Autodesk Sync] . (.Autodesk, Inc. - Autodesk Sync.) -- C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe O4 - HKCU\..\Run: [Tango] . (.Tango Inc. - Tango.) -- C:\Program Files (x86)\Tango\Tango.exe O4 - HKCU\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files (x86)\WordWeb\wweb32.exe O4 - HKCU\..\Run: [L07AXLRD_37879117] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE O4 - HKLM\..\Wow6432Node\Run: [PDVDDXSrv] . (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe O4 - HKLM\..\Wow6432Node\Run: [DellSupportCenter] . (.SupportSoft, Inc. - Dell Support Center Updates.) -- C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe O4 - HKLM\..\Wow6432Node\Run: [ADSK DLMSession] . (.Autodesk, Inc. - Autodesk Download Manager.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe O4 - HKLM\..\Wow6432Node\Run: [WinCheck] . (...) -- C:\Users\Eagle\AppData\Local\4C4C4544-1428780212-5810-8059-B6C04F474C31\bnsm913.exe O4 - HKLM\..\Wow6432Node\RunOnce: [upgmsd_au_198.exe] . (...) -- C:\Users\Eagle\AppData\Local\gmsd_au_198\upgmsd_au_198.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-232248585-3114266481-3854186893-1000\..\Run: [Tango] . (.Tango Inc. - Tango.) -- C:\Program Files (x86)\Tango\Tango.exe O4 - HKUS\S-1-5-21-232248585-3114266481-3854186893-1000\..\Run: [WordWeb] . (.WordWeb Software - WordWeb.) -- C:\Program Files (x86)\WordWeb\wweb32.exe O4 - HKUS\S-1-5-21-232248585-3114266481-3854186893-1000\..\Run: [L07AXLRD_37879117] . (.Microsoft Corporation - Microsoft Encarta Dictionaries.) -- C:\Program Files (x86)\Microsoft Student\Microsoft Student with Encarta Premium 2007 DVD\EDICT.EXE ---\\ Global shortcuts Startup (O4G) (1) - 14s O4 - GS\CommonDesktop [Public]: Picexa.lnk . (.Taiwan Shui Mu Chih Ching Technology Limited - Picexa Viewer.) C:\Program Files (x86)\Picexa\Picexa.exe =>PUP.Optional.Picexa ---\\ Winsock hijacker (Layered Service Provider) (O10) (5) - 0s O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (...) -- C:\Windows\System32\CCL.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (...) -- C:\Windows\System32\CCL.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000003\Winsock LSP File . (...) -- C:\Windows\System32\CCL.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000004\Winsock LSP File . (...) -- C:\Windows\System32\CCL.dll (Not File) (Hijacker.Winsock) O10 - WLSP:\Catalog_Entries\000000000015\Winsock LSP File . (...) -- C:\Windows\System32\CCL.dll (Not File) (Hijacker.Winsock) ---\\ Lop.com/Domain Hijackers (O17) (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 134.7.32.100 134.7.134.7 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = curtin.edu.au O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 134.7.32.100 134.7.134.7 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = curtin.edu.au ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (20) - 2s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Autodesk Content Service (Autodesk Content Service) . (.Autodesk, Inc. - Content Service.) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe O23 - Service: elIdMiPL (elIdMiPL) . (.Unique Solutions - DesktopSearch Service.) - C:\ProgramData\cLexsT\elIdMiPL.exe =>PUP.Optional.UniqueSolutions O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate O23 - Service: Google Update Service (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.) O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files (x86)\XTab\ProtectService.exe =>PUP.Optional.AgentODR O23 - Service: Video Speed (jezyseko) . (...) - C:\Users\Eagle\AppData\Roaming\4C4C4544-1428751199-5810-8059-B6C04F474C31\jnsqC607.tmp =>PUP.Optional.CrossRider O23 - Service: Find Internal (kowuqydi) . (...) - C:\Users\Eagle\AppData\Local\4C4C4544-1428780411-5810-8059-B6C04F474C31\snsi34A4.tmp =>PUP.Optional.CrossRider O23 - Service: Percentage Sign Outline (pemerusy) . (...) - C:\Users\Eagle\AppData\Local\4C4C4544-1428782843-5810-8059-B6C04F474C31\insc4603.tmp =>PUP.Optional.CrossRider O23 - Service: PicexaService (PicexaService) . (.Taiwan Shui Mu Chih Ching Technology Limited - Picexa service.) - C:\Program Files (x86)\Picexa\PicexaSvc.exe =>PUP.Optional.Picexa O23 - Service: Control Panel History (qyjohehi) . (...) - C:\Users\Eagle\AppData\Roaming\4C4C4544-1428751199-5810-8059-B6C04F474C31\nsgC9E1.tmp (.not file.) =>PUP.Optional.CrossRider O23 - Service: Remote Solver for Flow Simulation 2013 (RemoteSolverDispatcher) . (.Mentor Graphics Corporation - Dispatcher service.) - C:\Program Files\SolidWorks Corp\SolidWorks Flow Simulation\binCFW\remotesolverdispatcherservice.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: SupportSoft Sprocket Service (DellSupportCenter) (sprtsvc_DellSupportCenter) . (.SupportSoft, Inc. - SupportSoft Agent Service.) - C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe O23 - Service: Audio Service (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_7f58c91b65c73836\stacsv64.exe O23 - Service: Ctrl Log Off (topupete) . (...) - C:\Users\Eagle\AppData\Local\4C4C4544-1428780366-5810-8059-B6C04F474C31\cnssB192.tmp =>PUP.Optional.CrossRider O23 - Service: UpdateCheck (UpdateCheck) . (...) - C:\Program Files (x86)\Coupoon\UpdateCheck.exe O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) . (.Cisco Systems, Inc. - VPN Agent Service.) - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.Windows SysTool - Windows SysTool.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Optional.Fuyu ---\\ Task Planned Automatically (O39) (101) - 15s [MD5.A1DE55B9ECA6E74245A5B3F46AF335D4] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-1-6] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-1-6.exe [1408512] [MD5.4D03F4BF494BAAB4DC1F794E7E1F55F8] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-1-7] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-1-7.exe [1065472] [MD5.9C246DA8A95CD2A8A1A457E87357BE29] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-10_user] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-10.exe [1344000] [MD5.3D65792919DEE87FB9F207C89F361DF2] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-3] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-3.exe [1849856] [MD5.F82042574EC5FC96F162EA857973AF9A] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-5] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-5.exe [1000448] [MD5.F82042574EC5FC96F162EA857973AF9A] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-5_user] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-5.exe [1000448] [MD5.FBA90C2ADEC874D7D2DE982733E6188C] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-6] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-6.exe [1367552] [MD5.4D03F4BF494BAAB4DC1F794E7E1F55F8] [APT] [5d612f61-6de7-4485-b217-c10b607de3fe-7] (.Plus HDV11.04.) -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04\5d612f61-6de7-4485-b217-c10b607de3fe-7.exe [1065472] [MD5.9B3355B29942AF67F014EA90CE1EA960] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268976] [MD5.5601FCA01636DDD04809336479DA71BA] [APT] [Advanced System Optimizer] (.Systweak Software, (www.systweak.com).) -- C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3246912] =>PUP.Optional.AdvancedSystemOptimizer [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect [MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.Optional.AnyProtect [MD5.00000000000000000000000000000000] [APT] [ASO-AutoCheckUpdate7Days] (...) -- C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe (.not file.) [0] =>PUP.Optional.AdvancedSystemOptimizer [MD5.5601FCA01636DDD04809336479DA71BA] [APT] [ASO-OneClickCare] (.Systweak Software, (www.systweak.com).) -- C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3246912] =>PUP.Optional.AdvancedSystemOptimizer [MD5.5601FCA01636DDD04809336479DA71BA] [APT] [ASOService] (.Systweak Software, (www.systweak.com).) -- C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe [3246912] =>PUP.Optional.AdvancedSystemOptimizer [MD5.00000000000000000000000000000000] [APT] [bench-sys] (...) -- C:\Program Files (x86)\Bench\Updater\updater.exe (.not file.) [0] [MD5.F509EAF8352D84AA82295C226540D07B] [APT] [Bidaily Synchronize Task[8da6]] (.Super PC Tools Ltd.) -- c:\programdata\{4061c10c-6ad7-1021-4061-1c10c6ad0431}\hqghumeaylnlf.exe [6828656] =>PUP.Optional.BidailySync [MD5.00000000000000000000000000000000] [APT] [Crossbrowse] (...) -- C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe (.not file.) [0] =>PUP.Optional.CrossBrowse [MD5.862323C8C5CFFB0644166F448597DD36] [APT] [GlobalUpdate-ogzly2rxzgs1bwn] (.Copyright (C) 2015.) -- C:\Users\Eagle\AppData\Roaming\ogzly2rxzgs1bwn\ogzly2rxzgs1bwn.exe [1019904] =>PUP.Optional.GlobalUpdate [MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.Optional.GlobalUpdate [MD5.3C14AAE26EA06BADAC98520773772CEB] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608] =>PUP.Optional.GlobalUpdate [MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] [MD5.3A1D89B89C9D62951957F0839578DD9B] [APT] [HiRbpcK1RWiu] (.Copyright 2001.) -- C:\Users\Eagle\AppData\Roaming\HiRbpcK1RWiu.exe [1579520] =>PUP.Optional.Pirrit [MD5.00000000000000000000000000000000] [APT] [MySearchDial] (...) -- C:\Users\Eagle\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE (.not file.) [0] =>PUP.Optional.MySearchDial [MD5.00000000000000000000000000000000] [APT] [ProPCCleaner_Start] (...) -- C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe (.not file.) [0] =>PUP.Optional.ProPCCleaner [MD5.00000000000000000000000000000000] [APT] [SmartWeb Upgrade Trigger Task] (...) -- C:\Users\Eagle\AppData\Local\SmartWeb\SmartWebHelper.exe (.not file.) [0] =>PUP.Optional.SmartWebSearch [MD5.AB6818A7FF17230A6E5119F6CDD1F85B] [APT] [uzvtdbEy8b5QErtPtr48] (.Copyright 2001.) -- C:\Users\Eagle\AppData\Roaming\uzvtdbEy8b5QErtPtr48.exe [1246720] =>PUP.Optional.Pirrit [MD5.00000000000000000000000000000000] [APT] [VXMRAV] (...) -- C:\Users\Eagle\AppData\Roaming\VXMRAV.exe (.not file.) [0] [MD5.A781EF31ACD0756CAFA350FA61D78B22] [APT] [Wseulair] (.Copyright © 2015.) -- C:\ProgramData\Wseulair\1.0.4.1\ivvsifei.exe [156672] [MD5.00000000000000000000000000000000] [APT] [{4DF5AE5E-8AA1-4821-B1FA-3D4E749120DB}] (...) -- C:\Program Files (x86)\iolo\System Mechanic 6\SysMech6.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{C24C8EF0-4B56-41CF-AFC4-176E55A364B2}] (...) -- C:\Program Files (x86)\iolo\System Mechanic 6\SysMech6.exe (.not file.) [0] [MD5.CBEC06E32D0AC9C3D0A9199EDC1FB959] [APT] [{E1ACF7EE-9FFE-463E-A02A-3068BD3E0144}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [17418928] [MD5.00000000000000000000000000000000] [APT] [D68XYGL1\Administrator - Start WLAN Tray Applet] (...) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (.not file.) [0] O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-1-6 - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-6.job [3144] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-1-7 - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-7.job [3480] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-10_user - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-10_user.job [2118] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-3 - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-3.job [4500] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-5 - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5.job [2452] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-5_user - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5_user.job [2452] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-6 - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-6.job [5524] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-7 - (...) -- C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-7.job [5524] =>PUP.Optional.CrossRider O39 - APT: Adobe Flash Player Updater - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [378] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [376] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [376] =>PUP.Optional.AnyProtect O39 - APT: ASO-AutoCheckUpdate7Days - (...) -- C:\Windows\Tasks\ASO-AutoCheckUpdate7Days.job [460] O39 - APT: ASO-OneClickCare - (...) -- C:\Windows\Tasks\ASO-OneClickCare.job [430] O39 - APT: ASOService - (...) -- C:\Windows\Tasks\ASOService.job [458] O39 - APT: bench-sys - (...) -- C:\Windows\Tasks\bench-sys.job [344] O39 - APT: Orphean - (...) -- C:\Windows\Tasks\bench-Updater removing.job [286] =>PUP.Optional.CrossRider O39 - APT: Bidaily Synchronize Task[8da6] - (...) -- C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job [340] =>PUP.Optional.BidailySync O39 - APT: Crossbrowse - (...) -- C:\Windows\Tasks\Crossbrowse.job [1056] =>PUP.Optional.CrossBrowse O39 - APT: globalUpdateUpdateTaskMachineCore - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [994] =>PUP.Optional.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (...) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [998] =>PUP.Optional.GlobalUpdate O39 - APT: HiRbpcK1RWiu - (...) -- C:\Windows\Tasks\HiRbpcK1RWiu.job [996] O39 - APT: MySearchDial - (...) -- C:\Windows\Tasks\MySearchDial.job [292] =>PUP.Optional.MySearchDial O39 - APT: uzvtdbEy8b5QErtPtr48 - (...) -- C:\Windows\Tasks\uzvtdbEy8b5QErtPtr48.job [1012] O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-1-6 - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-6 [6172] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-1-7 - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-7 [6510] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-10_user - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-10_user [5142] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-3 - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-3 [7530] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-5 - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5 [5482] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-5_user - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5_user [5478] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-6 - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-6 [8552] =>PUP.Optional.CrossRider O39 - APT: 5d612f61-6de7-4485-b217-c10b607de3fe-7 - (...) -- C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-7 [8554] =>PUP.Optional.CrossRider O39 - APT: Adobe Flash Player Updater - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] O39 - APT: Advanced System Optimizer - (...) -- C:\Windows\System32\Tasks\Advanced System Optimizer [3158] =>PUP.Optional.AdvancedSystemOptimizer O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [2828] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [2826] =>PUP.Optional.AnyProtect O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [2826] =>PUP.Optional.AnyProtect O39 - APT: ASO-AutoCheckUpdate7Days - (...) -- C:\Windows\System32\Tasks\ASO-AutoCheckUpdate7Days [3334] O39 - APT: ASO-OneClickCare - (...) -- C:\Windows\System32\Tasks\ASO-OneClickCare [3300] O39 - APT: ASOService - (...) -- C:\Windows\System32\Tasks\ASOService [2978] O39 - APT: bench-sys - (...) -- C:\Windows\System32\Tasks\bench-sys [3240] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\bench-Updater removing [3226] =>PUP.Optional.CrossRider O39 - APT: Bidaily Synchronize Task[8da6] - (...) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6] [3252] =>PUP.Optional.BidailySync O39 - APT: Crossbrowse - (...) -- C:\Windows\System32\Tasks\Crossbrowse [4082] =>PUP.Optional.CrossBrowse O39 - APT: GlobalUpdate-ogzly2rxzgs1bwn - (...) -- C:\Windows\System32\Tasks\GlobalUpdate-ogzly2rxzgs1bwn [3262] =>PUP.Optional.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineCore - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [3742] =>PUP.Optional.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (...) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [3996] =>PUP.Optional.GlobalUpdate O39 - APT: Go for FilesUpdate - (...) -- C:\Windows\System32\Tasks\Go for FilesUpdate [3074] O39 - APT: HiRbpcK1RWiu - (...) -- C:\Windows\System32\Tasks\HiRbpcK1RWiu [4022] O39 - APT: MySearchDial - (...) -- C:\Windows\System32\Tasks\MySearchDial [3232] =>PUP.Optional.MySearchDial O39 - APT: ProPCCleaner_Start - (...) -- C:\Windows\System32\Tasks\ProPCCleaner_Start [3196] =>PUP.Optional.ProPCCleaner O39 - APT: SmartWeb Upgrade Trigger Task - (...) -- C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task [4034] =>PUP.Optional.SmartWebSearch O39 - APT: uzvtdbEy8b5QErtPtr48 - (...) -- C:\Windows\System32\Tasks\uzvtdbEy8b5QErtPtr48 [4038] O39 - APT: VXMRAV - (...) -- C:\Windows\System32\Tasks\VXMRAV [4364] O39 - APT: Wseulair - (...) -- C:\Windows\System32\Tasks\Wseulair [3450] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{15A24713-F1A8-4D6B-AFA2-252305566A29} [3222] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{20DAF06C-3CE7-4258-A67E-2416BD4515BE} [3152] O39 - APT: {4DF5AE5E-8AA1-4821-B1FA-3D4E749120DB} - (...) -- C:\Windows\System32\Tasks\{4DF5AE5E-8AA1-4821-B1FA-3D4E749120DB} [2982] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{6E0A7825-1EDA-46E9-ADE1-512E46766269} [3148] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{84E6D041-524A-484C-8E79-672F40DECB8C} [3150] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{88477B6A-0749-4D47-8515-587931068556} [3224] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{A2575C79-DA22-4EE3-AAEB-922F529A877A} [3180] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{B420D7C7-8F00-4422-8902-C43BD30F8605} [3300] O39 - APT: {C24C8EF0-4B56-41CF-AFC4-176E55A364B2} - (...) -- C:\Windows\System32\Tasks\{C24C8EF0-4B56-41CF-AFC4-176E55A364B2} [2982] O39 - APT: {E1ACF7EE-9FFE-463E-A02A-3068BD3E0144} - (...) -- C:\Windows\System32\Tasks\{E1ACF7EE-9FFE-463E-A02A-3068BD3E0144} [2876] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{E5A4990A-8ACA-4DE8-B5A7-1C9802F02D73} [3218] O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{FCC0C395-F17A-403F-BD88-D7CA596092B4} [3150] ---\\ Software installed (O42) (108) - 18s O42 - Logiciel: AutoCAD 2013 - English - (.Autodesk.) [HKLM][64Bits] -- AutoCAD 2013 - English O42 - Logiciel: Autodesk Inventor Fusion 2013 - (.Autodesk, Inc..) [HKLM][64Bits] -- Autodesk Inventor Fusion 2013 O42 - Logiciel: Autodesk Inventor Fusion plug-in for AutoCAD 2013 - (.Autodesk.) [HKLM][64Bits] -- Autodesk Inventor Fusion plug-in for AutoCAD 2013 O42 - Logiciel: Dell V310-V510 Series - (.Dell, Inc..) [HKLM][64Bits] -- Dell V310-V510 Series O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client O42 - Logiciel: WinRAR 4.00 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: Encarta Search Bar (64-bit) - (.Microsoft.) [HKLM][64Bits] -- {07044040-959A-4B0D-8825-2C533F0DDB19} O42 - Logiciel: Canon MG2200 series MP Drivers - (.Canon Inc..) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series O42 - Logiciel: Canon MP270 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series O42 - Logiciel: SolidWorks Explorer 2013 SP0 x64 Edition - (.SolidWorks Corporation.) [HKLM][64Bits] -- {168EB20E-FC09-4D2E-83A9-49483710304C} O42 - Logiciel: Java(TM) 6 Update 20 (64-bit) - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416020FF} O42 - Logiciel: SolidWorks Flow Simulation 2013 SP0 x64 Edition - (.SolidWorks Corporation.) [HKLM][64Bits] -- {2A6228B3-BB5D-47D9-9BB6-20953A050698} O42 - Logiciel: AutoCAD 2013 - English - (.Autodesk.) [HKLM][64Bits] -- {5783F2D7-B001-0000-0102-0060B0CE6BBA} O42 - Logiciel: Autodesk Inventor Fusion plug-in for AutoCAD 2013 - (.Autodesk.) [HKLM][64Bits] -- {82C1E6E4-6718-4EFD-9DCC-E276D690EF46} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM][64Bits] -- {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM][64Bits] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: SolidWorks 2013 x64 Edition SP0 - (.SolidWorks.) [HKLM][64Bits] -- {B6B5EA7E-B91F-443D-A958-B0062FB53804} O42 - Logiciel: SolidWorks Plastics 2013 SP0 x64 Edition - (.SolidWorks Corporation.) [HKLM][64Bits] -- {BA812540-2D88-4A6A-A527-E7728D577D7D} O42 - Logiciel: SolidWorks eDrawings 2013 x64 Edition SP0 - (.Dassault Systèmes SolidWorks Corp.) [HKLM][64Bits] -- {C76772EF-40C8-4090-8C0E-EF1D2BD0DB96} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {D954C6C2-544B-4091-A47F-11E77162883E} O42 - Logiciel: Autodesk Sync - (.Autodesk, Inc..) [HKLM][64Bits] -- {EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F} O42 - Logiciel: Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 - (.Autodesk.) [HKLM][64Bits] -- {FE2F4875-095C-427C-9A97-4F8DE05ACF22} O42 - Logiciel: Autodesk Inventor Fusion 2013 - (.Autodesk, Inc..) [HKLM][64Bits] -- {FFF5619F-2013-0064-A85E-9994F70A9E5D} O42 - Logiciel: Adobe Flash Player 18 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Autodesk Content Service - (.Autodesk.) [HKLM][64Bits] -- Autodesk Content Service O42 - Logiciel: Belarc Advisor 8.3 - (.Belarc Inc..) [HKLM][64Bits] -- Belarc Advisor O42 - Logiciel: Business Contact Manager for Outlook 2007 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- Business Contact Manager O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco AnyConnect Secure Mobility Client O42 - Logiciel: Concise Oxford Dictionary (Tenth Edition) - (...) [HKLM][64Bits] -- Concise Oxford Dictionary (Tenth Edition) O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central O42 - Logiciel: DesktopSearch - (.Unique Solutions.) [HKLM][64Bits] -- DesktopSearch =>PUP.Optional.DesktopSearch O42 - Logiciel: Microsoft Expression Encoder 4 - (.Microsoft Corporation.) [HKLM][64Bits] -- Encoder_4.0.1651.0 O42 - Logiciel: GamesDesktop 027.198 - (.GAMESDESKTOP.) [HKLM][64Bits] -- gmsd_au_198_is1 =>PUP.Optional.GamesDesktop O42 - Logiciel: GamesDesktop 027.257 - (.GAMESDESKTOP.) [HKLM][64Bits] -- gmsd_au_257_is1 =>PUP.Optional.GamesDesktop O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: Hades - (.Hades.) [HKLM][64Bits] -- Hades =>PUP.Optional.Hades O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM][64Bits] -- istartsurf uninstall =>PUP.Optional.IsStart O42 - Logiciel: Mozilla Firefox 38.0.1 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 38.0.1 (x86 en-US) O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (...) [HKLM][64Bits] -- MSTTS O42 - Logiciel: mystartsearch uninstall - (.mystartsearch.) [HKLM][64Bits] -- mystartsearch uninstall =>PUP.Optional.StartSearch O42 - Logiciel: Microsoft Project Professional 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.PRJPRO O42 - Logiciel: Microsoft Visio Premium 2010 - (.Microsoft Corporation.) [HKLM][64Bits] -- Office14.VISIOR O42 - Logiciel: Picexa - (.Taiwan Shui Mu Chih Ching Technology Limited.) [HKLM][64Bits] -- Picexa =>PUP.Optional.Picexa O42 - Logiciel: PlusHD Cinema 2.1cV11.04 - (.Plus HDV11.04.) [HKLM][64Bits] -- PlusHD Cinema 2.1cV11.04 O42 - Logiciel: SolidWorks 2013 x64 Edition SP0 - (.SolidWorks Corporation.) [HKLM][64Bits] -- SolidWorks Installation Manager 20130-40000-1100-100 O42 - Logiciel: The KMPlayer (remove only) - (.KMP Media co., Ltd.) [HKLM][64Bits] -- The KMPlayer O42 - Logiciel: WordWeb - (.WordWeb Software.) [HKLM][64Bits] -- WordWeb O42 - Logiciel: Microsoft Student with Encarta Premium 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {07041881-E9B4-4DF6-A845-CAAFD093E477} O42 - Logiciel: Microsoft Math - (.Microsoft Corporation.) [HKLM][64Bits] -- {07043840-959A-4B0D-8825-2C533F0DDB19} O42 - Logiciel: OLYMPUS Master 2 - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {0815D55A-5EFF-4E1B-8C04-7035E914D90D} O42 - Logiciel: Dell Toolbar - (...) [HKLM][64Bits] -- {09B71986-2AC5-482d-B6CB-42EA34F4F85B} O42 - Logiciel: Autodesk Material Library 2013 - (.Autodesk.) [HKLM][64Bits] -- {117EBEEB-5DB0-43C8-9FD6-DD583DB152DD} O42 - Logiciel: SeekerFoobar - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{776f1cff} =>PUP.Optional.Graftor O42 - Logiciel: SegmentProlonger - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{e15b56b7} =>PUP.Optional.Graftor O42 - Logiciel: BocaProc - (.Software Publisher.) [HKLM][64Bits] -- {12DA0E6F-5543-440C-BAA2-28BF01070AFA}{e89b4e72} =>PUP.Optional.Graftor O42 - Logiciel: Dell DataSafe Online - (.Dell, Inc..) [HKLM][64Bits] -- {13766F76-6C8C-4E57-A9F3-3212D1C6E0D1} O42 - Logiciel: Angry Birds Star Wars II - (.Rovio Entertainment Ltd..) [HKLM][64Bits] -- {15231C14-90E3-4BBE-A11E-88C289FD0B6B} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: Java 8 Update 40 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218040F0} O42 - Logiciel: Sentinel HASP Run-time - (.SafeNet Inc..) [HKLM][64Bits] -- {2A414CBE-CDF3-48C6-A91B-D3D4522F8EB5} O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Coupoon version 1.0 - (.Coupoon.) [HKLM][64Bits] -- {49F8B4F8-0CD4-4BE4-A9E8-B13A071F7C90}_is1 O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} O42 - Logiciel: Autodesk Material Library Base Resolution Image Library 2013 - (.Autodesk.) [HKLM][64Bits] -- {606E12B9-641F-4644-A22A-FF38AE980AFD} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Autodesk Content Service Language Pack - (.Autodesk.) [HKLM][64Bits] -- {62F029AB-85F2-0001-866A-9FC0DD99DDBC} O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} O42 - Logiciel: PowerDVD DX - (.CyberLink Corp..) [HKLM][64Bits] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} O42 - Logiciel: DivX - (.DivXNetworks, Inc..) [HKLM][64Bits] -- {7B63B2922B174135AFC0E1377DD81EC2} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: EndNote X7 - (.Thomson Reuters.) [HKLM][64Bits] -- {86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C} O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} O42 - Logiciel: DivX Player - (.DivXNetworks, Inc..) [HKLM][64Bits] -- {8ADFC4160D694100B5B8A22DE9DCABD9} O42 - Logiciel: Microsoft Project 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{8A8F117F-8EDB-440D-B679-F08909D729F7} O42 - Logiciel: Microsoft Project 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {90140000-00B4-0409-0000-0000000FF1CE}_Office14.PRJPRO_{18A0C151-8F8A-4B68-A960-60C464B94329} O42 - Logiciel: Microsoft Visio 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM][64Bits] -- {91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3} O42 - Logiciel: Microsoft Expression Encoder 4 - (.Microsoft Corporation.) [HKLM][64Bits] -- {935B40F5-6994-4868-9155-F9FB77A5048F} O42 - Logiciel: FARO LS 1.1.406.58 - (.FARO Scanner Production.) [HKLM][64Bits] -- {951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C} O42 - Logiciel: Microsoft Expression Encoder 4 Screen Capture Codec - (.Microsoft Corporation.) [HKLM][64Bits] -- {952DCCD8-4039-46C8-BC8B-5C1EB6C8E130} O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM][64Bits] -- {981029E0-7FC9-4CF3-AB39-6F133621921A} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {A33E7B0C-B99C-4EC9-B702-8A328B161AF9} O42 - Logiciel: globalupdate Helper - (.globalupdate Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Optional.GlobalUpdate O42 - Logiciel: Adobe Reader XI (11.0.02) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] -- {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87} O42 - Logiciel: Business Contact Manager for Outlook 2007 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {B32C4059-6E7A-41EF-AD20-56DF1872B923} O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} O42 - Logiciel: eRedBook - (.Halliburton ESG.) [HKLM][64Bits] -- {BD7D558A-ACCE-4F3B-AEE5-34903ADA828B} O42 - Logiciel: Autodesk Download Manager - (.Autodesk, Inc..) [HKLM][64Bits] -- {D672018C-BCC5-4994-94FD-BF2EF24865F4} O42 - Logiciel: jetAudio - (...) [HKLM][64Bits] -- {DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} O42 - Logiciel: Dell Support Center (Support Software) - (.Dell.) [HKLM][64Bits] -- {E3BFEE55-39E2-4BE0-B966-89FE583822C1} O42 - Logiciel: OLYMPUS muvee theaterPack - (.OLYMPUS IMAGING CORP..) [HKLM][64Bits] -- {EC047FA6-E83D-4326-9195-E7D306C5B9A2} O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8} O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM][64Bits] -- {F07B861C-72B9-40A4-8B1A-AAED4C06A7E8} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {F63E747C-5B51-4A6E-9413-BF258F4653F3} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Microsoft Student 2007 for Learning Essentials - (...) [HKLM][64Bits] -- {Microsoft Student 2007_54A0E938-8390-489F-8F1A-563673334DFE} O42 - Logiciel: RapidMediaConverter - (.RapidMediaConverter.) [HKCU][64Bits] -- RapidMediaConverter =>PUP.Optional.RapidMediaConverter O42 - Logiciel: Tango - (.TangoMe, Inc..) [HKCU][64Bits] -- Tango ---\\ HKCU & HKLM Software Keys (235) - 19s HKLM\SOFTWARE\Wow6432Node\480a6995-af05-4f6a-8e20-98f43da8c9df =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\4bb589d3-90a2-4eed-997f-303aa9f45e6b =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\566275f5-0c65-d34f-9f50-8a5c543e584c =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\ABBYY HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Autodesk HKLM\SOFTWARE\Wow6432Node\Babylon =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\BcmSetup HKLM\SOFTWARE\Wow6432Node\Belarc HKLM\SOFTWARE\Wow6432Node\Bench HKLM\SOFTWARE\Wow6432Node\Boost =>PUP.Optional.Boost HKLM\SOFTWARE\Wow6432Node\Canon HKLM\SOFTWARE\Wow6432Node\Caphyon HKLM\SOFTWARE\Wow6432Node\Cisco HKLM\SOFTWARE\Wow6432Node\Conduit =>PUP.Optional.Conduit HKLM\SOFTWARE\Wow6432Node\COWON HKLM\SOFTWARE\Wow6432Node\Creative HKLM\SOFTWARE\Wow6432Node\Creative Tech HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\CSEMP HKLM\SOFTWARE\Wow6432Node\CyberLink HKLM\SOFTWARE\Wow6432Node\DataMngr =>PUP.Optional.Datamngr HKLM\SOFTWARE\Wow6432Node\Debug HKLM\SOFTWARE\Wow6432Node\Dell HKLM\SOFTWARE\Wow6432Node\Dell Computer Corporation HKLM\SOFTWARE\Wow6432Node\DellInkJet HKLM\SOFTWARE\Wow6432Node\delta-homesSoftware =>PUP.Optional.DeltaHomes HKLM\SOFTWARE\Wow6432Node\DivXNetworks HKLM\SOFTWARE\Wow6432Node\Earth Resource Mapping HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\FlvPlayer =>PUP.Optional.FLVPlayer HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\GoforFiles HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Hades =>PUP.Optional.Hades HKLM\SOFTWARE\Wow6432Node\hdcode HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\IHProtect =>PUP.Optional.AgentODR HKLM\SOFTWARE\Wow6432Node\Infonaut_1.10.0.13 =>PUP.Optional.Infonaut HKLM\SOFTWARE\Wow6432Node\InstallCore =>PUP.Optional.InstallCore HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\iolo HKLM\SOFTWARE\Wow6432Node\ISI ResearchSoft HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JetAudio, Inc. HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\KasperskyLab HKLM\SOFTWARE\Wow6432Node\KMPlayer HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Macrovision HKLM\SOFTWARE\Wow6432Node\mamverifier =>Toolbar.Mamverifier HKLM\SOFTWARE\Wow6432Node\MapsGalaxy_39EI =>PUP.Optional.MapsGalaxy HKLM\SOFTWARE\Wow6432Node\McAfeeInstaller HKLM\SOFTWARE\Wow6432Node\MimarSinan HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\muvee Technologies HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OLYMPUS HKLM\SOFTWARE\Wow6432Node\Pandora.TV HKLM\SOFTWARE\Wow6432Node\PC Utility Kit HKLM\SOFTWARE\Wow6432Node\PC-Doctor HKLM\SOFTWARE\Wow6432Node\Persits Software HKLM\SOFTWARE\Wow6432Node\Picexa =>PUP.Optional.Picexa HKLM\SOFTWARE\Wow6432Node\PicexaSvc =>PUP.Optional.Picexa HKLM\SOFTWARE\Wow6432Node\PlusHD Cinema 2.1cV11.04 HKLM\SOFTWARE\Wow6432Node\PlusHD Cinema 2.1cV11.04-nv =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\PlusHD Cinema 2.1cV11.04-nv-ie =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Pro PC Cleaner =>PUP.Optional.DoctorPC HKLM\SOFTWARE\Wow6432Node\Registry Helper =>PUP.Optional.RegistryHelper HKLM\SOFTWARE\Wow6432Node\Rovio Entertainment Ltd. HKLM\SOFTWARE\Wow6432Node\Roxio HKLM\SOFTWARE\Wow6432Node\S3R521 HKLM\SOFTWARE\Wow6432Node\Salus =>PUP.Optional.Salus HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities Inc HKLM\SOFTWARE\Wow6432Node\SlimWare Utilities, Inc. HKLM\SOFTWARE\Wow6432Node\SolidWorks HKLM\SOFTWARE\Wow6432Node\SolidWorks Corporation HKLM\SOFTWARE\Wow6432Node\Sonic HKLM\SOFTWARE\Wow6432Node\SparkTrust =>PUP.Optional.SparkTrust HKLM\SOFTWARE\Wow6432Node\SProtector =>PUP.Optional.MocaFlix HKLM\SOFTWARE\Wow6432Node\SupDp =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\SupportSoft HKLM\SOFTWARE\Wow6432Node\supTab =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\Wow6432Node\The Silicon Realms Toolworks HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\Universal HKLM\SOFTWARE\Wow6432Node\Voice HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Windows HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.19 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.20 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\5b57dcd9b634ed44 HKCU\SOFTWARE\ABBYY HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Affinix HKCU\SOFTWARE\AGBO Business Architecture S.L. HKCU\SOFTWARE\Akamai HKCU\SOFTWARE\Alps HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\ATO HKCU\SOFTWARE\Autodesk HKCU\SOFTWARE\Autodesk, Inc. HKCU\SOFTWARE\Babylon =>PUP.Optional.Babylon HKCU\SOFTWARE\Belarc HKCU\SOFTWARE\Boost =>PUP.Optional.Boost HKCU\SOFTWARE\Broadcom HKCU\SOFTWARE\Bugsplat HKCU\SOFTWARE\Canon HKCU\SOFTWARE\CanonBJ HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\CinemaPlus-3.2cV11.04-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Collins HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\COWON HKCU\SOFTWARE\Creative Tech HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\CSEMP HKCU\SOFTWARE\Cyberlink HKCU\SOFTWARE\DataMngr =>PUP.Optional.Datamngr HKCU\SOFTWARE\Dell HKCU\SOFTWARE\Dell V310-V510 Series HKCU\SOFTWARE\DellInkJet HKCU\SOFTWARE\DellPhoto HKCU\SOFTWARE\DesktopContainer =>PUP.Optional.OutfoxTV HKCU\SOFTWARE\Digital Workshop HKCU\SOFTWARE\DivXNetworks HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\Earth Resource Mapping HKCU\SOFTWARE\EasyBits HKCU\SOFTWARE\Ectaco HKCU\SOFTWARE\eDrawings HKCU\SOFTWARE\FLEXlm License Manager HKCU\SOFTWARE\Foxit Software Company HKCU\SOFTWARE\freesofttoday =>PUP.Optional.Multiplug HKCU\SOFTWARE\gamesdesktop =>PUP.Optional.GamesDesktop HKCU\SOFTWARE\Ge-Force-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\GoforFiles HKCU\SOFTWARE\Google HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\HiRbpcK1RWiu HKCU\SOFTWARE\i-FunBox.com HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\Intel HKCU\SOFTWARE\iolo HKCU\SOFTWARE\ISI ResearchSoft HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\KMPlayer HKCU\SOFTWARE\Kromtech HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Local AppWizard-Generated Applications_ZWCAD HKCU\SOFTWARE\Loons HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\McAfee HKCU\SOFTWARE\Mediachance HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\mysearchdial =>PUP.Optional.MySearchDial HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\OLYMPUS HKCU\SOFTWARE\Optimizer Pro =>PUP.Optional.OptimizerPro HKCU\SOFTWARE\PC Utility Kit HKCU\SOFTWARE\PlusHD Cinema 2.1cV11.04 HKCU\SOFTWARE\PlusHD Cinema 2.1cV11.04-nv =>PUP.Optional.CrossRider HKCU\SOFTWARE\PlusHD Cinema 2.1cV11.04-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\PlusHDCinema2.1cV11.04 HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore HKCU\SOFTWARE\ProPCCleanerConfig =>PUP.Optional.ProPCCleaner HKCU\SOFTWARE\ProPCCleanerLanguage =>PUP.Optional.ProPCCleaner HKCU\SOFTWARE\PTP HKCU\SOFTWARE\RapidMediaConverterApp =>PUP.Optional.RapidMediaConverter HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech HKCU\SOFTWARE\Skyhook Wireless HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SlimWare Utilities Inc HKCU\SOFTWARE\Smartbar =>PUP.Optional.SmartBar HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\Solid Program HKCU\SOFTWARE\SolidWorks HKCU\SOFTWARE\SparkTrust =>PUP.Optional.SparkTrust HKCU\SOFTWARE\srac HKCU\SOFTWARE\Super Optimizer =>PUP.Optional.SuperOptimizer HKCU\SOFTWARE\SupportSoft HKCU\SOFTWARE\SysMech6 HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\Tango HKCU\SOFTWARE\Terraria HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\Ultralingua HKCU\SOFTWARE\uzvtdbEy8b5QErtPtr48 HKCU\SOFTWARE\VXM Studio HKCU\SOFTWARE\WebApp HKCU\SOFTWARE\WEDLMNGR =>PUP.Optional.weDownloadManager HKCU\SOFTWARE\Western Digital HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\WordWeb HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\SProtector =>PUP.Optional.MocaFlix HKCU\SOFTWARE\AppDataLow\Software\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow\Software\ConduitSearchScopes =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\PriceGong =>PUP.Optional.PriceGong HKCU\SOFTWARE\AppDataLow\Software\Re_markit =>PUP.Optional.ReMarkIt HKCU\SOFTWARE\AppDataLow\Software\Sensible Vision HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar HKCU\SOFTWARE\AppDataLow\Software\SmartWeb =>PUP.Optional.SmartWebSearch ---\\ Contents of the Common Files folders (O43) (374) - 19s O43 - CFD: 2015/04/11 20:12:44 - [] D -- C:\Program Files (x86)\02fe82a2-ed54-45d6-b859-7ee99363ab05 =>PUP.Optional.CrossRider O43 - CFD: 2015/05/26 22:15:27 - [0] D -- C:\Program Files (x86)\Abbyy FineReader 6.0 Sprint O43 - CFD: 2015/07/16 11:15:24 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2015/07/16 21:28:18 - [] D -- C:\Program Files (x86)\Advanced System Optimizer 3 =>PUP.Optional.AdvancedSystemOptimizer O43 - CFD: 2013/01/11 11:21:16 - [] D -- C:\Program Files (x86)\AngusRobertson O43 - CFD: 2013/04/15 13:36:16 - [] D -- C:\Program Files (x86)\Autodesk O43 - CFD: 2015/07/17 18:26:14 - [] D -- C:\Program Files (x86)\Background Image for Homepage O43 - CFD: 2013/01/10 10:51:29 - [] D -- C:\Program Files (x86)\Belarc O43 - CFD: 2015/07/26 22:30:15 - [] D -- C:\Program Files (x86)\BestSAveFoRRYou =>PUP.Optional.Multiplug O43 - CFD: 2015/07/26 22:13:21 - [] D -- C:\Program Files (x86)\BestSSaveFoRYou =>PUP.Optional.Multiplug O43 - CFD: 2015/07/26 22:30:35 - [] D -- C:\Program Files (x86)\BesttSavveForYou =>PUP.Optional.Multiplug O43 - CFD: 2015/07/17 20:23:35 - [] D -- C:\Program Files (x86)\BocaProc O43 - CFD: 2013/04/04 10:09:33 - [] D -- C:\Program Files (x86)\Canon O43 - CFD: 2014/04/15 20:24:05 - [] D -- C:\Program Files (x86)\Cisco O43 - CFD: 2010/06/24 03:47:44 - [] D -- C:\Program Files (x86)\Citrix O43 - CFD: 2015/07/27 14:17:13 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2015/07/06 15:01:03 - [] D -- C:\Program Files (x86)\Coupoon =>PUP.Optional.Multiplug O43 - CFD: 2015/05/26 22:37:27 - [] D -- C:\Program Files (x86)\Creative O43 - CFD: 2010/06/24 03:48:31 - [] D -- C:\Program Files (x86)\CyberLink O43 - CFD: 2015/07/26 22:16:28 - [] D -- C:\Program Files (x86)\daiLyyprrize O43 - CFD: 2015/07/26 22:09:40 - [] D -- C:\Program Files (x86)\ddailypRiize O43 - CFD: 2015/07/26 22:29:59 - [] D -- C:\Program Files (x86)\deailypriZe O43 - CFD: 2013/01/11 11:27:17 - [0] D -- C:\Program Files (x86)\Dell O43 - CFD: 2011/07/24 17:51:06 - [] D -- C:\Program Files (x86)\Dell DataSafe Local Backup O43 - CFD: 2010/06/24 03:47:47 - [] D -- C:\Program Files (x86)\Dell DataSafe Online O43 - CFD: 2010/07/26 11:38:48 - [] D -- C:\Program Files (x86)\Dell PC Fax O43 - CFD: 2010/06/24 03:48:10 - [] D -- C:\Program Files (x86)\Dell Support Center O43 - CFD: 2010/07/26 11:38:57 - [] D -- C:\Program Files (x86)\Dell Toolbar O43 - CFD: 2010/07/26 11:41:26 - [] D -- C:\Program Files (x86)\Dell V310-V510 Series O43 - CFD: 2015/05/26 22:37:29 - [] D -- C:\Program Files (x86)\Dell Webcam O43 - CFD: 2013/09/05 15:05:09 - [] D -- C:\Program Files (x86)\DivX O43 - CFD: 2015/07/16 19:41:36 - [] D -- C:\Program Files (x86)\Do Not Disturb O43 - CFD: 2014/05/25 16:31:09 - [0] D -- C:\Program Files (x86)\DriverUpdate O43 - CFD: 2014/11/02 09:31:30 - [] D -- C:\Program Files (x86)\EndNote X7 O43 - CFD: 2015/07/16 11:10:49 - [] D -- C:\Program Files (x86)\etax2013 O43 - CFD: 2015/07/18 10:26:20 - [] D -- C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/07/16 21:57:16 - [] D -- C:\Program Files (x86)\gmsd_au_198 O43 - CFD: 2015/07/16 21:55:43 - [] D -- C:\Program Files (x86)\gmsd_au_257 O43 - CFD: 2015/07/17 17:55:11 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2013/04/04 10:38:04 - [] D -- C:\Program Files (x86)\GUM677B.tmp O43 - CFD: 2015/06/12 06:27:58 - [] D -- C:\Program Files (x86)\Hades O43 - CFD: 2014/06/07 16:23:19 - [] D -- C:\Program Files (x86)\Halliburton O43 - CFD: 2015/07/27 12:23:57 - [] D -- C:\Program Files (x86)\Homely Blind O43 - CFD: 2015/04/18 12:53:44 - [] D -- C:\Program Files (x86)\i-Funbox DevTeam O43 - CFD: 2015/05/26 22:37:29 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2013/04/03 20:08:28 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 2013/05/16 17:39:40 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 2015/07/16 22:08:32 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2013/03/31 01:01:41 - [] D -- C:\Program Files (x86)\iolo O43 - CFD: 2015/03/14 20:05:07 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 2013/01/27 23:54:44 - [] D -- C:\Program Files (x86)\JetAudio O43 - CFD: 2013/03/09 21:15:00 - [] D -- C:\Program Files (x86)\Learning Essentials O43 - CFD: 2015/05/23 17:27:48 - [0] D -- C:\Program Files (x86)\LinkMonitor O43 - CFD: 2010/10/11 12:26:22 - [] D -- C:\Program Files (x86)\McAfee O43 - CFD: 2013/04/04 10:04:12 - [] D -- C:\Program Files (x86)\Microsoft O43 - CFD: 2013/02/04 00:16:00 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 2015/05/02 21:32:13 - [] D -- C:\Program Files (x86)\Microsoft Expression O43 - CFD: 2013/04/26 01:00:30 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2013/02/19 10:07:26 - [] D -- C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 2013/03/17 22:35:44 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2010/09/11 18:47:23 - [] D -- C:\Program Files (x86)\Microsoft Small Business O43 - CFD: 2011/04/08 08:08:01 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 2010/06/24 03:50:30 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 2015/06/01 20:36:35 - [] D -- C:\Program Files (x86)\Microsoft Student O43 - CFD: 2010/06/24 03:51:32 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 2010/09/11 18:39:09 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 2013/04/26 01:00:05 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 2010/10/11 13:34:17 - [] D -- C:\Program Files (x86)\Microsoft Works O43 - CFD: 2015/04/04 17:27:42 - [] D -- C:\Program Files (x86)\Microsoft XNA O43 - CFD: 2011/05/02 06:46:52 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/06/05 07:47:29 - [] D -- C:\Program Files (x86)\MiuiTab =>PUP.Optional.MiuiTab O43 - CFD: 2015/07/16 21:13:23 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2009/07/14 13:32:38 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2014/05/25 22:53:19 - [] D -- C:\Program Files (x86)\MSECache O43 - CFD: 2010/07/19 09:13:10 - [0] D -- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 2015/07/18 12:39:51 - [] D -- C:\Program Files (x86)\NewSaaveR =>PUP.Optional.Multiplug O43 - CFD: 2015/07/18 09:33:00 - [] D -- C:\Program Files (x86)\NewSiaaver =>PUP.Optional.Multiplug O43 - CFD: 2013/05/15 21:10:05 - [] D -- C:\Program Files (x86)\Newsoft O43 - CFD: 2015/07/18 09:37:13 - [] D -- C:\Program Files (x86)\NEwSSaveer =>PUP.Optional.Multiplug O43 - CFD: 2013/04/26 01:11:48 - [] D -- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 2015/07/17 18:25:19 - [] D -- C:\Program Files (x86)\ofaferrsalee O43 - CFD: 2015/07/26 22:11:29 - [] D -- C:\Program Files (x86)\oFafersAlle O43 - CFD: 2015/07/17 18:25:32 - [] D -- C:\Program Files (x86)\offersAale O43 - CFD: 2015/07/16 19:42:47 - [] D -- C:\Program Files (x86)\offeRsale O43 - CFD: 2015/07/26 22:11:31 - [] D -- C:\Program Files (x86)\offersALeu O43 - CFD: 2010/07/19 09:15:29 - [] D -- C:\Program Files (x86)\OLYMPUS O43 - CFD: 2013/03/18 23:37:26 - [] D -- C:\Program Files (x86)\Optus Wireless Broadband O43 - CFD: 2015/07/16 19:44:35 - [] D -- C:\Program Files (x86)\PericceChop =>PUP.Optional.Multiplug O43 - CFD: 2015/07/27 14:04:17 - [] D -- C:\Program Files (x86)\Picexa =>PUP.Optional.Picexa O43 - CFD: 2015/07/16 10:58:31 - [] D -- C:\Program Files (x86)\PiriceeCuhoP =>PUP.Optional.Multiplug O43 - CFD: 2015/04/11 20:17:44 - [] D -- C:\Program Files (x86)\PlusHD Cinema 2.1cV11.04 O43 - CFD: 2015/07/16 19:44:35 - [] D -- C:\Program Files (x86)\PrIcceCChhop =>PUP.Optional.Multiplug O43 - CFD: 2015/07/16 19:44:35 - [] D -- C:\Program Files (x86)\PRiceChop =>PUP.Optional.Multiplug O43 - CFD: 2015/07/12 13:21:13 - [] D -- C:\Program Files (x86)\PriceeChiop =>PUP.Optional.Multiplug O43 - CFD: 2010/07/19 09:16:34 - [] D -- C:\Program Files (x86)\QuickTime O43 - CFD: 2015/04/11 19:12:40 - [] D -- C:\Program Files (x86)\RapidMediaConverter =>PUP.Optional.RapidMediaConverter O43 - CFD: 2015/07/16 22:19:44 - [] D -- C:\Program Files (x86)\rec_au_24 O43 - CFD: 2009/07/14 13:32:38 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2014/05/26 21:35:52 - [] D -- C:\Program Files (x86)\Rovio Entertainment Ltd O43 - CFD: 2010/06/24 03:55:35 - [] D -- C:\Program Files (x86)\Roxio O43 - CFD: 2015/04/25 08:30:07 - [] D -- C:\Program Files (x86)\Scrollbar of Contents O43 - CFD: 2015/07/27 10:46:20 - [] D -- C:\Program Files (x86)\SeekerFoobar O43 - CFD: 2015/05/26 22:09:36 - [] D -- C:\Program Files (x86)\SegmentProlonger O43 - CFD: 2015/07/16 11:18:51 - [0] D -- C:\Program Files (x86)\Sensible Vision O43 - CFD: 2012/10/21 16:56:03 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 2015/06/12 06:28:54 - [] D -- C:\Program Files (x86)\Smwyyntm1ndi1zdz O43 - CFD: 2013/04/26 02:16:34 - [] D -- C:\Program Files (x86)\SolidWorks Corp O43 - CFD: 2015/04/25 11:51:41 - [0] D -- C:\Program Files (x86)\SystemLifer O43 - CFD: 2013/05/10 15:38:45 - [] D -- C:\Program Files (x86)\Tango O43 - CFD: 2013/10/11 20:12:36 - [] D -- C:\Program Files (x86)\The KMPlayer O43 - CFD: 2015/07/26 22:15:51 - [] D -- C:\Program Files (x86)\Uncanny Cookie Clicker O43 - CFD: 2009/07/14 12:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 2015/04/18 19:27:35 - [] D -- C:\Program Files (x86)\Windows Audio O43 - CFD: 2012/10/19 06:55:00 - [] D -- C:\Program Files (x86)\Windows Live O43 - CFD: 2010/06/24 03:49:51 - [] D -- C:\Program Files (x86)\Windows Live SkyDrive O43 - CFD: 2013/01/10 10:31:49 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2013/01/10 10:31:49 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2015/04/18 20:16:12 - [] D -- C:\Program Files (x86)\Windows Network Accelerater O43 - CFD: 2009/07/14 13:32:38 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2014/08/18 18:22:38 - [] D -- C:\Program Files (x86)\Windows Password Key Professional O43 - CFD: 2013/01/10 10:31:49 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2013/01/10 10:31:49 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2013/01/10 10:31:49 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2013/07/25 17:24:03 - [] D -- C:\Program Files (x86)\WordWeb O43 - CFD: 2015/04/19 10:27:01 - [] D -- C:\Program Files (x86)\XTab O43 - CFD: 2010/06/24 05:39:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2013/04/26 01:02:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2013/04/15 14:00:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk O43 - CFD: 2015/07/17 10:24:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon =>PUP.Optional.Babylon O43 - CFD: 2015/07/16 21:15:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrooWese22saove =>PUP.Optional.Multiplug O43 - CFD: 2014/04/15 20:24:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco O43 - CFD: 2013/01/23 17:20:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COD10 O43 - CFD: 2013/01/11 11:27:14 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 2011/07/24 17:51:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe O43 - CFD: 2010/07/26 11:39:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Printers O43 - CFD: 2010/06/24 03:48:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center O43 - CFD: 2015/05/26 22:37:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Webcam O43 - CFD: 2015/07/16 21:15:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Wireless O43 - CFD: 2013/09/05 15:05:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX O43 - CFD: 2014/11/02 09:31:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote O43 - CFD: 2015/07/17 10:24:15 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer =>PUP.Optional.FLVPlayer O43 - CFD: 2014/05/26 21:36:14 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/05/02 22:02:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>PUP.Optional.GamesDesktop O43 - CFD: 2015/07/17 17:55:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2013/12/15 17:21:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth O43 - CFD: 2014/06/07 16:23:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Halliburton O43 - CFD: 2010/06/24 03:47:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager O43 - CFD: 2015/07/16 21:15:25 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2015/03/14 20:05:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 2013/01/27 23:54:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio O43 - CFD: 2015/06/01 20:32:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Learning Essentials O43 - CFD: 2013/05/15 21:19:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingvoSoft O43 - CFD: 2009/07/14 12:57:09 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/05/05 18:52:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression O43 - CFD: 2013/04/27 22:24:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 2013/03/17 22:38:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2010/09/11 18:46:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005 O43 - CFD: 2015/06/01 20:38:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Student O43 - CFD: 2013/04/26 01:02:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005 O43 - CFD: 2010/07/19 09:18:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OLYMPUS Master 2 O43 - CFD: 2015/06/05 07:48:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa =>PUP.Optional.Picexa O43 - CFD: 2010/07/19 09:16:19 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime O43 - CFD: 2015/04/11 19:12:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter =>PUP.Optional.RapidMediaConverter O43 - CFD: 2013/07/30 22:03:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player =>PUP.Optional.RichMediaPlayer O43 - CFD: 2014/05/26 21:35:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd O43 - CFD: 2010/06/24 03:55:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio O43 - CFD: 2012/10/21 16:56:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 2013/04/26 02:19:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks 2013 O43 - CFD: 2013/04/26 00:56:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolidWorks Installation Manager O43 - CFD: 2015/07/16 21:17:12 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2015/07/16 21:17:12 - [] HD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup- O43 - CFD: 2009/07/14 15:44:38 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2013/05/10 15:38:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tango O43 - CFD: 2010/06/24 03:51:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 2015/07/16 21:15:25 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Password Rescuer Advanced Trial O43 - CFD: 2013/01/12 14:53:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2015/07/27 11:07:35 - [] D -- C:\ProgramData\14064168327575479343 O43 - CFD: 2015/05/26 22:10:12 - [0] D -- C:\ProgramData\312584b6000003d3 O43 - CFD: 2015/07/17 20:24:03 - [0] D -- C:\ProgramData\312ca7a80000789c O43 - CFD: 2015/07/27 10:46:42 - [0] D -- C:\ProgramData\511557b000000548 O43 - CFD: 2013/05/10 15:40:54 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2013/04/26 01:05:54 - [] D -- C:\ProgramData\Apple O43 - CFD: 2010/07/19 09:16:05 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 2009/07/14 13:08:56 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2013/02/25 11:55:32 - [] D -- C:\ProgramData\Applications O43 - CFD: 2013/04/15 18:11:42 - [] D -- C:\ProgramData\Autodesk O43 - CFD: 2015/07/16 21:18:36 - [] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon O43 - CFD: 2015/05/23 15:08:47 - [] D -- C:\ProgramData\BrooWese22saove =>PUP.Optional.Multiplug O43 - CFD: 2015/07/26 21:55:16 - [] D -- C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser O43 - CFD: 2015/05/26 22:08:08 - [] D -- C:\ProgramData\c0104572000041d6 O43 - CFD: 2013/01/10 11:42:59 - [] HD -- C:\ProgramData\CanonBJ O43 - CFD: 2013/04/13 16:38:24 - [] D -- C:\ProgramData\CanonIJPLM O43 - CFD: 2013/02/04 18:09:49 - [] HD -- C:\ProgramData\CanonIJQuickMenu O43 - CFD: 2013/02/04 18:51:59 - [] HD -- C:\ProgramData\CanonIJScan O43 - CFD: 2013/02/04 18:08:06 - [] D -- C:\ProgramData\CanonIJWSpt O43 - CFD: 2014/04/15 20:24:05 - [] D -- C:\ProgramData\Cisco O43 - CFD: 2010/07/26 10:39:11 - [] D -- C:\ProgramData\Citrix O43 - CFD: 2015/07/06 15:05:50 - [] D -- C:\ProgramData\cLexsT O43 - CFD: 2013/09/16 17:56:10 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 2013/10/11 19:52:07 - [] D -- C:\ProgramData\Conduit O43 - CFD: 2013/04/26 02:26:09 - [] D -- C:\ProgramData\COSMOS Applications O43 - CFD: 2013/01/10 09:23:18 - [] D -- C:\ProgramData\Creative O43 - CFD: 2013/01/12 11:18:26 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 2013/04/26 02:05:20 - [0] D -- C:\ProgramData\DassaultSystemes O43 - CFD: 2010/09/11 02:53:50 - [] D -- C:\ProgramData\Dell O43 - CFD: 2009/07/14 13:08:56 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2015/07/06 15:04:37 - [] D -- C:\ProgramData\DesktopSearch =>PUP.Optional.DesktopSearch O43 - CFD: 2011/07/03 09:31:29 - [] D -- C:\ProgramData\Dl_cats O43 - CFD: 2009/07/14 13:08:56 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2010/07/10 09:42:10 - [] D -- C:\ProgramData\Ezprint O43 - CFD: 2009/07/14 13:08:56 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 2013/04/26 00:55:07 - [] D -- C:\ProgramData\FLEXnet O43 - CFD: 2015/07/16 11:19:22 - [] D -- C:\ProgramData\Google O43 - CFD: 2015/04/11 19:16:14 - [] D -- C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR O43 - CFD: 2015/04/25 10:18:27 - [] D -- C:\ProgramData\InstallMate =>PUP.Optional.Tarma O43 - CFD: 2015/07/26 22:17:40 - [] D -- C:\ProgramData\kfkkohlaaonojlofbaiobhbahodfcgjo O43 - CFD: 2015/04/18 10:09:57 - [] D -- C:\ProgramData\Kromtech O43 - CFD: 2010/06/24 03:55:36 - [] D -- C:\ProgramData\Macrovision O43 - CFD: 2013/01/10 17:21:29 - [] D -- C:\ProgramData\McAfee O43 - CFD: 2015/07/27 11:07:43 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2015/06/01 20:46:49 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2013/01/11 11:13:10 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2015/04/25 09:48:36 - [] D -- C:\ProgramData\ocnakceelpjooacemfkdefelpfklkhpj O43 - CFD: 2015/04/25 09:48:27 - [] D -- C:\ProgramData\Optimizer O43 - CFD: 2015/03/14 20:05:17 - [] D -- C:\ProgramData\Oracle O43 - CFD: 2013/07/30 13:37:56 - [] D -- C:\ProgramData\PC Utility Kit =>PUP.Optional.PCUtilityKit O43 - CFD: 2010/06/24 03:48:20 - [0] D -- C:\ProgramData\PCDr O43 - CFD: 2013/04/26 02:31:57 - [0] D -- C:\ProgramData\Simpoe O43 - CFD: 2012/10/21 16:56:02 - [] D -- C:\ProgramData\Skype O43 - CFD: 2013/04/26 01:11:39 - [] D -- C:\ProgramData\SolidWorks O43 - CFD: 2013/04/26 02:23:57 - [] D -- C:\ProgramData\SolidWorks Flow Simulation O43 - CFD: 2010/06/24 03:55:47 - [] D -- C:\ProgramData\Sonic O43 - CFD: 2013/07/30 22:03:12 - [] D -- C:\ProgramData\SparkTrust =>PUP.Optional.SparkTrust O43 - CFD: 2009/07/14 13:08:56 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2010/06/24 03:44:36 - [] D -- C:\ProgramData\Sun O43 - CFD: 2010/06/24 03:48:21 - [] D -- C:\ProgramData\SupportSoft O43 - CFD: 2015/07/16 20:44:22 - [] D -- C:\ProgramData\Systweak =>PUP.Optional.Systweak O43 - CFD: 2014/02/08 21:21:30 - [] D -- C:\ProgramData\Tarma Installer =>PUP.Optional.Tarma O43 - CFD: 2015/07/17 10:29:21 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 2009/07/14 13:08:56 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2014/11/02 09:31:37 - [] D -- C:\ProgramData\Thomson.ResearchSoft.Installers O43 - CFD: 2010/06/24 03:55:52 - [] D -- C:\ProgramData\Uninstall O43 - CFD: 2010/07/10 09:39:54 - [] D -- C:\ProgramData\V310-V510 Series O43 - CFD: 2010/07/20 07:54:54 - [] D -- C:\ProgramData\VirtualizedApplications O43 - CFD: 2013/04/07 02:53:27 - [] D -- C:\ProgramData\Windows Genuine Advantage O43 - CFD: 2015/04/18 20:16:19 - [] D -- C:\ProgramData\Windows VXM O43 - CFD: 2015/07/16 21:25:48 - [] D -- C:\ProgramData\WindowsMangerProtect =>PUP.Optional.Fuyu O43 - CFD: 2015/07/12 13:16:16 - [] D -- C:\ProgramData\Wseulair O43 - CFD: 2015/04/11 20:39:10 - [] D -- C:\ProgramData\{083266aa-87fa-6ac7-0832-266aa87f9aaa} O43 - CFD: 2015/07/16 16:19:27 - [] D -- C:\ProgramData\{4061c10c-6ad7-1021-4061-1c10c6ad0431} O43 - CFD: 2013/01/10 16:30:10 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2014/05/26 21:58:34 - [] D -- C:\Program Files (x86)\Common Files\Aladdin Shared O43 - CFD: 2013/04/15 13:56:54 - [] D -- C:\Program Files (x86)\Common Files\Autodesk Shared O43 - CFD: 2013/01/30 00:08:20 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2013/05/02 01:34:10 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 2015/03/14 20:06:38 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 2013/01/30 00:07:37 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared O43 - CFD: 2015/06/01 20:36:30 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 2010/07/19 09:18:24 - [] D -- C:\Program Files (x86)\Common Files\muvee Technologies O43 - CFD: 2010/06/24 03:55:36 - [] D -- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 2010/06/24 03:53:17 - [] D -- C:\Program Files (x86)\Common Files\Reallusion O43 - CFD: 2014/11/02 09:31:35 - [] D -- C:\Program Files (x86)\Common Files\ResearchSoft O43 - CFD: 2010/06/24 03:55:36 - [] D -- C:\Program Files (x86)\Common Files\Roxio Shared O43 - CFD: 2009/07/14 11:20:08 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2012/10/21 16:56:03 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 2013/04/26 00:55:46 - [] D -- C:\Program Files (x86)\Common Files\SolidWorks Installation Manager O43 - CFD: 2013/04/26 02:19:35 - [] D -- C:\Program Files (x86)\Common Files\SolidWorks Shared O43 - CFD: 2010/06/24 03:55:36 - [] D -- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 2009/07/14 11:20:08 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 2010/06/24 03:48:04 - [] D -- C:\Program Files (x86)\Common Files\supportsoft O43 - CFD: 2013/03/26 14:03:17 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2010/06/24 03:48:48 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 2014/05/26 21:58:28 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 2014/05/26 21:55:11 - [] D -- C:\Users\Eagle\AppData\Roaming\.LUFTRAUSERS O43 - CFD: 2015/07/17 10:05:35 - [] D -- C:\Users\Eagle\AppData\Roaming\.minecraft O43 - CFD: 2015/07/16 21:13:22 - [] D -- C:\Users\Eagle\AppData\Roaming\4C4C4544-1428751199-5810-8059-B6C04F474C31 O43 - CFD: 2013/01/13 01:10:33 - [] D -- C:\Users\Eagle\AppData\Roaming\Acapela Group O43 - CFD: 2013/01/12 11:11:17 - [] D -- C:\Users\Eagle\AppData\Roaming\Adobe O43 - CFD: 2013/02/14 13:33:29 - [] D -- C:\Users\Eagle\AppData\Roaming\Apple Computer O43 - CFD: 2013/04/15 18:11:42 - [] D -- C:\Users\Eagle\AppData\Roaming\Autodesk O43 - CFD: 2015/04/18 10:38:18 - [] D -- C:\Users\Eagle\AppData\Roaming\Babylon =>PUP.Optional.Babylon O43 - CFD: 2013/04/04 10:09:19 - [] D -- C:\Users\Eagle\AppData\Roaming\Canon O43 - CFD: 2013/03/09 20:34:36 - [] D -- C:\Users\Eagle\AppData\Roaming\COWON O43 - CFD: 2013/01/10 09:23:17 - [] D -- C:\Users\Eagle\AppData\Roaming\Creative O43 - CFD: 2010/07/10 09:34:53 - [] D -- C:\Users\Eagle\AppData\Roaming\CyberLink O43 - CFD: 2013/04/26 02:05:20 - [0] D -- C:\Users\Eagle\AppData\Roaming\DassaultSystemes O43 - CFD: 2010/07/08 11:41:04 - [] D -- C:\Users\Eagle\AppData\Roaming\Dell O43 - CFD: 2013/05/16 17:18:32 - [] D -- C:\Users\Eagle\AppData\Roaming\DMCache O43 - CFD: 2015/05/23 15:11:54 - [] D -- C:\Users\Eagle\AppData\Roaming\EasyJob Resume Builder O43 - CFD: 2013/09/16 17:57:28 - [] D -- C:\Users\Eagle\AppData\Roaming\Ectaco O43 - CFD: 2013/04/26 02:58:03 - [0] D -- C:\Users\Eagle\AppData\Roaming\EDrawings O43 - CFD: 2014/06/15 13:59:36 - [] D -- C:\Users\Eagle\AppData\Roaming\EndNote O43 - CFD: 2013/01/14 12:46:16 - [] D -- C:\Users\Eagle\AppData\Roaming\GoforFiles O43 - CFD: 2013/02/25 12:00:30 - [] D -- C:\Users\Eagle\AppData\Roaming\Google O43 - CFD: 2013/04/26 02:13:38 - [] D -- C:\Users\Eagle\AppData\Roaming\help_images_otherUI O43 - CFD: 2010/07/08 11:39:58 - [] D -- C:\Users\Eagle\AppData\Roaming\Identities O43 - CFD: 2015/07/16 20:24:54 - [] D -- C:\Users\Eagle\AppData\Roaming\IDM O43 - CFD: 2015/04/11 17:00:04 - [] D -- C:\Users\Eagle\AppData\Roaming\iFunbox_UserCache O43 - CFD: 2015/04/11 20:01:04 - [] D -- C:\Users\Eagle\AppData\Roaming\istartsurf =>PUP.Optional.IsStart O43 - CFD: 2015/03/14 21:13:46 - [] D -- C:\Users\Eagle\AppData\Roaming\java O43 - CFD: 2014/05/27 19:10:05 - [] D -- C:\Users\Eagle\AppData\Roaming\Karate Panda O43 - CFD: 2010/07/10 09:45:58 - [] D -- C:\Users\Eagle\AppData\Roaming\Macromedia O43 - CFD: 2009/07/14 15:44:38 - [0] D -- C:\Users\Eagle\AppData\Roaming\Media Center Programs O43 - CFD: 2015/05/02 21:41:34 - [] SD -- C:\Users\Eagle\AppData\Roaming\Microsoft O43 - CFD: 2013/01/11 11:13:44 - [] D -- C:\Users\Eagle\AppData\Roaming\Mozilla O43 - CFD: 2015/07/16 11:58:08 - [] D -- C:\Users\Eagle\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch O43 - CFD: 2015/04/18 19:15:59 - [] D -- C:\Users\Eagle\AppData\Roaming\ogzly2rxzgs1bwn O43 - CFD: 2013/07/30 13:30:23 - [] D -- C:\Users\Eagle\AppData\Roaming\PC Utility Kit O43 - CFD: 2015/06/05 07:48:19 - [] D -- C:\Users\Eagle\AppData\Roaming\Picexa Viewer =>PUP.Optional.Picexa O43 - CFD: 2013/07/24 14:33:38 - [] D -- C:\Users\Eagle\AppData\Roaming\player O43 - CFD: 2013/07/25 17:28:00 - [] D -- C:\Users\Eagle\AppData\Roaming\Radiocom O43 - CFD: 2015/04/11 19:12:40 - [] D -- C:\Users\Eagle\AppData\Roaming\RapidMediaConverter =>PUP.Optional.RapidMediaConverter O43 - CFD: 2014/05/26 21:36:24 - [] D -- C:\Users\Eagle\AppData\Roaming\Rovio O43 - CFD: 2010/07/08 11:40:39 - [] D -- C:\Users\Eagle\AppData\Roaming\Roxio O43 - CFD: 2015/05/06 13:42:14 - [] D -- C:\Users\Eagle\AppData\Roaming\Skype O43 - CFD: 2011/09/13 03:00:49 - [] D -- C:\Users\Eagle\AppData\Roaming\skypePM O43 - CFD: 2013/01/10 17:06:58 - [] D -- C:\Users\Eagle\AppData\Roaming\SoftGrid Client O43 - CFD: 2013/12/30 22:47:26 - [] D -- C:\Users\Eagle\AppData\Roaming\SolidWorks O43 - CFD: 2013/07/30 21:26:16 - [] D -- C:\Users\Eagle\AppData\Roaming\SparkTrust =>PUP.Optional.SparkTrust O43 - CFD: 2010/07/10 14:27:12 - [0] D -- C:\Users\Eagle\AppData\Roaming\TP O43 - CFD: 2010/07/10 12:48:24 - [] D -- C:\Users\Eagle\AppData\Roaming\V310-V510 Series O43 - CFD: 2013/01/12 14:55:04 - [] D -- C:\Users\Eagle\AppData\Roaming\WinRAR O43 - CFD: 2015/07/27 14:49:13 - [] D -- C:\Users\Eagle\AppData\Roaming\ZHP O43 - CFD: 2013/03/08 01:34:10 - [] D -- C:\Users\Eagle\AppData\Roaming\ZWSoft O43 - CFD: 2015/04/11 20:21:23 - [] D -- C:\Users\Eagle\AppData\Local\4C4C4544-1428780212-5810-8059-B6C04F474C31 O43 - CFD: 2015/04/11 20:21:23 - [] D -- C:\Users\Eagle\AppData\Local\4C4C4544-1428780366-5810-8059-B6C04F474C31 O43 - CFD: 2015/07/27 12:27:13 - [] D -- C:\Users\Eagle\AppData\Local\4C4C4544-1428780411-5810-8059-B6C04F474C31 O43 - CFD: 2015/04/11 20:21:23 - [] D -- C:\Users\Eagle\AppData\Local\4C4C4544-1428782843-5810-8059-B6C04F474C31 O43 - CFD: 2015/05/06 13:45:44 - [] D -- C:\Users\Eagle\AppData\Local\Adobe O43 - CFD: 2015/07/16 19:17:53 - [] D -- C:\Users\Eagle\AppData\Local\Akamai O43 - CFD: 2015/04/11 20:35:40 - [] D -- C:\Users\Eagle\AppData\Local\Autodesk O43 - CFD: 2015/04/18 10:56:57 - [] D -- C:\Users\Eagle\AppData\Local\Babylon =>PUP.Optional.Babylon O43 - CFD: 2015/04/11 20:02:18 - [] D -- C:\Users\Eagle\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse O43 - CFD: 2015/07/18 15:25:33 - [] D -- C:\Users\Eagle\AppData\Local\DesktopSearch =>PUP.Optional.DesktopSearch O43 - CFD: 2015/06/01 20:52:10 - [] D -- C:\Users\Eagle\AppData\Local\Diagnostics O43 - CFD: 2015/07/18 10:26:20 - [] D -- C:\Users\Eagle\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate O43 - CFD: 2015/07/27 12:25:24 - [] D -- C:\Users\Eagle\AppData\Local\gmsd_au_198 O43 - CFD: 2015/05/02 22:02:05 - [] D -- C:\Users\Eagle\AppData\Local\gmsd_au_257 O43 - CFD: 2015/07/16 11:19:22 - [] D -- C:\Users\Eagle\AppData\Local\Google O43 - CFD: 2015/05/02 21:41:45 - [] D -- C:\Users\Eagle\AppData\Local\IsolatedStorage O43 - CFD: 2015/05/23 16:20:53 - [] D -- C:\Users\Eagle\AppData\Local\Macromedia O43 - CFD: 2015/06/01 20:44:56 - [] D -- C:\Users\Eagle\AppData\Local\Microsoft O43 - CFD: 2015/05/02 21:43:22 - [] D -- C:\Users\Eagle\AppData\Local\Microsoft Games O43 - CFD: 2015/05/06 13:47:55 - [0] D -- C:\Users\Eagle\AppData\Local\Microsoft Help O43 - CFD: 2015/05/23 16:17:42 - [] D -- C:\Users\Eagle\AppData\Local\Mozilla O43 - CFD: 2015/07/16 19:51:40 - [] D -- C:\Users\Eagle\AppData\Local\oexlb2rvzg41c2m O43 - CFD: 2015/04/11 20:42:53 - [] D -- C:\Users\Eagle\AppData\Local\Programs O43 - CFD: 2015/07/18 12:52:29 - [] D -- C:\Users\Eagle\AppData\Local\Pro_PC_Cleaner =>USP.PCCleaner O43 - CFD: 2015/07/12 13:23:10 - [] D -- C:\Users\Eagle\AppData\Local\RapidMediaConverter =>PUP.Optional.RapidMediaConverter O43 - CFD: 2015/04/19 21:00:59 - [] D -- C:\Users\Eagle\AppData\Local\rec_au_24 O43 - CFD: 2010/07/08 11:40:31 - [] D -- C:\Users\Eagle\AppData\Local\SupportSoft O43 - CFD: 2015/07/16 20:24:54 - [] D -- C:\Users\Eagle\AppData\Local\tango O43 - CFD: 2014/04/09 11:04:25 - [0] D -- C:\Users\Eagle\AppData\Local\TB O43 - CFD: 2013/11/04 21:09:39 - [] D -- C:\Users\Eagle\AppData\Local\TBHostSupport O43 - CFD: 2015/07/27 14:49:02 - [] D -- C:\Users\Eagle\AppData\Local\Temp O43 - CFD: 2010/07/08 11:36:13 - [0] SHD -- C:\Users\Eagle\AppData\Local\Temporary Internet Files O43 - CFD: 2013/04/26 03:07:21 - [] D -- C:\Users\Eagle\AppData\Local\TempSWBackupDirectory O43 - CFD: 2013/03/26 12:22:08 - [] D -- C:\Users\Eagle\AppData\Local\TrafficSpaceLLC O43 - CFD: 2013/03/09 21:37:24 - [] D -- C:\Users\Eagle\AppData\Local\VirtualStore O43 - CFD: 2015/07/17 10:07:51 - [] D -- C:\Users\Eagle\AppData\Local\WebBar =>PUP.Optional.WebBar O43 - CFD: 2013/01/12 13:58:43 - [] D -- C:\Users\Eagle\AppData\Local\Western Digital O43 - CFD: 2011/01/15 09:41:05 - [] D -- C:\Users\Eagle\AppData\Local\Windows Live O43 - CFD: 2015/04/11 20:13:54 - [] D -- C:\Users\Eagle\AppData\Local\ZBAnalyticsCore O43 - CFD: 2015/04/11 20:13:56 - [] D -- C:\Users\Eagle\AppData\Local\Zeoinsight O43 - CFD: 2009/07/14 12:54:32 - [] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2013/01/10 10:42:42 - [] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2013/01/23 17:20:30 - [0] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COD10 O43 - CFD: 2015/07/16 21:15:25 - [0] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2009/07/14 12:49:38 - [] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/04/11 19:09:47 - [] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter =>PUP.Optional.RapidMediaConverter O43 - CFD: 2015/07/17 10:25:40 - [] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2015/07/17 10:25:40 - [] HD -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup- O43 - CFD: 2013/01/12 14:55:53 - [] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer O43 - CFD: 2013/01/12 14:53:32 - [] D -- C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (13) - 2s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Apoint [Key] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O53 - SMSR:HKLM\...\startupreg\Dell DataSafe Online [Key] . (.Copyright © 2007 - DataSafeOnline.) -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe O53 - SMSR:HKLM\...\startupreg\Dell V310-V510 Series [Key] . (.Copyright (C) 2003 - Fax Man Server.) -- C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe O53 - SMSR:HKLM\...\startupreg\Dell Webcam Central [Key] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe O53 - SMSR:HKLM\...\startupreg\Desktop Disc Tool [Key] . (.Copyright 2008 - Roxio Burn Launcher.) -- c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe O53 - SMSR:HKLM\...\startupreg\dleamon.exe [Key] . (. - Printer Device Monitor.) -- C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe O53 - SMSR:HKLM\...\startupreg\EzPrint [Key] . (...) -- C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe O53 - SMSR:HKLM\...\startupreg\OM2_Monitor [Key] . (.OLYMPUS IMAGING CORP. - resident module.) -- C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Computer, Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\qttask.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\SysTrayApp [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe ---\\ System Drivers List (SDL) (O58) (61) - 12s O58 - SDL:2013/08/31 05:51:25 RA . (.Cisco Systems, Inc. - Cisco AnyConnect Kernel Driver Framework So.) -- C:\Windows\System32\drivers\acsock64.sys [112080] O58 - SDL:2009/07/14 09:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] O58 - SDL:2009/07/14 09:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] O58 - SDL:2009/07/14 09:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] O58 - SDL:2009/07/14 09:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] O58 - SDL:2011/03/11 14:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] O58 - SDL:2009/07/14 09:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] O58 - SDL:2011/03/11 14:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] O58 - SDL:2010/04/16 05:40:10 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\drivers\Apfiltr.sys [301688] O58 - SDL:2009/07/14 09:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] O58 - SDL:2009/07/14 09:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] O58 - SDL:2009/06/11 04:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] O58 - SDL:2009/07/17 09:06:20 A . (.Broadcom Corporation - Broadcom iLine10(tm) PCI Network Adapter Pr.) -- C:\Windows\System32\drivers\bcm42rly.sys [22520] O58 - SDL:2009/07/17 09:06:16 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL664.SYS [2769400] O58 - SDL:2009/06/11 04:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] O58 - SDL:2009/06/11 04:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] O58 - SDL:2009/07/14 09:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] O58 - SDL:2009/06/11 04:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] O58 - SDL:2009/06/11 04:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] O58 - SDL:2009/06/11 04:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] O58 - SDL:2009/06/11 04:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] O58 - SDL:2009/06/23 16:00:00 N . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver.) -- C:\Windows\System32\drivers\cdr4_xp.sys [10224] O58 - SDL:2009/06/23 16:00:00 N . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHel.) -- C:\Windows\System32\drivers\cdralw2k.sys [10224] O58 - SDL:2009/07/14 09:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] O58 - SDL:2009/05/28 23:49:00 A . (.Creative Technology Ltd. - Advanced Audio FX Driver (64-bit).) -- C:\Windows\System32\drivers\CtAudDrv.sys [224768] O58 - SDL:2009/06/16 02:06:42 A . (.Creative Technology Ltd. - Video Class Upper Filter Driver (64-bit).) -- C:\Windows\System32\drivers\CtClsFlt.sys [172704] O58 - SDL:2009/07/14 09:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] O58 - SDL:2009/06/11 04:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] O58 - SDL:2008/09/25 08:36:14 A . (.Sensible Vision - faCap WebCam Capture.) -- C:\Windows\System32\drivers\facap.sys [238848] O58 - SDL:2009/06/11 04:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] O58 - SDL:2010/11/20 21:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] O58 - SDL:2011/06/15 09:10:14 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStor.sys [557848] O58 - SDL:2011/03/11 14:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] O58 - SDL:2009/11/06 23:05:32 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [7370304] O58 - SDL:2009/07/14 09:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] O58 - SDL:2009/07/14 09:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] O58 - SDL:2009/07/14 09:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] O58 - SDL:2009/07/14 09:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] O58 - SDL:2009/07/14 09:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] O58 - SDL:2009/07/14 09:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] O58 - SDL:2009/07/14 09:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] O58 - SDL:2009/07/14 09:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] O58 - SDL:2011/03/11 14:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] O58 - SDL:2011/03/11 14:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] O58 - SDL:2015/06/11 12:08:22 A . (.Windows (R) Win 7 DDK provider - NetFilter SDK WFP Driver (WPP).) -- C:\Windows\System32\drivers\ogjlm2r2zhm1bgn.sys [50520] O58 - SDL:2009/07/09 16:00:00 N . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) -- C:\Windows\System32\drivers\PxHlpa64.sys [55280] O58 - SDL:2009/07/14 09:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] O58 - SDL:2009/07/14 09:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] O58 - SDL:2013/01/30 00:08:26 A . (.Feitian Technologies Co., Ltd. - Rockey Device Driver.) -- C:\Windows\System32\drivers\Rockey4.sys [36904] O58 - SDL:2013/01/30 00:08:26 A . (.Feitian Technologies Co., Ltd. - Rockey USB Driver.) -- C:\Windows\System32\drivers\Rockey4USB.sys [23592] O58 - SDL:2009/05/08 16:15:18 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [215552] O58 - SDL:2009/06/11 04:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] O58 - SDL:2009/07/14 09:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] O58 - SDL:2009/07/14 09:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] O58 - SDL:2009/07/14 09:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] O58 - SDL:2010/02/26 02:03:00 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt64.sys [505856] O58 - SDL:2014/05/25 16:28:49 A . (...) -- C:\Windows\System32\drivers\SWDUMon.sys [16152] O58 - SDL:2009/07/14 09:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] O58 - SDL:2013/08/31 05:53:13 A . (.Cisco Systems, Inc. - Cisco AnyConnect Secure Mobility Client Vir.) -- C:\Windows\System32\drivers\vpnva64-6.sys [52080] O58 - SDL:2009/07/14 09:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] O58 - SDL:2009/09/28 09:22:00 A . (.©Copyright 2002-2009 Marvell®. All rights reserved. - .) -- C:\Windows\System32\drivers\yk62x64.sys [395264] ---\\ Last modified or created user files (O61) (3) - 37s O61 - LFC: 2015/07/27 14:34:24 A . (..) -- C:\Users\Eagle\AppData\Roaming\appdataFr25.bin [24] O61 - LFC: 2015/07/27 14:37:45 A . (..) -- C:\Users\Eagle\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] O61 - LFC: 2015/07/27 12:25:24 A . (..) -- C:\Users\Eagle\AppData\Local\gmsd_au_198\Download\majmp_gentlerow.exe [53248] ---\\ File Associations Shell Spawning (O67) (1) - 0s O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ---\\ Start Menu Internet (SMI) (O68) (12) - 1s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.delta-homes.com/ =>PUP.Optional.DeltaHomes O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.mystartsearch.com/ =>PUP.Optional.StartSearch O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ---\\ Search Browser Infection (SBI) (O69) (227) - 21s O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("CT3306058.originalHomepage", "http://home.mywebsearch.com/index.jhtml?ptb=F3C3A66B-BBB4-44C6-BDF0-BFDEFCB52276&n=77fcbb[...] =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("CT3306058.originalSearchAddressUrl", "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3C3A66B-BBB4-4[...] =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("CT3306058.smartbar.homepage", "true"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3C3A66B-BBB[...] =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.defaulturl", "http://websearch.goodforsearch.info/?pid=24411&r=2015/05/06&hid=7116590630797231079&lg=EN&[...] =>PUP.Optional.GoodForSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.searchengine.alias", ""); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.searchengine.iconURL", "http://www.web/favicon.ico"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.searchengine.name", ""); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.searchengine.ptid", ""); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.searchengine.uid", ""); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("browser.search.searchengine.url", "http://www.web/?type=dspp&q={searchTerms}"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.admin", false); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.autoRvrt", "false"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.id", "0a20281500000000000070f1a1b02da7"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.instlDay", "15719"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.prtkDS", 0); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.prtkHmpg", 0); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.rvrt", "false"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.tlbrId", "base"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=0a20281500000000000070f1a1b02d[...] =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar_i.babExt", ""); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=116632&tt=0213_3"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar_i.excTlbr", false); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar_i.newTab", false); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.212:50:07"); =>PUP.Optional.Babylon O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.crossrider.bic", "143d919a2b2cc108d5dd043bc48179fc"); =>PUP.Optional.CrossRider O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.DockingPositionDown", false); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.SmartbarDisabled", false); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.SmartbarStateMinimaized", false); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.Visibility", true); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.countryiso", "au"); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.downloadprovider", "tuguutu"); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"Http[...] =>PUP.Optional.SmartBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.installationid", "24288640-69a2-2760-b6f9-96c2a41acdfe"); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.installdate", "27/01/2014"); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.lastExternalJsUpdate", "1391396422953"); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.helperbar.publisher", "tuguu"); =>PUP.Optional.HelperBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.aflt", "tugumsd"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.dfltLng", ""); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.dfltSrch", true); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.dnsErr", true); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.excTlbr", false); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.hmpg", true); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0AyE0B0A0D0B0DtD0FtB[...] =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.id", "A4BADBD0F2662815"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.instlDay", "15825"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.instlRef", ""); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0AyE0B0A0D0B0DtD0F[...] =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.prdct", "mysearchdial"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.tlbrId", "base"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0AyE0B0A0D0B0DtD[...] =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.vrsn", ""); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial.vrsni", ""); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial_i.hmpg", true); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial_i.newTab", false); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial_i.smplGrp", "none"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mysearchdial_i.vrsnTs", "4:28:49"); =>PUP.Optional.MySearchDial O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mywebsearch.prevDefaultEngine", "Google"); =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mywebsearch.prevKwdEnabled", true); =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mywebsearch.prevKwdURL", "http://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=F3C3A66B-BBB4-44[...] =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.mywebsearch.prevSelectedEngine", "Mixi.DJ Search"); =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=F3C3A66B-BBB4-44C6-BDF[...] =>PUP.Optional.MyWebSearch O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.hp.enabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.hp.lastGuardTime", 279780146); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.hp.numGuards", 1); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.initialized", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.installation.contextKey", ""); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.installation.installDate", "2013051716"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerId", "^UX^xdm014^YY^au"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerSubId", "maps4pc"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.installation.success", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.installation.toolbarId", "F3C3A66B-BBB4-44C6-BDF0-BFDEFCB52276"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.lastActivePing", "1392793551219"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.options.defaultSearch", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.options.homePageEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.options.keywordEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.options.tabEnabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.searchHistory", ""); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.weather.isFahrenheit", "false"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark._39Members_.weather.location", "perth , australia"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark.hp.enabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "mapsgalaxy@mindspark.com"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,brain/default2,easyinline/dock,superfish,superfishgoog[...] =>PUP.Optional.SpecialSavings O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("smartbar.addressBarOwnerCTID", "CT3306058"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT3306058&CUI=UN37562778485589184&UM=2&SearchSource=13"[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT3306058&SearchSource=2&CUI=UN3[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("smartbar.defaultSearchOwnerCTID", "CT3306058"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("smartbar.homePageOwnerCTID", "CT3306058"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("smartbar.machineId", "HSVAR07DFMTAHFUJ+LRLPMJILU3PMZIEJ4XCVOXKJRM23PCQUR10POCUSFATTW30CVODJMZ3TXAMCA00Q3PL1G"); =>PUP.Optional.SmartBar O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); =>PUP.Optional.SweetIM O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); =>PUP.Optional.SweetIM O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); =>PUP.Optional.SweetIM O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); =>PUP.Optional.SweetIM O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("sweetim.toolbar.searchguard.enable", ""); =>PUP.Optional.SweetIM O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E,x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E.:2z527.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E/x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E06CG5EL8:", "6E6D68706C6B706D736F"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E06CG5EL8:.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E76727176737975242F4B49474F42357D5D5C3D"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E06CG5EL;8I:K.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E1x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E2x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E31;CJys}JJB=I@@(SHK", "247E61393F236B2575717373762B222D6F4250454E337B3527212A2B57574F4A564D4[...] =>PUP.Optional.Conduit }JJB=I@@(SHK.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E5x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E8x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E=x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E>x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7E?x305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7EAx305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7EBE3G=;D9N9=D.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7EBx305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7EDx305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B+7Etx305.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-0?3G>D", "6D3C6B72724370747A76794674207A4B7C7B25202221232A21535427295B572C5B2F312A"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-0?3G>D.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-0?3G@6:5;", ""); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-0?3G@6:5;.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-0?3GFA7EF", "2B2E2C3D"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-0?3GFA7EF.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B-3=3ECCJA=F>.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B/>01=9A6K6PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B/>01=9A6K6PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F[...] =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B3=>@44I48?.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B5BA==9CJAG", "6F3B6B71403F6E747A4376724675797D4D4A7B7A7E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B5BA==9CJAG.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B6B11G4C56B>F;P;ANR@P", "6E6D68706C6B6D76777170727B"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B9643G3/9E", "6A"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B9643G3/9E.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B;45>:BI9I7IE", "2B2E2C3D"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B;45>:BI9I7IE.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B<:222H64<", "393F352F3E"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B<:222H64<.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B<:222H64PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B<:222H64PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B=+03EH8H8J?:", "4443"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B=+03EH8H8J?:.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B?+E2A52D8.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B?B0D:8AJ62PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9B?B0D:8AJ62PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9BA@0<0BI6A7GN:6@L?", "6C"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263./9BA@0<0BI6A7GN:6@L?.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.PG_ENABLE", "74727565"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.PG_ENABLE.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.SF_JUST_INSTALLED", "46414C5345"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.SF_JUST_INSTALLED.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.SF_USER_ID", "6369645F3230313230313431363230323532373738353734"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.SF_USER_ID.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.cbfirsttime", "4D6F6E204A616E20323020323031342031363A32303A353220474D542B30383030"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.cbfirsttime.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_appStateReportTime", "31333932373933353633393231"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_appStateReportTime.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_appsConfig.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_appsDefaultEnabled", "6E756C6C"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_appsDefaultEnabled.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_calledSetupService", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_calledSetupService.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_currentVersion", "312E31332E302E3137"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_currentVersion.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_first_time", "31"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_first_time.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_lastLoginTime", "31333932373933353635353638"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_lastLoginTime.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_localization.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_mamEnabled", "66616C7365"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_mamEnabled.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_settings1.13.0.17.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_showWelcomeGadget", "66616C7365"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_showWelcomeGadget.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_stamp", "3131395F30"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_stamp.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_userBornDate", "3230313430323133"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_userBornDate.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_userId", "30663763356633332D383237612D343837352D396437392D653065396230356661646234"); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_userId.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_user_approval_interacted", ""); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.mam_gk_user_approval_interacted.storedInFile", false); =>PUP.Optional.Conduit O69 - SBI: prefs.js [Eagle - 92kuxi8s.default] user_pref("valueApps.ct3316263.url_history0001.storedInFile", true); =>PUP.Optional.Conduit O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {008342DA-9330-40BB-A332-D047CE54104C} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Trovi) - http://www.trovi.com/ =>PUP.Optional.Trovigo O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bueno Search) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {16EAC51E-A5B1-471F-90B7-47B914C3A485} - () - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {1CEEB3FB-010E-49A4-8077-A2A48D15AC2E} - () - http://www.web/?type=dspp&q={searchTerms} O69 - SBI: SearchScopes [HKCU] {1EA57745-F4DB-48C0-86E3-589D8EE8E37A} - () - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (Search) - http://www-searching.com/ O69 - SBI: SearchScopes [HKCU] {23A35DC7-CAB3-4E7D-8949-7A74B7DDB462} - (e) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {2B1D7978-6E8E-4125-BF93-332DA8C22233} - () - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {2BC1329B-457E-432A-AF89-E2E7942346FB} - () - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - () - http://www.web/?type=dspp&q={searchTerms} O69 - SBI: SearchScopes [HKCU] {368EBCF4-FCBB-45E1-85CE-E959BFC0E5CD} - (Web Search) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {777AE5F9-B5BD-427A-9041-3CDC0A81EA97} - () - http://www.web/?type=dspp&q={searchTerms} O69 - SBI: SearchScopes [HKCU] {7EF844BC-43A1-4159-A86E-1732FC4793B4} - () - http://www.web/?type=dspp&q={searchTerms} O69 - SBI: SearchScopes [HKCU] {7F4EFF06-7032-458e-AE16-1C1D8255C28A} - (Search) - http://www-searching.com/ O69 - SBI: SearchScopes [HKCU] {842FA416-1A39-468B-9951-8F05C823A5FC} - () - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {C285F935-E9E6-4E57-B6FE-E61B80A28475} - () - http://www.web/?type=dspp&q={searchTerms} O69 - SBI: SearchScopes [HKCU] {DDB5329D-0660-4817-AE95-A19FE00E7B2E} - (e) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://do-search.com/ =>PUP.Optional.DoSearches O69 - SBI: SearchScopes [HKCU] {E7A66B41-A9D0-4226-8B2A-26D9CA036BAF} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {E90446F3-A226-410D-BBF2-26FF184CDF82} - () - http://do-search.com/ =>PUP.Optional.DoSearches ---\\ Search Svchost Services (SSS) (O83) (32) - 2s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2477536] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] ---\\ Firewall Active Exception List (FirewallRules) (O87) (21) - 4s O87 - FAEL: "{5F60DBEC-380E-421D-9C29-0DA36284DF69}" [In-None-P6-TRUE] .(. - Printer Communication System.) -- C:\Windows\system32\dleacoms.exe O87 - FAEL: "{7279DC23-62A3-4A6D-B973-DB2C79875B57}" [In-None-P6-TRUE] .(. - Printer Communication System.) -- C:\Windows\system32\DLEAcoms.exe O87 - FAEL: "{AFC41A85-B49E-44C1-8960-480082F68D0E}" [In-None-P6-TRUE] .(. - Printer Communication System.) -- C:\Windows\system32\DLEAcoms.exe O87 - FAEL: "{38DA2A2B-EE95-4344-B46A-70258AC103F5}" [In-None-P6-TRUE] .(.Copyright (C) 2003 - Fax Solutions Software.) -- C:\Program Files (x86)\Dell V310-V510 Series\dleafax.exe O87 - FAEL: "{4A0E5B60-265A-4853-97EA-864586EF2CE3}" [In-None-P17-TRUE] .(.Copyright (C) 2003 - Fax Solutions Software.) -- C:\Program Files (x86)\Dell V310-V510 Series\dleafax.exe O87 - FAEL: "TCP Query User{2D486BBA-C1E6-4516-8948-8818887AEFC5}C:\users\eagle\appdata\local\akamai\netsession_win.exe" [In-None-P6-TRUE] .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\users\eagle\appdata\local\akamai\netsession_win.exe O87 - FAEL: "UDP Query User{FF35D78C-9E2D-4D63-BC9A-1CB1E7C56F26}C:\users\eagle\appdata\local\akamai\netsession_win.exe" [In-None-P17-TRUE] .(.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\users\eagle\appdata\local\akamai\netsession_win.exe O87 - FAEL: "{3C6F82EF-4A9B-4224-92AA-8A5BFBDA5743}" [In-None-P6-TRUE] .(.Dassault Systèmes SolidWorks Corp. - DTSCoordinator.) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O87 - FAEL: "{388A4AC4-57FC-46DC-B396-0C4EAE1A3EF1}" [In-None-P17-TRUE] .(.Dassault Systèmes SolidWorks Corp. - DTSCoordinator.) -- C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe O87 - FAEL: "{AD63E47F-8549-4E59-828D-FAAB2B348F42}" [In-None-P6-TRUE] .(...) -- C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe O87 - FAEL: "{7A8614A6-8546-43D0-B347-3E4FC47FE304}" [In-None-P17-TRUE] .(...) -- C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe O87 - FAEL: "{B630846A-6401-42FD-BA90-31B32D4E5247}" [In-None-P6-TRUE] .(...) -- C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe O87 - FAEL: "{E2498F26-3A7B-440E-A684-05347F3F9704}" [In-None-P17-TRUE] .(...) -- C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360_cl.exe O87 - FAEL: "{B9EE3294-B445-4D8E-A281-5AF8423FA44E}" [In-None-P6-TRUE] .(.Tango Inc. - Tango.) -- C:\Program Files (x86)\Tango\Tango.exe O87 - FAEL: "{33D7F924-9C66-40BA-8501-0F2B84A0DBC5}" [In-None-P17-TRUE] .(.Tango Inc. - Tango.) -- C:\Program Files (x86)\Tango\Tango.exe O87 - FAEL: "TCP Query User{C59E67DE-38C9-46CA-B75E-00ABC9304F74}C:\program files\java\jre6\bin\javaw.exe" [In-None-P6-TRUE] .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "UDP Query User{69968904-4136-4633-A72C-D4EC1407AA3C}C:\program files\java\jre6\bin\javaw.exe" [In-None-P17-TRUE] .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\java\jre6\bin\javaw.exe O87 - FAEL: "TCP Query User{E1DFC48B-6712-4EA7-B8BF-EBFFCB270566}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe" [In-None-P6-TRUE] .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe O87 - FAEL: "UDP Query User{47112DD3-DD16-4473-A4C1-17903495FCB3}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe" [In-None-P17-TRUE] .(.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe O87 - FAEL: "TCP Query User{410F1189-5A41-44F5-9AF5-1ECCAD11E1A4}C:\users\eagle\desktop\terraria 1.2.4.1\1.2.4.1 server setup software (multiplayer)\terrariaserver.exe" [In-None-P6-TRUE] .(.Re-Logic - Terraria.) -- C:\users\eagle\desktop\terraria 1.2.4.1\1.2.4.1 server setup software (multiplayer)\terrariaserver.exe O87 - FAEL: "UDP Query User{53EDD671-2DFF-4F87-B418-ADAA897204AE}C:\users\eagle\desktop\terraria 1.2.4.1\1.2.4.1 server setup software (multiplayer)\terrariaserver.exe" [In-None-P17-TRUE] .(.Re-Logic - Terraria.) -- C:\users\eagle\desktop\terraria 1.2.4.1\1.2.4.1 server setup software (multiplayer)\terrariaserver.exe ---\\ Product Upgrade Codes (PUC) (O90) (1) - 3s O90 - PUC: "93BAD29AC2E44034A96BCB446EB8552E" . (.globalupdate Helper.) =>PUP.Optional.GlobalUpdate ---\\ Windows Installer Scan (WIS)(NTFS)(O93) (1) - 9s [MD5.] [WIS][2015/07/18 10:26:13] (.globalupdate - Windows Installer XML Toolset (3.9.1208.0).) -- C:\Windows\Installer\45f9be.msi [32768] =>PUP.Optional.GlobalUpdate ---\\ Search Tracing Registry Key (O100) (22) - 7s HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASAPI32 =>PUP.Optional.DomaIQ HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASMANCS =>PUP.Optional.DomaIQ HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASAPI32 =>PUP.Optional.ProPCCleaner HKLM\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASMANCS =>PUP.Optional.ProPCCleaner HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.Optional.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.Optional.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASAPI32 =>PUP.Optional.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASMANCS =>PUP.Optional.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32 =>PUP.Optional.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS =>PUP.Optional.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASAPI32 =>PUP.Optional.InternetSpeedChecker HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASMANCS =>PUP.Optional.InternetSpeedChecker ---\\ Additional Scan (O88) (236) - 0s C:\Program Files (x86)\Picexa\PicexaSvc.exe =>PUP.Optional.Picexa C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe =>PUP.Optional.Fuyu C:\Program Files (x86)\XTab\ProtectService.exe =>PUP.Optional.MiuiTab C:\Users\Eagle\AppData\Roaming\4C4C4544-1428751199-5810-8059-B6C04F474C31\jnsqC607.tmp =>PUP.Optional.CrossRider C:\Users\Eagle\AppData\Local\4C4C4544-1428780411-5810-8059-B6C04F474C31\snsi34A4.tmp =>PUP.Optional.CrossRider C:\Users\Eagle\AppData\Local\4C4C4544-1428782843-5810-8059-B6C04F474C31\insc4603.tmp =>PUP.Optional.CrossRider C:\Program Files (x86)\XTab\HPNotify.exe =>PUP.Optional.MiuiTab C:\Users\Eagle\AppData\Local\4C4C4544-1428780366-5810-8059-B6C04F474C31\cnssB192.tmp =>PUP.Optional.CrossRider C:\ProgramData\cLexsT\elIdMiPL.exe =>PUP.Optional.UniqueSolutions C:\Users\Eagle\AppData\Roaming\Mozilla\Firefox\Profiles\92kuxi8s.default\searchplugins\buenosearch.xml =>PUP.Optional.BuenoSearch C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll =>PUP.Optional.GlobalUpdate HKLM\SYSTEM\CurrentControlSet\Services\elIdMiPL =>PUP.Optional.UniqueSolutions HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe =>PUP.Optional.GlobalUpdate HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service =>PUP.Optional.AgentODR C:\Program Files (x86)\XTab\ProtectService.exe =>PUP.Optional.AgentODR HKLM\SYSTEM\CurrentControlSet\Services\jezyseko =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\kowuqydi =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\pemerusy =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\PicexaService =>PUP.Optional.Picexa HKLM\SYSTEM\CurrentControlSet\Services\qyjohehi =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\topupete =>PUP.Optional.CrossRider HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect =>PUP.Optional.Fuyu C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe =>PUP.Optional.AdvancedSystemOptimizer c:\programdata\{4061c10c-6ad7-1021-4061-1c10c6ad0431}\hqghumeaylnlf.exe =>PUP.Optional.BidailySync C:\Users\Eagle\AppData\Roaming\ogzly2rxzgs1bwn\ogzly2rxzgs1bwn.exe =>PUP.Optional.GlobalUpdate C:\Users\Eagle\AppData\Roaming\HiRbpcK1RWiu.exe =>PUP.Optional.Pirrit C:\Users\Eagle\AppData\Roaming\uzvtdbEy8b5QErtPtr48.exe =>PUP.Optional.Pirrit C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-6.job =>PUP.Optional.CrossRider C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-7.job =>PUP.Optional.CrossRider C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-10_user.job =>PUP.Optional.CrossRider C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-3.job =>PUP.Optional.CrossRider C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5.job =>PUP.Optional.CrossRider C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5_user.job =>PUP.Optional.CrossRider C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-6.job =>PUP.Optional.CrossRider C:\Windows\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-7.job =>PUP.Optional.CrossRider C:\Windows\Tasks\APSnotifierPP1.job =>PUP.Optional.AnyProtect C:\Windows\Tasks\APSnotifierPP2.job =>PUP.Optional.AnyProtect C:\Windows\Tasks\APSnotifierPP3.job =>PUP.Optional.AnyProtect C:\Windows\Tasks\bench-Updater removing.job =>PUP.Optional.CrossRider C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job =>PUP.Optional.BidailySync C:\Windows\Tasks\Crossbrowse.job =>PUP.Optional.CrossBrowse C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.Optional.GlobalUpdate C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.Optional.GlobalUpdate C:\Windows\Tasks\MySearchDial.job =>PUP.Optional.MySearchDial C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-6 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-1-7 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-10_user =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-3 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-5_user =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-6 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\5d612f61-6de7-4485-b217-c10b607de3fe-7 =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\Advanced System Optimizer =>PUP.Optional.AdvancedSystemOptimizer C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.Optional.AnyProtect C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.Optional.AnyProtect C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.Optional.AnyProtect C:\Windows\System32\Tasks\bench-Updater removing =>PUP.Optional.CrossRider C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6] =>PUP.Optional.BidailySync C:\Windows\System32\Tasks\Crossbrowse =>PUP.Optional.CrossBrowse C:\Windows\System32\Tasks\GlobalUpdate-ogzly2rxzgs1bwn =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.Optional.GlobalUpdate C:\Windows\System32\Tasks\MySearchDial =>PUP.Optional.MySearchDial C:\Windows\System32\Tasks\ProPCCleaner_Start =>PUP.Optional.ProPCCleaner C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task =>PUP.Optional.SmartWebSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DesktopSearch =>PUP.Optional.DesktopSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_au_198_is1 =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\gmsd_au_257_is1 =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Hades =>PUP.Optional.Hades HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall =>PUP.Optional.IsStart HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mystartsearch uninstall =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Picexa =>PUP.Optional.Picexa HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{776f1cff} =>PUP.Optional.Graftor HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{e15b56b7} =>PUP.Optional.Graftor HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{e89b4e72} =>PUP.Optional.Graftor HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RapidMediaConverter =>PUP.Optional.RapidMediaConverter HKLM\SOFTWARE\Wow6432Node\ArenaHD =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Babylon =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Boost =>PUP.Optional.Boost HKLM\SOFTWARE\Wow6432Node\Conduit =>PUP.Optional.Conduit HKLM\SOFTWARE\Wow6432Node\Crossbrowse =>PUP.Optional.CrossBrowse HKLM\SOFTWARE\Wow6432Node\DataMngr =>PUP.Optional.Datamngr HKLM\SOFTWARE\Wow6432Node\delta-homesSoftware =>PUP.Optional.DeltaHomes HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\FlvPlayer =>PUP.Optional.FLVPlayer HKLM\SOFTWARE\Wow6432Node\GAMESDESKTOP =>PUP.Optional.GamesDesktop HKLM\SOFTWARE\Wow6432Node\GlobalUpdate =>PUP.Optional.GlobalUpdate HKLM\SOFTWARE\Wow6432Node\Hades =>PUP.Optional.Hades HKLM\SOFTWARE\Wow6432Node\HighDefAction =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\IHProtect =>PUP.Optional.AgentODR HKLM\SOFTWARE\Wow6432Node\Infonaut_1.10.0.13 =>PUP.Optional.Infonaut HKLM\SOFTWARE\Wow6432Node\InstallCore =>PUP.Optional.InstallCore HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart HKLM\SOFTWARE\Wow6432Node\mamverifier =>Toolbar.Mamverifier HKLM\SOFTWARE\Wow6432Node\MapsGalaxy_39EI =>PUP.Optional.MapsGalaxy HKLM\SOFTWARE\Wow6432Node\mystartsearchSoftware =>PUP.Optional.StartSearch HKLM\SOFTWARE\Wow6432Node\Picexa =>PUP.Optional.Picexa HKLM\SOFTWARE\Wow6432Node\PicexaSvc =>PUP.Optional.Picexa HKLM\SOFTWARE\Wow6432Node\PlusHD Cinema 2.1cV11.04-nv =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\PlusHD Cinema 2.1cV11.04-nv-ie =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Pro PC Cleaner =>PUP.Optional.DoctorPC HKLM\SOFTWARE\Wow6432Node\Registry Helper =>PUP.Optional.RegistryHelper HKLM\SOFTWARE\Wow6432Node\Salus =>PUP.Optional.Salus HKLM\SOFTWARE\Wow6432Node\SparkTrust =>PUP.Optional.SparkTrust HKLM\SOFTWARE\Wow6432Node\SProtector =>PUP.Optional.MocaFlix HKLM\SOFTWARE\Wow6432Node\SupDp =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\supTab =>PUP.Optional.SupTab HKLM\SOFTWARE\Wow6432Node\Systweak =>PUP.Optional.Systweak HKLM\SOFTWARE\Wow6432Node\Tutorials =>PUP.Optional.AgenceExclusive HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.19 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\WordShark_1.10.0.20 =>PUP.Optional.WordShark HKLM\SOFTWARE\Wow6432Node\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AnyProtect =>PUP.Optional.AnyProtect HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider HKCU\SOFTWARE\Babylon =>PUP.Optional.Babylon HKCU\SOFTWARE\Boost =>PUP.Optional.Boost HKCU\SOFTWARE\CinemaPlus-3.2cV11.04-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse HKCU\SOFTWARE\CrossBrowser =>PUP.Optional.CrossBrowser HKCU\SOFTWARE\DataMngr =>PUP.Optional.Datamngr HKCU\SOFTWARE\DesktopContainer =>PUP.Optional.OutfoxTV HKCU\SOFTWARE\freesofttoday =>PUP.Optional.Multiplug HKCU\SOFTWARE\gamesdesktop =>PUP.Optional.GamesDesktop HKCU\SOFTWARE\Ge-Force-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider HKCU\SOFTWARE\InstallCore =>PUP.Optional.InstallCore HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions HKCU\SOFTWARE\mysearchdial =>PUP.Optional.MySearchDial HKCU\SOFTWARE\Optimizer Pro =>PUP.Optional.OptimizerPro HKCU\SOFTWARE\PlusHD Cinema 2.1cV11.04-nv =>PUP.Optional.CrossRider HKCU\SOFTWARE\PlusHD Cinema 2.1cV11.04-nv-ie =>PUP.Optional.CrossRider HKCU\SOFTWARE\ProductSetup =>PUP.Optional.InstallCore HKCU\SOFTWARE\ProPCCleanerConfig =>PUP.Optional.ProPCCleaner HKCU\SOFTWARE\ProPCCleanerLanguage =>PUP.Optional.ProPCCleaner HKCU\SOFTWARE\RapidMediaConverterApp =>PUP.Optional.RapidMediaConverter HKCU\SOFTWARE\SimplyTech =>PUP.Optional.SimplyTech HKCU\SOFTWARE\Smartbar =>PUP.Optional.SmartBar HKCU\SOFTWARE\Softonic =>PUP.Optional.Softonic HKCU\SOFTWARE\SparkTrust =>PUP.Optional.SparkTrust HKCU\SOFTWARE\Super Optimizer =>PUP.Optional.SuperOptimizer HKCU\SOFTWARE\systweak =>PUP.Optional.Systweak HKCU\SOFTWARE\TNT2 =>PUP.Optional.TidyNetwork HKCU\SOFTWARE\Tutorials =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\TutoTag =>PUP.Optional.AgenceExclusive HKCU\SOFTWARE\WEDLMNGR =>PUP.Optional.weDownloadManager HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\SProtector =>PUP.Optional.MocaFlix =>PUP.Optional.MocaFlix HKCU\SOFTWARE\AppDataLow\Software\Conduit =>PUP.Optional.Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow\Software\ConduitSearchScopes =>PUP.Optional.Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider =>PUP.Optional.CrossRider HKCU\SOFTWARE\AppDataLow\Software\DynConIE =>PUP.Optional.DynConIE =>PUP.Optional.DynConIE HKCU\SOFTWARE\AppDataLow\Software\PriceGong =>PUP.Optional.PriceGong =>PUP.Optional.PriceGong HKCU\SOFTWARE\AppDataLow\Software\Re_markit =>PUP.Optional.ReMarkIt =>PUP.Optional.ReMarkIt HKCU\SOFTWARE\AppDataLow\Software\Smartbar =>PUP.Optional.SmartBar =>PUP.Optional.SmartBar HKCU\SOFTWARE\AppDataLow\Software\SmartWeb =>PUP.Optional.SmartWebSearch =>PUP.Optional.SmartWebSearch C:\Program Files (x86)\02fe82a2-ed54-45d6-b859-7ee99363ab05 =>PUP.Optional.CrossRider C:\Program Files (x86)\Advanced System Optimizer 3 =>PUP.Optional.AdvancedSystemOptimizer C:\Program Files (x86)\BestSAveFoRRYou =>PUP.Optional.Multiplug C:\Program Files (x86)\BestSSaveFoRYou =>PUP.Optional.Multiplug C:\Program Files (x86)\BesttSavveForYou =>PUP.Optional.Multiplug C:\Program Files (x86)\Coupoon =>PUP.Optional.Multiplug C:\Program Files (x86)\globalUpdate =>PUP.Optional.GlobalUpdate C:\Program Files (x86)\MiuiTab =>PUP.Optional.MiuiTab C:\Program Files (x86)\NewSaaveR =>PUP.Optional.Multiplug C:\Program Files (x86)\NewSiaaver =>PUP.Optional.Multiplug C:\Program Files (x86)\NEwSSaveer =>PUP.Optional.Multiplug C:\Program Files (x86)\PericceChop =>PUP.Optional.Multiplug C:\Program Files (x86)\Picexa =>PUP.Optional.Picexa C:\Program Files (x86)\PiriceeCuhoP =>PUP.Optional.Multiplug C:\Program Files (x86)\PrIcceCChhop =>PUP.Optional.Multiplug C:\Program Files (x86)\PRiceChop =>PUP.Optional.Multiplug C:\Program Files (x86)\PriceeChiop =>PUP.Optional.Multiplug C:\Program Files (x86)\RapidMediaConverter =>PUP.Optional.RapidMediaConverter C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon =>PUP.Optional.Babylon C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrooWese22saove =>PUP.Optional.Multiplug C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer =>PUP.Optional.FLVPlayer C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP =>PUP.Optional.GamesDesktop C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picexa =>PUP.Optional.Picexa C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter =>PUP.Optional.RapidMediaConverter C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player =>PUP.Optional.RichMediaPlayer C:\ProgramData\Babylon =>PUP.Optional.Babylon C:\ProgramData\BrooWese22saove =>PUP.Optional.Multiplug C:\ProgramData\Browser =>PUP.Optional.SpeedBrowser C:\ProgramData\DesktopSearch =>PUP.Optional.DesktopSearch C:\ProgramData\IHProtectUpDate =>PUP.Optional.AgentODR C:\ProgramData\InstallMate =>PUP.Optional.Tarma C:\ProgramData\PC Utility Kit =>PUP.Optional.PCUtilityKit C:\ProgramData\SparkTrust =>PUP.Optional.SparkTrust C:\ProgramData\Systweak =>PUP.Optional.Systweak C:\ProgramData\Tarma Installer =>PUP.Optional.Tarma C:\ProgramData\WindowsMangerProtect =>PUP.Optional.Fuyu C:\Users\Eagle\AppData\Roaming\Babylon =>PUP.Optional.Babylon C:\Users\Eagle\AppData\Roaming\istartsurf =>PUP.Optional.IsStart C:\Users\Eagle\AppData\Roaming\mystartsearch =>PUP.Optional.StartSearch C:\Users\Eagle\AppData\Roaming\Picexa Viewer =>PUP.Optional.Picexa C:\Users\Eagle\AppData\Roaming\RapidMediaConverter =>PUP.Optional.RapidMediaConverter C:\Users\Eagle\AppData\Roaming\SparkTrust =>PUP.Optional.SparkTrust C:\Users\Eagle\AppData\Local\Babylon =>PUP.Optional.Babylon C:\Users\Eagle\AppData\Local\Crossbrowse =>PUP.Optional.CrossBrowse C:\Users\Eagle\AppData\Local\DesktopSearch =>PUP.Optional.DesktopSearch C:\Users\Eagle\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate C:\Users\Eagle\AppData\Local\Pro_PC_Cleaner =>USP.PCCleaner C:\Users\Eagle\AppData\Local\RapidMediaConverter =>PUP.Optional.RapidMediaConverter C:\Users\Eagle\AppData\Local\WebBar =>PUP.Optional.WebBar C:\Users\Eagle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rapid Media Converter =>PUP.Optional.RapidMediaConverter HKLM\Software\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate HKLM\Software\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E =>PUP.Optional.GlobalUpdate C:\Windows\Installer\45f9be.msi =>PUP.Optional.GlobalUpdate HKLM\SYSTEM\CurrentControlSet\Services\globalUpdatem =>PUP.Optional.GlobalUpdate HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup HKLM64\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASAPI32 =>PUP.Optional.DomaIQ HKLM64\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASMANCS =>PUP.Optional.DomaIQ HKLM64\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASAPI32 =>PUP.Optional.ProPCCleaner HKLM64\SOFTWARE\Microsoft\Tracing\ProPCCleaner_RASMANCS =>PUP.Optional.ProPCCleaner HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 =>PUP.Optional.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS =>PUP.Optional.AdvancedSystemProtector HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonTC_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonToolbarsrv_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BabylonToolbarsrv_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASAPI32 =>PUP.Optional.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\iLividSetupV1_RASMANCS =>PUP.Optional.Bandoo HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASAPI32 =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MyBabylonTB_RASMANCS =>PUP.Optional.Babylon HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SnapDo_RASAPI32 =>PUP.Optional.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SnapDo_RASMANCS =>PUP.Optional.SmartBar HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASAPI32 =>PUP.Optional.InternetSpeedChecker HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SpeedCheckerService_RASMANCS =>PUP.Optional.InternetSpeedChecker ---\\ Summary of the elements found on your workstation (77) - 0s http://www.nicolascoolman.fr/blog =>PUP.Optional.Picexa http://www.nicolascoolman.fr/trojan-fuyu/ =>PUP.Optional.Fuyu http://www.nicolascoolman.fr/blog =>PUP.Optional.MiuiTab http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/blog =>PUP.Optional.UniqueSolutions http://www.nicolascoolman.fr/pup-buenosearch/ =>PUP.Optional.BuenoSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart http://www.nicolascoolman.fr/blog =>PUP.Optional.AgentODR http://www.nicolascoolman.fr/blog =>PUP.Optional.AdvancedSystemOptimizer http://www.nicolascoolman.fr/pup-anyprotect/ =>PUP.Optional.AnyProtect http://www.nicolascoolman.fr/blog =>PUP.Optional.BidailySync http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse http://www.nicolascoolman.fr/pup-pirritsuggestor/ =>PUP.Optional.Pirrit http://www.nicolascoolman.fr/blog =>PUP.Optional.MySearchDial http://www.nicolascoolman.fr/blog =>PUP.Optional.ProPCCleaner http://www.nicolascoolman.fr/pup-smartwebsearch/ =>PUP.Optional.SmartWebSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.DesktopSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.GamesDesktop http://www.nicolascoolman.fr/blog =>PUP.Optional.Hades http://www.nicolascoolman.fr/pup-startsearch/ =>PUP.Optional.StartSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.Graftor http://www.nicolascoolman.fr/blog =>PUP.Optional.RapidMediaConverter http://www.nicolascoolman.fr/pup-babylon/ =>PUP.Optional.Babylon http://www.nicolascoolman.fr/blog =>PUP.Optional.Boost http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Optional.Conduit http://www.nicolascoolman.fr/pup-datamngr/ =>PUP.Optional.Datamngr http://www.nicolascoolman.fr/blog =>PUP.Optional.DeltaHomes http://www.nicolascoolman.fr/blog =>PUP.Optional.SweetSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.FLVPlayer http://www.nicolascoolman.fr/blog =>PUP.Optional.Infonaut http://www.nicolascoolman.fr/adware-installcore/ =>PUP.Optional.InstallCore http://www.nicolascoolman.fr/blog =>Toolbar.Mamverifier http://www.nicolascoolman.fr/adware-mapsgalaxy/ =>PUP.Optional.MapsGalaxy http://www.nicolascoolman.fr/blog =>PUP.Optional.DoctorPC http://www.nicolascoolman.fr/blog =>PUP.Optional.RegistryHelper http://www.nicolascoolman.fr/pup-salus/ =>PUP.Optional.Salus http://www.nicolascoolman.fr/blog =>PUP.Optional.SparkTrust http://www.nicolascoolman.fr/pup-mocaflix/ =>PUP.Optional.MocaFlix http://www.nicolascoolman.fr/pup-suptab/ =>PUP.Optional.SupTab http://www.nicolascoolman.fr/pup-systweak/ =>PUP.Optional.Systweak http://www.nicolascoolman.fr/spyware-agenceexclusive/ =>PUP.Optional.AgenceExclusive http://www.nicolascoolman.fr/pup-wordshark/ =>PUP.Optional.WordShark http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowser http://www.nicolascoolman.fr/pup-outfoxtv/ =>PUP.Optional.OutfoxTV http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions http://www.nicolascoolman.fr/pup-optimizerpro/ =>PUP.Optional.OptimizerPro http://www.nicolascoolman.fr/blog =>PUP.Optional.SimplyTech http://www.nicolascoolman.fr/blog =>PUP.Optional.Softonic http://www.nicolascoolman.fr/blog =>PUP.Optional.SuperOptimizer http://www.nicolascoolman.fr/adware-tidynetwork/ =>PUP.Optional.TidyNetwork http://www.nicolascoolman.fr/pup-wedownloadmanager/ =>PUP.Optional.weDownloadManager http://www.nicolascoolman.fr/blog =>PUP.Optional.DynConIE http://www.nicolascoolman.fr/adware-pricegong/ =>PUP.Optional.PriceGong http://www.nicolascoolman.fr/pup-remarkit/ =>PUP.Optional.ReMarkIt http://www.nicolascoolman.fr/pup-richmediaplayer/ =>PUP.Optional.RichMediaPlayer http://www.nicolascoolman.fr/blog =>PUP.Optional.SpeedBrowser http://www.nicolascoolman.fr/pup-tarma/ =>PUP.Optional.Tarma http://www.nicolascoolman.fr/blog =>PUP.Optional.PCUtilityKit http://www.nicolascoolman.fr/usp-pccleaner/ =>USP.PCCleaner http://www.nicolascoolman.fr/blog =>PUP.Optional.WebBar http://www.nicolascoolman.fr/adware-mywebsearch/ =>PUP.Optional.MyWebSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.GoodForSearch http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine http://www.nicolascoolman.fr/pup-helperbar/ =>PUP.Optional.HelperBar http://www.nicolascoolman.fr/adware-bandoo/ =>PUP.Optional.Bandoo http://www.nicolascoolman.fr/pup-specialsavings/ =>PUP.Optional.SpecialSavings http://www.nicolascoolman.fr/pup-sweetim/ =>PUP.Optional.SweetIM http://www.nicolascoolman.fr/hijacker-trovigo/ =>PUP.Optional.Trovigo http://www.nicolascoolman.fr/pup-dosearches/ =>PUP.Optional.DoSearches http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup http://www.nicolascoolman.fr/adware-domaiq/ =>PUP.Optional.DomaIQ http://www.nicolascoolman.fr/pup-advancedsystemprotector/ =>PUP.Optional.AdvancedSystemProtector http://www.nicolascoolman.fr/pup-internetspeedchecker/ =>PUP.Optional.InternetSpeedChecker ~ End of the scan, 47477 items in 334 seconds (1776)(0)()