Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.10.22.154 By Nicolas Coolman (2015/10/22)
~ Run by MOMAIB (Administrator) (2015/10/24 14:18:18)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\MOMAIB\Desktop\ZHPDiag.txt
~ Report: C:\Users\MOMAIB\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 32-bit (Build 10240)
---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v45.0.2454.101
MFIE: Mozilla Firefox 39.0.3 (x86 en-US) v39.0.3
MSIE: Internet Explorer v11.0.10240.16431
---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (3) - 3s
Malwarebytes Anti-Malware version 2.1.8.1057
Microsoft Security Client v4.8.0204.0
Windows Defender (Deactivate)
---\\ System optimization software (1) - 3s
CCleaner v5.03
---\\ Surveillance software (2) - 3s
Adobe Flash Player 19 NPAPI
Adobe Acrobat Reader DC - Français
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3089.728 MB (39% free)
~ System Restore: Activé (Enable)
~ System drive C: has 22 GB free of 204 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: MOMAIB-PC
~ User Name: MOMAIB
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 22 GB free of 204 GB (System)
~ Drive D: has 0 GB free of 272 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (23) - 5s
[MD5.B3F90790F991A5A21113B58EE50FA696] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [4048808] ©
[MD5.543C8A2961F38C20438A61B9455E914C] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [53760] ©
[MD5.43A465F658A66CF051C443947420B3E8] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\WINDOWS\System32\Wininit.exe [191144] ©
[MD5.73FC0143E518D8DB7AFE9675F4AF8063] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [2207232] ©
[MD5.72BABD33125885F826CE9CFCCF012CC4] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [490496] ©
[MD5.109CCF5163D6C397CF2E39408431B402] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\WINDOWS\System32\sppcomapi.dll [419328] ©
[MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [534064] ©
[MD5.C5E1DEF4FE031F6CD59AF5E46165F5A8] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [479072] ©
[MD5.8A2FA4E32D4949DA60D900BF495D5801] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [23392] ©
[MD5.45825ED9F218A1601253620BF516171E] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [74752] ©
[MD5.F9859843E5ABAB82E63CC3AA0FC50CF0] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [130560] ©
[MD5.FF2FAE24F70AC0501C59C20136A333DD] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [104960] ©
[MD5.D102A17D9A1B5D6205D9945835DCE21E] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [72704] ©
[MD5.4AFC7F3F691B8259B41712917808F35B] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [90624] ©
[MD5.48B70CFC8132E60A009F500B181EB91A] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [124416] ©
[MD5.0AFDF5734DAF0D1438802CF22238518C] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [343552] ©
[MD5.F60AE46F9B244F3FF02BFE0DF8DBFF86] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [216576] ©
[MD5.E42F80FB4C1A06EF4B071608571F5155] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [1808224] ©
[MD5.D2377D0CCC9396F37FACCF4AA9E0220A] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [81408] ©
[MD5.DCACCE3F3FF364F228E4197DC435A503] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [81408] ©
[MD5.86D46542F5B4CF19949A9D88F62F03CE] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [132608] ©
[MD5.35C4DBFAE5E7C4A5F53CAF94C23F0E82] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [95072] ©
[MD5.12999D4773D8034431795440A3DF910A] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [342368] ©
---\\ Process running (31) - 1s
[MD5.2870CE9BFD6BA66FB0FFC6D11C9E41A7] - (.Arcai.com - Arp Intelligent Protection Service.) -- C:\Program Files\netcut\services\aips.exe [262144] [PID.1632] ©
[MD5.F6CEFEF46986DE02A3AE5D93AE32B5DC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.460] ©
[MD5.4DC6B0772D1698F04FC79053A21C8260] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\AEADISRV.EXE [90112] [PID.552] ©
[MD5.2F2BD5EFFA8E91295F4DB493D85534B5] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.624] ©
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.484] ©
[MD5.6782337A0A679DA909C1D2524E46433F] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824] [PID.1208] ©
[MD5.6F220928AC68325AB50532EFBF5CB52B] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) -- C:\Program Files\BlueStacks\HD-UpdaterService.exe [786136] [PID.1428] ©
[MD5.BAADB247AF790439EA1C04008B907CF6] - (...) -- C:\Program Files\QSocial\QSocial_Updater.exe [7548928] [PID.2596]
[MD5.F172AD4E906D97ED8F071896FC6789DC] - (.Google Inc. - Google Installer.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] [PID.3972] ©
[MD5.7686690C40B41423273C31F0075332B7] - (.WiseCleaner.com - Wise System Monitor.) -- C:\Program Files\Wise\Wise System Monitor\WiseSystemMonitor.exe [3323952] [PID.3988] ©
[MD5.CB8C1CC4F46FBAC78150754D77460C73] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe [230792] [PID.4092] ©
[MD5.AE543176A07B4C39F86BDE74FC9391E6] - (.Logixoft - Revealer Keylogger Free.) -- C:\ProgramData\rvlkl\rvlkl.exe [375360] [PID.4268] =>PUP.Optional.RelevantKnowledge
[MD5.AFD15F701B550037FFDDE6B18171479D] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.4324] ©
[MD5.D1B2FADBF98C2B7A53893B939802004B] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157968] [PID.4400] ©
[MD5.E4085C9692976E98DC081828485BDE48] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3911248] [PID.4444] ©
[MD5.1AA479D2A100ACFDE3A7B7B2D6E53DC0] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [541968] [PID.4744] ©
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3616] ©
[MD5.A8C1BF646DD0168E81AFAA9662CCD843] - (...) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\updater\ace_update.exe [22824] [PID.2148]
[MD5.E693A24FD65B259131B8894A2D870DF2] - (...) -- C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x86__8wekyb3d8bbwe\Calculator.exe [2836992] [PID.2860]
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.3880] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.5588] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.3520] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.700] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.748] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.4672] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.5812] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.3456] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.7840] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.2264] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.6368] ©
[MD5.231AE3BE35DFA790FE484CCA354BCD15] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\MOMAIB\Desktop\ZHPDiag3.exe [1958912] [PID.8144] ©
---\\ Google Chrome, Start,Search,Extensions (12) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.facebook.com
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bigefpfhnfcobdlfbedofhhaibnlghod] MEGA
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [elioihkkcdgakfbahdoddophfngopipi] Photo Zoom for Facebook
G2 - GCE: Preference [User Data\Default] [gffkhmkbijdmbncaoclaclldnbndflck] Wolf and the Ice Planet
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (25) - 2s
M0 - MFSP: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] http://www.oursurfing.com/?type=hp&ts=1442404064&z=5ab86231e1e7cedefb5b239g5z1zdo1z1e5z0eeq1c&from=amt&uid=ST3500418AS_5VM519LDXXXX5VM519LD =>PUP.Optional.OurSurfing
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.FRA
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\elemhidehelper@adblockplus.org.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\firefox@mega.co.nz.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\info@youtube-mp3.org.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\whodeletedme@deleted.io.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\searchplugins\findit.xml =>PUP.Optional.SmartBar
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml =>PUP.Optional.SmartBar
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (.OB - SavePass 1.1.) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com
P2 - EXT: (. - 018f31601a6f465084fdaad8c13609c8.) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\{018f3160-1a6f-4650-84fd-aad8c13609c8}
P2 - FPN: [HKCU] [@acestream.net/acestreamplugin,version=3.1.0] - (.Innovative Digital Technologies.) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\player\npace_plugin.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_19_0_0_226.dll ©
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ©
P2 - FPN: [HKLM] [@RIM.com/WebSLLauncher,version=1.0] - (.Research In Motion.) -- C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ©
---\\ Internet Explorer Extensions, Start, Search (10) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bw56VMFZJr47C0zjXs2DH2uYqt4puxQ8bpwNTZc-gM0BeB5XHumrUebfwrQhHj43ZMvr5gwgFqfJDgsbiEUj3gfpqO7Slibo9-dE5Lhoe29sea8mOTxzbNDwQ9oI5Y8LUDArfjCRraA1krLtzAoKU8XtGAI5-
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©
---\\ Hosts file redirection (2) - 0s
31.13
~ Le fichier hôte est sain (The hosts file is clean) (49)
---\\ Browser Helper Object (BHO) (5) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll ©
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll ©
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ©
---\\ Auto loading programs from Registry and folders (26) - 1s
O4 - HKLM\..\Run: [Qsocial] C:\Program Files\QSocial\ /auto (.not file.)
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe ©
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe ©
O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE ©
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKCU\..\Run: [Qsocial] . (...) -- C:\Program Files\QSocial\QSocial.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe ©
O4 - HKCU\..\Run: [FreeAC] . (.Comfort Software Group - Free Alarm Clock.) -- C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
O4 - HKCU\..\Run: [WaterWarner] . (...) -- C:\Program Files\WaterWarner\WaterWarner.lnk
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [AceStream] . (...) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [Qsocial] . (...) -- C:\Program Files\QSocial\QSocial.exe
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [FreeAC] . (.Comfort Software Group - Free Alarm Clock.) -- C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [WaterWarner] . (...) -- C:\Program Files\WaterWarner\WaterWarner.lnk
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [AceStream] . (...) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\engine\ace_engine.exe
---\\ Lop.com/Domain Hijackers (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 212.217.0.12 212.217.1.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 62.251.230.241 212.217.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 212.217.0.12 212.217.1.12
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 62.251.230.241 212.217.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Extra protocols (26) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL ©
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll ©
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll ©
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll ©
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL ©
---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\ProgramData\ExtTag\laqrtny0.dll (.not file.)
---\\ Non Microsoft non disabled Windows Services (13) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: @oem131.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\AEADISRV.EXE ©
O23 - Service: Arp Intelligent Protection Service (AIPS) . (.Arcai.com - Arp Intelligent Protection Service.) - C:\Program Files\netcut\services\aips.exe ©
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe ©
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files\BlueStacks\HD-Service.exe ©
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe ©
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files\BlueStacks\HD-UpdaterService.exe ©
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: Qsocial Service (QsocialUpdater) . (...) - C:\Program Files\QSocial\QSocial_Updater.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe ©
O23 - Service: Wise Boot Assistant (WiseBootAssistant) . (.WiseCleaner.com - Wise BootTime Service.) - C:\Program Files\Wise\Wise Care 365\BootTime.exe ©
---\\ Task Planned Automatically (37) - 4s
[MD5.83371B8890405945A712BC37584B4689] [APT] [3dxvfef2] (...) -- C:\Program Files\Common Files\sjpvbho0\6563ca0n31ajr.exe [54784]
[MD5.2EED3542F86F77D56569504B37C8108A] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1045720] ©
[MD5.8C194A201698B4B4F77D974549819D1F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.2B24F194FC5B657397ECB2923A68350E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5503768] ©
[MD5.F172AD4E906D97ED8F071896FC6789DC] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] ©
[MD5.F172AD4E906D97ED8F071896FC6789DC] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] ©
[MD5.432B6BB30A6B1B9EF03F3125AB7DCD0D] [APT] [snf] (...) -- C:\ProgramData\ExtTag\sqlq4hm0.exe [4096]
[MD5.432B6BB30A6B1B9EF03F3125AB7DCD0D] [APT] [snp] (...) -- C:\ProgramData\ExtTag\sqlq4hm0.exe [4096]
[MD5.45042BE9FD94BBA8306D354696CA4E3B] [APT] [Wise Care 365] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2343984] ©
[MD5.B77EA52A2F5C975B7EDCA233BFACBBD8] [APT] [Wise Care 365 PC Checkup Task] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [7947208] ©
[MD5.45042BE9FD94BBA8306D354696CA4E3B] [APT] [Wise Care 365.job] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2343984] ©
[MD5.7686690C40B41423273C31F0075332B7] [APT] [Wise System Monitor] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise System Monitor\WiseSystemMonitor.exe [3323952] ©
[MD5.83371B8890405945A712BC37584B4689] [APT] [xkyug0yw] (...) -- C:\Program Files\Common Files\ybsp5dr5\1f8bbrpvwi3tc.exe [54784]
[MD5.83371B8890405945A712BC37584B4689] [APT] [ylufljbb] (...) -- C:\Program Files\Common Files\k4kk0tuj\a872dokv2vxg5.exe [54784]
[MD5.83371B8890405945A712BC37584B4689] [APT] [z5db54ol] (...) -- C:\Program Files\Common Files\v2yc4kcu\7b6ccdg1t2ozo.exe [54784]
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] [APT] [{36B4D59D-3338-40A5-AA12-350D833755BB}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [815944] ©
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [882] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [886] ©
O39 - APT: Wise Care 365 - (.WiseCleaner.com.) -- C:\WINDOWS\Tasks\Wise Care 365.job [400] ©
O39 - APT: Wise System Monitor - (.WiseCleaner.com.) -- C:\WINDOWS\Tasks\Wise System Monitor.job [440] ©
O39 - APT: 3dxvfef2 - (...) -- C:\WINDOWS\System32\Tasks\3dxvfef2 [3208]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3960] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3804] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2884] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3740] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3992] ©
O39 - APT: snf - (...) -- C:\WINDOWS\System32\Tasks\snf [3172]
O39 - APT: snp - (...) -- C:\WINDOWS\System32\Tasks\snp [3534]
O39 - APT: Wise Care 365 - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise Care 365 [2938] ©
O39 - APT: Wise Care 365 PC Checkup Task - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise Care 365 PC Checkup Task [4132] ©
O39 - APT: Wise Care 365 - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise Care 365.job [3602] ©
O39 - APT: Wise System Monitor - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise System Monitor [2978] ©
O39 - APT: xkyug0yw - (...) -- C:\WINDOWS\System32\Tasks\xkyug0yw [3208]
O39 - APT: ylufljbb - (...) -- C:\WINDOWS\System32\Tasks\ylufljbb [3208]
O39 - APT: z5db54ol - (...) -- C:\WINDOWS\System32\Tasks\z5db54ol [3208]
---\\ Software installed (128) - 16s
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0 - (.Nokia.) [HKLM] -- 17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382 ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Adobe Photoshop CS4 - (...) [HKLM] -- Adobe Photoshop CS4_is1
O42 - Logiciel: Microsoft Age of Empires II - (...) [HKLM] -- Age of Empires 2.0
O42 - Logiciel: Microsoft Age of Empires II: The Conquerors Expansion - (...) [HKLM] -- Age of Empires II: The Conquerors Expansion 1.0
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM] -- ASIO4ALL ©
O42 - Logiciel: Astroburn Lite - (.Disc Soft Ltd.) [HKLM] -- Astroburn Lite ©
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM] -- BlackBerry_Desktop ©
O42 - Logiciel: BlackBerry Device Manager 7.0 - (.Research In Motion Ltd..) [HKLM] -- BlackBerry_HandheldManager ©
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM] -- BlueStacks App Player ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner ©
O42 - Logiciel: CDisplayEx 1.10.29 - (.Progdigy Software S.A.R.L..) [HKLM] -- CDisplayEx_is1
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite ©
O42 - Logiciel: EyeLeo - (...) [HKLM] -- EyeLeo
O42 - Logiciel: FL Studio 12 - (.Image-Line.) [HKLM] -- FL Studio 12 ©
O42 - Logiciel: FL Studio ASIO - (.Image-Line.) [HKLM] -- FL Studio ASIO ©
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome ©
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1 ©
O42 - Logiciel: Intel(R) Management Engine Interface - (.Intel Corporation.) [HKLM] -- HECI ©
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM] -- IL Download Manager ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager ©
O42 - Logiciel: Internet Mobile - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet Mobile ©
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- League of Legends 3.0.1 ©
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM] -- MEGAsync ©
O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 39.0.3 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService ©
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO ©
O42 - Logiciel: Qsocial - (.Qsocial.) [HKLM] -- Qsocial
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client ©
O42 - Logiciel: TechPowerUp GPU-Z - (.TechPowerUp.) [HKLM] -- TechPowerUp GPU-Z
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player ©
O42 - Logiciel: Voobly - (.Voobly.) [HKLM] -- Voobly_is1 ©
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst ©
O42 - Logiciel: WinRAR 5.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver ©
O42 - Logiciel: Wise Auto Shutdown 1.45 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Auto Shutdown_is1 ©
O42 - Logiciel: Wise Care 365 3.87 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Care 365_is1 ©
O42 - Logiciel: Wise System Monitor 1.32 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise System Monitor_is1 ©
O42 - Logiciel: YU-GI-OH ! STAREDITION 2010 - (.StarTeD.) [HKLM] -- YU-GI-OH ! STAREDITION 20101.0
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {025E78AC-BD91-4E9E-B165-3C09D4084BA4} ©
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {04AF207D-9A77-465A-8B76-991F6AB66245} ©
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} ©
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} ©
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {14A5537C-3F8F-4681-A741-138D8515B8CC} ©
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6} ©
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94} ©
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} ©
O42 - Logiciel: WinSoftMEsti - (.Adobe Systems Incorporated.) [HKLM] -- {1FFB45AE-120B-4A9D-A914-BE466C6BBB0A} ©
O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27} ©
O42 - Logiciel: Skype™ 7.2 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: MPC-HC 1.7.8 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 ©
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF} ©
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {29373274-977E-413C-A4DE-DC0F8E80C429} ©
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {293D5729-7C01-4FA4-A4DE-BB6A1587BBB9} ©
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} ©
O42 - Logiciel: Inpaint 6.0 - (.Teorex.) [HKLM] -- {2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1 ©
O42 - Logiciel: Adobe Color EU Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {51846830-E7B2-4218-8968-B77F0FF475B8} ©
O42 - Logiciel: Free Picture Resizer version 1.0.1.2 - (.Free Picture Solutions.) [HKLM] -- {53076EED-5E5F-47D7-BB90-9B061B524D17}_is1
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {538227C6-C74B-4A74-99E1-2C0B4F9DA5E1} ©
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078} ©
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ©
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B} ©
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B} ©
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} ©
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {6E3939AE-9996-4D07-9A30-14C78AE93576} ©
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} ©
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7678C8F6-1EEE-4832-8E22-199B01333ECC} ©
O42 - Logiciel: WaterWarner 0.1 - (.James, Ltd..) [HKLM] -- {77CA19C8-EB0D-413E-A1DB-94C23EBF86E7}_is1
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ©
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} ©
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {79BF4901-1EC4-4726-B3C2-A7859706C6E7} ©
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} ©
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {802771A9-A856-4A41-ACF7-1450E523C923} ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} ©
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} ©
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} ©
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312} ©
O42 - Logiciel: Free Alarm Clock 3.1.0 - (.Comfort Software Group.) [HKLM] -- {8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3085500) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6A5F1709-91E6-479F-B09F-D7FC9D2404D8} ©
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0117-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3085500) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{6A5F1709-91E6-479F-B09F-D7FC9D2404D8} ©
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BF1B3F01-93F3-4B83-93DB-132EB1AED259} ©
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95} ©
O42 - Logiciel: AMD Problem Report Wizard - (.Advanced Micro Devices, Inc..) [HKLM] -- {9021FF29-D705-75C8-D808-C45D796EBC7E} ©
O42 - Logiciel: Adobe Color NA Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {95655ED4-7CA5-46DF-907F-7144877A32E5} ©
O42 - Logiciel: Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.11761. - (.Microsoft Corporation.) [HKLM] -- {986E003C-E56D-5A47-110E-D3C81F0E8535} ©
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} ©
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408} ©
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C} ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824157129} ©
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} ©
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} ©
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} ©
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D} ©
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM] -- {BE5B0450-DCCB-4FE9-93E2-3B38D88A745B} ©
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} ©
O42 - Logiciel: BlackBerry Device Manager 7.0 - (.Research In Motion Ltd..) [HKLM] -- {CBAB27F5-C326-410D-B789-3C7240D91D25} ©
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} ©
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C} ©
O42 - Logiciel: GTA San Andreas - (.Rockstar Games.) [HKLM] -- {D417C96A-FCC7-4590-A1BB-FAF73F5BC98E} ©
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {D92B72E2-C854-4738-8ED6-4C3661CC17AE} ©
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} ©
O42 - Logiciel: HydraVision - (.Advanced Micro Devices, Inc..) [HKLM] -- {DE89F007-B75E-368D-47D2-ADE9AF616261} ©
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} ©
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8} ©
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C} ©
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: BlueStacks Notification Center - (.BlueStack Systems, Inc..) [HKLM] -- {FDB8F715-FC8D-4C20-B614-E0361BB69A17} ©
O42 - Logiciel: Ace Stream Media 3.1.0 - (.Ace Stream Media.) [HKCU] -- AceStream ©
O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU] -- GameRanger ©
O42 - Logiciel: PhotoFiltre Studio X - (...) [HKCU] -- PhotoFiltre Studio X
O42 - Logiciel: Qsocial - (.Qsocial.) [HKCU] -- Qsocial
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent
---\\ HKCU & HKLM Software Keys (212) - 17s
HKLM\SOFTWARE\0968be64-279e-4848-8623-30fa42e5f57b =>PUP.Optional.CrossRider
HKLM\SOFTWARE\121_31
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Ahead
HKLM\SOFTWARE\Analog Devices
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\Arcai
HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Arobas Music
HKLM\SOFTWARE\ASIO
HKLM\SOFTWARE\ASIO4ALL
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\AVG
HKLM\SOFTWARE\BitDefender Parental Control
HKLM\SOFTWARE\BlueStacks
HKLM\SOFTWARE\Caphyon
HKLM\SOFTWARE\CBSTEST
HKLM\SOFTWARE\Client
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\Docudesk
HKLM\SOFTWARE\Extended Systems
HKLM\SOFTWARE\EyeLeo
HKLM\SOFTWARE\Forward Development
HKLM\SOFTWARE\Fraps
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\HitmanPro
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\IDM
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\Image-Line
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\IO Interactive
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KONAMI
HKLM\SOFTWARE\L&H
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\LogMeInRescueCallingCard
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Macrovision
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mtExtTag
HKLM\SOFTWARE\mtNimzap
HKLM\SOFTWARE\NCH Software
HKLM\SOFTWARE\NCH Swift Sound
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\Nokia
HKLM\SOFTWARE\NSIS.Library.RegTool.v3
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OEM
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Origin Games
HKLM\SOFTWARE\oursurfingSoftware =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\Outsim
HKLM\SOFTWARE\PC Connectivity Solution
HKLM\SOFTWARE\PCSuite
HKLM\SOFTWARE\pictureresizer_setup
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\PowerISO
HKLM\SOFTWARE\Propellerhead Software
HKLM\SOFTWARE\Reason
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Research In Motion
HKLM\SOFTWARE\Riot Games
HKLM\SOFTWARE\Rockstar Games
HKLM\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKLM\SOFTWARE\searchult =>PUP.Optional.Generic
HKLM\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SoftVoice
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SonicFocus
HKLM\SOFTWARE\SOSVirus
HKLM\SOFTWARE\Syntrillium
HKLM\SOFTWARE\TeamSpeak 3 Client
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\ThinPrint
HKLM\SOFTWARE\tueagles
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\VMware, Inc.
HKLM\SOFTWARE\Voice
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\VST
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\WiseCleaner
HKLM\SOFTWARE\WOW6432Node
HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AceStream
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\Analog Devices
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Arcai.com
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Caphyon
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaP-1.9cV16.09-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ComfortSoftware
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Extended Systems
HKCU\SOFTWARE\FormatFactory
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GameRanger
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Image-Line
HKCU\SOFTWARE\IMDownloader
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Integrator
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\L2j Community Network
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\mtExtTag
HKCU\SOFTWARE\mtNimzap
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\NCH Swift Sound
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nokia
HKCU\SOFTWARE\Noromaa Solutions
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PhotoFiltre Studio X
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RDP
HKCU\SOFTWARE\Reason
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Research In Motion
HKCU\SOFTWARE\SAMP
HKCU\SOFTWARE\SavePass 1.1 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Skyshape
HKCU\SOFTWARE\Smart Soft
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Syntrillium
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\techPowerUp
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\Teorex
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\undefined
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Voobly
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZAR
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\lescifut
HKCU\SOFTWARE\AppDataLow\Software\Unity
HKCU\SOFTWARE\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
---\\ Contents of the Common Files folders (384) - 24s
O43 - CFD: 2015/04/10 02:24:44 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/09/17 03:22:06 - [] D -- C:\Program Files\AMD APP
O43 - CFD: 2015/08/02 03:09:40 - [] D -- C:\Program Files\Analog Devices
O43 - CFD: 2015/08/16 10:22:10 - [] D -- C:\Program Files\Anki
O43 - CFD: 2015/03/10 20:32:25 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2015/09/18 15:15:24 - [] D -- C:\Program Files\ASIO4ALL v2
O43 - CFD: 2014/10/20 20:49:16 - [] D -- C:\Program Files\Astroburn Lite
O43 - CFD: 2015/08/02 03:58:23 - [] D -- C:\Program Files\ATI Technologies
O43 - CFD: 2015/06/08 02:32:50 - [] D -- C:\Program Files\Auto Shutdown
O43 - CFD: 2015/08/16 12:16:55 - [] D -- C:\Program Files\baidu
O43 - CFD: 2015/01/07 12:41:17 - [] D -- C:\Program Files\BlueStacks
O43 - CFD: 2015/08/28 14:34:07 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2015/01/19 20:46:47 - [] D -- C:\Program Files\BrainWave Generator
O43 - CFD: 2015/08/13 18:41:09 - [0] D -- C:\Program Files\cce98bbb-5151-42aa-9461-de1d152a01b3 =>PUP.Optional.CrossRider
O43 - CFD: 2015/04/07 21:29:16 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2015/09/26 12:06:56 - [] D -- C:\Program Files\CDisplayEx
O43 - CFD: 2015/09/16 12:53:23 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2014/10/20 20:49:19 - [] D -- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 2015/01/04 20:17:22 - [] D -- C:\Program Files\DIFX
O43 - CFD: 2015/03/20 18:22:41 - [] D -- C:\Program Files\DSPRobotics
O43 - CFD: 2015/07/31 13:21:33 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/09/26 03:26:08 - [] D -- C:\Program Files\EyeLeo
O43 - CFD: 2015/08/16 12:21:43 - [] D -- C:\Program Files\fchk32 =>PUP.Optional.Amonetize
O43 - CFD: 2015/08/30 23:40:24 - [] D -- C:\Program Files\Free Picture Resizer
O43 - CFD: 2015/07/20 04:59:22 - [] D -- C:\Program Files\FreeAlarmClock
O43 - CFD: 2015/04/06 18:13:32 - [] D -- C:\Program Files\FreeTime
O43 - CFD: 2015/07/17 22:52:07 - [] D -- C:\Program Files\FROM_Monitor
O43 - CFD: 2015/09/17 12:57:03 - [] D -- C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/16 12:17:00 - [] D -- C:\Program Files\GoHD =>PUP.Optional.CrossRider
O43 - CFD: 2015/02/03 03:09:13 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/08/02 02:57:40 - [] D -- C:\Program Files\GPU-Z
O43 - CFD: 2014/10/20 20:49:19 - [] D -- C:\Program Files\Guitar Pro 5
O43 - CFD: 2015/04/13 23:47:55 - [] D -- C:\Program Files\Hitman Codename 47
O43 - CFD: 2015/08/16 11:32:16 - [0] D -- C:\Program Files\HitmanPro
O43 - CFD: 2015/09/18 15:15:26 - [] D -- C:\Program Files\Image-Line
O43 - CFD: 2015/05/03 17:20:12 - [] D -- C:\Program Files\Inpaint
O43 - CFD: 2015/08/02 03:09:33 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2014/11/13 14:01:33 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/10/09 16:35:19 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/08/07 17:13:22 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/03/25 12:26:55 - [] D -- C:\Program Files\Internet Mobile
O43 - CFD: 2015/08/28 14:36:53 - [] D -- C:\Program Files\iPod
O43 - CFD: 2015/08/28 14:37:37 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2014/10/31 22:39:33 - [] D -- C:\Program Files\Java
O43 - CFD: 2014/07/18 03:04:53 - [0] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 2015/08/16 10:25:33 - [0] D -- C:\Program Files\LG Electronics
O43 - CFD: 2015/08/16 10:50:16 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 2014/07/11 05:05:39 - [] D -- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 2015/07/31 13:21:34 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2015/08/24 14:23:23 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2014/12/22 01:32:06 - [] D -- C:\Program Files\Microsoft OneDrive
O43 - CFD: 2015/08/13 18:42:26 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2014/07/11 05:09:01 - [] D -- C:\Program Files\Microsoft SQL Server
O43 - CFD: 2014/12/22 01:37:27 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2014/06/23 00:14:57 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2015/07/31 13:21:35 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/10/05 02:27:37 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/08/13 18:42:26 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2015/02/13 02:44:05 - [] D -- C:\Program Files\MPC-HC
O43 - CFD: 2015/07/31 20:36:49 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2014/12/22 05:14:08 - [] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 2015/07/24 22:36:38 - [] D -- C:\Program Files\netcut
O43 - CFD: 2015/03/15 14:58:57 - [] D -- C:\Program Files\NetCutDefender
O43 - CFD: 2015/03/15 15:27:39 - [] D -- C:\Program Files\Nokia
O43 - CFD: 2015/06/05 10:58:04 - [] D -- C:\Program Files\NVIDIA Corporation
O43 - CFD: 2015/01/17 11:43:15 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/03/15 15:30:35 - [] D -- C:\Program Files\Origin
O43 - CFD: 2014/12/07 22:40:08 - [] D -- C:\Program Files\Origin Games
O43 - CFD: 2014/07/27 08:34:39 - [] D -- C:\Program Files\Outsim
O43 - CFD: 2015/01/04 20:17:16 - [] D -- C:\Program Files\PC Connectivity Solution
O43 - CFD: 2015/07/03 20:10:47 - [] D -- C:\Program Files\PhotoFiltre Studio X
O43 - CFD: 2015/08/30 23:39:06 - [] D -- C:\Program Files\pictureresizer_setup
O43 - CFD: 2014/08/08 15:49:55 - [] D -- C:\Program Files\Portforward.com
O43 - CFD: 2015/09/09 18:22:11 - [] D -- C:\Program Files\PowerISO
O43 - CFD: 2015/08/17 12:44:17 - [] D -- C:\Program Files\QSocial
O43 - CFD: 2015/06/21 14:47:56 - [0] D -- C:\Program Files\Reason
O43 - CFD: 2015/07/31 20:36:49 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/05/12 15:52:57 - [] D -- C:\Program Files\Research In Motion
O43 - CFD: 2015/03/20 15:11:33 - [] D -- C:\Program Files\ReviverSoft
O43 - CFD: 2014/08/03 05:17:20 - [] D -- C:\Program Files\Rockstar Games
O43 - CFD: 2015/05/21 22:56:49 - [] D -- C:\Program Files\Ski Search =>PUP.Optional.SkiSearch
O43 - CFD: 2015/06/05 11:00:06 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/05/28 00:28:50 - [] D -- C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 2015/07/10 10:55:46 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2014/11/09 21:32:07 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 2014/11/13 14:07:38 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/07/16 04:17:40 - [] D -- C:\Program Files\Voobly
O43 - CFD: 2015/09/18 15:14:01 - [] D -- C:\Program Files\VstPlugins
O43 - CFD: 2015/07/27 13:01:06 - [] D -- C:\Program Files\WaterWarner
O43 - CFD: 2015/08/03 17:57:49 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/09/09 13:53:18 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2014/12/22 01:50:12 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2015/07/31 13:21:36 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/08/03 17:57:49 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 2015/07/10 09:28:23 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2015/08/03 17:57:49 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2015/07/31 13:21:37 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 2015/10/23 12:26:58 - [] HD -- C:\Program Files\WindowsApps
O43 - CFD: 2015/07/10 09:28:23 - [] SD -- C:\Program Files\WindowsPowerShell
O43 - CFD: 2015/07/15 04:24:20 - [] D -- C:\Program Files\WinPcap
O43 - CFD: 2014/10/20 20:49:27 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/06/27 14:04:46 - [] D -- C:\Program Files\Wise
O43 - CFD: 2015/04/09 00:48:46 - [] D -- C:\Program Files\YU-GI-OH ! STAREDITION 2010
O43 - CFD: 2015/10/01 04:29:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/07/31 13:27:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/31 13:27:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 2015/08/02 03:58:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/09/26 12:06:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
O43 - CFD: 2015/08/30 23:40:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Picture Resizer
O43 - CFD: 2015/03/15 15:22:53 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
O43 - CFD: 2015/09/18 15:13:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Mobile
O43 - CFD: 2015/08/28 14:37:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/16 10:50:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/31 13:21:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor™
O43 - CFD: 2015/07/31 13:21:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
O43 - CFD: 2015/10/14 03:55:46 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/08/12 11:34:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/09/09 18:22:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2015/07/31 13:21:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
O43 - CFD: 2015/07/31 13:21:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/08/17 13:03:55 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/07/10 09:28:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/10 11:49:43 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Capture Convert Split Merge Burn Studio
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaterWarner
O43 - CFD: 2015/07/31 13:27:27 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown
O43 - CFD: 2015/10/03 18:04:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise System Monitor
O43 - CFD: 2015/02/03 00:31:13 - [] D -- C:\ProgramData\15110483129248663602
O43 - CFD: 2015/04/10 03:18:01 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/12/22 05:31:55 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 2015/03/10 20:32:20 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/03/10 20:33:23 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/06/30 22:02:45 - [] D -- C:\ProgramData\Astroburn Lite
O43 - CFD: 2014/09/27 22:57:52 - [] D -- C:\ProgramData\AutoHideIP
O43 - CFD: 2015/08/28 14:36:44 - [] D -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 2015/04/06 18:14:39 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/06/20 12:14:54 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 2015/01/07 12:41:34 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 2015/03/15 15:12:56 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2014/07/27 08:39:37 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/07/10 09:28:23 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 2014/06/20 21:20:21 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2015/01/19 20:45:44 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/11/07 17:37:59 - [] SHD -- C:\ProgramData\DSS
O43 - CFD: 2014/06/20 14:37:00 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 2014/06/20 15:02:54 - [] D -- C:\ProgramData\EA Logs
O43 - CFD: 2014/06/20 14:37:03 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2015/08/16 12:17:01 - [] D -- C:\ProgramData\ExtTag =>PUP.Optional.ExtTag
O43 - CFD: 2015/08/15 22:56:46 - [] D -- C:\ProgramData\ExtTags =>PUP.Optional.ExtTag
O43 - CFD: 2015/07/31 13:37:52 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/06/27 14:02:41 - [] D -- C:\ProgramData\fbphhcmlhjedglhheehmleemhejnlcli
O43 - CFD: 2014/06/23 17:09:30 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2015/08/16 12:17:15 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 2014/06/20 03:03:03 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2014/09/22 17:20:30 - [] D -- C:\ProgramData\Informer Technologies, Inc
O43 - CFD: 2014/09/29 14:31:31 - [] D -- C:\ProgramData\Installations
O43 - CFD: 2015/01/18 14:35:22 - [] D -- C:\ProgramData\Internet Mobile
O43 - CFD: 2014/06/26 16:36:56 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2014/12/05 10:27:09 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/08/02 02:18:57 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/10/14 03:55:33 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/12/22 01:31:42 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2014/07/11 06:07:53 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 2014/06/20 02:46:08 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/08/16 12:17:01 - [] D -- C:\ProgramData\Nimzap
O43 - CFD: 2015/08/15 21:47:39 - [] D -- C:\ProgramData\Nimzaps
O43 - CFD: 2015/01/07 11:59:40 - [0] D -- C:\ProgramData\Nokia
O43 - CFD: 2015/01/04 20:09:40 - [] D -- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 2014/10/31 22:39:48 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/03/15 15:30:29 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2014/09/29 14:34:12 - [] D -- C:\ProgramData\PC Suite
O43 - CFD: 2015/05/21 21:49:15 - [] D -- C:\ProgramData\Reason
O43 - CFD: 2015/08/24 14:25:05 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/01/15 13:30:39 - [] D -- C:\ProgramData\Research In Motion
O43 - CFD: 2015/05/09 20:08:23 - [0] D -- C:\ProgramData\Riot Games
O43 - CFD: 2015/08/17 13:03:54 - [] D -- C:\ProgramData\rvlkl =>PUP.Optional.RelevantKnowledge
O43 - CFD: 2015/03/25 02:35:34 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2015/08/03 06:50:50 - [] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 2015/08/02 03:09:41 - [] D -- C:\ProgramData\SonicFocus
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/10/31 04:03:39 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2014/07/30 14:24:28 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/09/29 01:42:31 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2014/07/02 19:40:16 - [] D -- C:\ProgramData\Ubisoft
O43 - CFD: 2015/07/10 10:56:39 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 2015/07/10 10:56:39 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 2015/05/30 11:20:06 - [] D -- C:\ProgramData\VMware
O43 - CFD: 2014/07/27 08:39:44 - [] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 2014/12/19 16:08:57 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2015/04/10 02:24:48 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2015/08/28 14:36:52 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2014/11/06 19:11:09 - [] D -- C:\Program Files\Common Files\Bitdefender
O43 - CFD: 2014/10/20 20:49:17 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2014/12/07 22:40:12 - [0] HD -- C:\Program Files\Common Files\EAInstaller
O43 - CFD: 2014/08/03 05:16:16 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2014/10/31 22:39:44 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\k4kk0tuj
O43 - CFD: 2014/06/20 20:58:49 - [] D -- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 2015/07/31 13:21:32 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2015/03/20 18:24:22 - [] D -- C:\Program Files\Common Files\Propellerhead Software
O43 - CFD: 2015/01/15 13:30:49 - [] D -- C:\Program Files\Common Files\Research In Motion
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\sjpvbho0
O43 - CFD: 2015/03/25 02:35:15 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2015/07/31 13:21:32 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/08/03 17:57:48 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\v2yc4kcu
O43 - CFD: 2014/12/22 01:30:29 - [] D -- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2015/01/15 13:30:43 - [] D -- C:\Program Files\Common Files\XCPCSync.OEM
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\ybsp5dr5
O43 - CFD: 2015/09/27 04:51:00 - [] D -- C:\Users\MOMAIB\AppData\Roaming\.ACEStream
O43 - CFD: 2015/09/26 15:33:48 - [] D -- C:\Users\MOMAIB\AppData\Roaming\ACEStream
O43 - CFD: 2015/04/10 02:27:27 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Adobe
O43 - CFD: 2014/12/30 09:31:27 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Ahead
O43 - CFD: 2015/08/29 17:09:56 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Apple Computer
O43 - CFD: 2015/07/07 05:45:11 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Audacity
O43 - CFD: 2014/07/27 08:41:03 - [] D -- C:\Users\MOMAIB\AppData\Roaming\AVG
O43 - CFD: 2015/09/26 12:07:38 - [] D -- C:\Users\MOMAIB\AppData\Roaming\CDisplayEx
O43 - CFD: 2014/09/21 02:26:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Cool Record Edit Pro
O43 - CFD: 2015/08/16 11:30:57 - [] D -- C:\Users\MOMAIB\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/01/14 14:46:44 - [] D -- C:\Users\MOMAIB\AppData\Roaming\deskPDF Editor
O43 - CFD: 2015/01/14 14:53:38 - [] D -- C:\Users\MOMAIB\AppData\Roaming\deskUNPDF
O43 - CFD: 2015/10/24 05:15:09 - [] D -- C:\Users\MOMAIB\AppData\Roaming\DMCache
O43 - CFD: 2015/09/26 03:26:12 - [] D -- C:\Users\MOMAIB\AppData\Roaming\EyeLeo
O43 - CFD: 2014/12/19 16:06:52 - [] D -- C:\Users\MOMAIB\AppData\Roaming\FlowStone
O43 - CFD: 2015/01/14 14:22:28 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Free PDF to Word Converter
O43 - CFD: 2015/07/19 10:59:12 - [] D -- C:\Users\MOMAIB\AppData\Roaming\FROM_Monitor
O43 - CFD: 2014/06/30 01:44:05 - [] D -- C:\Users\MOMAIB\AppData\Roaming\GameRanger
O43 - CFD: 2015/07/03 21:44:40 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Identities
O43 - CFD: 2015/10/23 12:03:47 - [] D -- C:\Users\MOMAIB\AppData\Roaming\IDM
O43 - CFD: 2014/12/19 16:07:04 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Image-Line
O43 - CFD: 2015/08/02 03:09:25 - [] D -- C:\Users\MOMAIB\AppData\Roaming\InstallShield
O43 - CFD: 2015/08/16 10:25:29 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\LG Electronics
O43 - CFD: 2015/05/28 00:08:51 - [] D -- C:\Users\MOMAIB\AppData\Roaming\LolClient
O43 - CFD: 2014/06/20 03:40:50 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Macromedia
O43 - CFD: 2011/04/12 03:24:18 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/08/02 03:58:17 - [] SD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft
O43 - CFD: 2014/06/20 02:50:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Mozilla
O43 - CFD: 2015/02/13 02:57:49 - [] D -- C:\Users\MOMAIB\AppData\Roaming\MPC-HC
O43 - CFD: 2014/12/14 16:26:20 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Nokia
O43 - CFD: 2014/11/07 17:38:03 - [] D -- C:\Users\MOMAIB\AppData\Roaming\NVIDIA
O43 - CFD: 2015/01/17 11:43:12 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\Opera Software
O43 - CFD: 2014/06/20 12:16:48 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Origin
O43 - CFD: 2014/12/14 16:22:08 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PC Suite
O43 - CFD: 2014/08/20 17:48:13 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PFStaticIP
O43 - CFD: 2014/10/27 03:16:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PhotoFiltre
O43 - CFD: 2015/07/03 21:45:27 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PhotoFiltre Studio X
O43 - CFD: 2014/08/08 15:50:38 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PortForward.com
O43 - CFD: 2015/08/15 22:15:07 - [] D -- C:\Users\MOMAIB\AppData\Roaming\ppslog
O43 - CFD: 2015/10/13 02:43:44 - [] D -- C:\Users\MOMAIB\AppData\Roaming\QSocial
O43 - CFD: 2014/06/20 02:50:34 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\QuickScan
O43 - CFD: 2015/01/15 13:38:57 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Research In Motion
O43 - CFD: 2015/05/09 20:03:50 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Riot Games
O43 - CFD: 2015/09/16 15:13:28 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Skype
O43 - CFD: 2015/01/14 14:19:55 - [] D -- C:\Users\MOMAIB\AppData\Roaming\sparta111
O43 - CFD: 2014/09/22 17:16:28 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Syntrillium
O43 - CFD: 2015/06/05 10:16:02 - [] D -- C:\Users\MOMAIB\AppData\Roaming\TeamViewer
O43 - CFD: 2014/07/11 00:51:37 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Thinstall
O43 - CFD: 2015/06/05 10:15:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\TS3Client
O43 - CFD: 2014/09/30 11:51:02 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\TuneUp Software
O43 - CFD: 2014/07/02 19:40:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Ubisoft
O43 - CFD: 2014/08/01 20:39:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Unity
O43 - CFD: 2015/10/24 12:44:42 - [] D -- C:\Users\MOMAIB\AppData\Roaming\uTorrent
O43 - CFD: 2015/10/22 23:27:31 - [] D -- C:\Users\MOMAIB\AppData\Roaming\vlc
O43 - CFD: 2015/05/30 11:26:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\VMware
O43 - CFD: 2014/06/20 03:34:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\WinRAR
O43 - CFD: 2015/05/22 01:54:02 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Wise Auto Shutdown
O43 - CFD: 2015/10/24 07:03:00 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Wise Care 365
O43 - CFD: 2015/06/27 14:05:06 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Wise System Monitor
O43 - CFD: 2015/10/24 14:18:39 - [] D -- C:\Users\MOMAIB\AppData\Roaming\ZHP
O43 - CFD: 2014/08/02 04:50:32 - [] D -- C:\Users\MOMAIB\AppData\Local\24762
O43 - CFD: 2014/12/11 21:39:22 - [] D -- C:\Users\MOMAIB\AppData\Local\24811
O43 - CFD: 2015/08/13 18:48:24 - [] D -- C:\Users\MOMAIB\AppData\Local\7B1E190E-EDBC-4D24-9A95-BDCACDAF136B
O43 - CFD: 2015/07/14 17:12:20 - [] D -- C:\Users\MOMAIB\AppData\Local\Adobe
O43 - CFD: 2014/12/30 08:57:43 - [] D -- C:\Users\MOMAIB\AppData\Local\Ahead
O43 - CFD: 2015/03/10 20:32:28 - [] D -- C:\Users\MOMAIB\AppData\Local\Apple
O43 - CFD: 2015/03/10 20:34:49 - [] D -- C:\Users\MOMAIB\AppData\Local\Apple Computer
O43 - CFD: 2015/07/31 13:18:28 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\Application Data
O43 - CFD: 2015/01/11 13:24:48 - [] D -- C:\Users\MOMAIB\AppData\Local\Apps
O43 - CFD: 2014/07/27 08:41:03 - [] D -- C:\Users\MOMAIB\AppData\Local\AVG
O43 - CFD: 2015/01/07 12:40:14 - [] D -- C:\Users\MOMAIB\AppData\Local\Bluestacks
O43 - CFD: 2015/07/22 10:50:14 - [] D -- C:\Users\MOMAIB\AppData\Local\CEF
O43 - CFD: 2014/10/09 17:00:43 - [] D -- C:\Users\MOMAIB\AppData\Local\Chromium
O43 - CFD: 2015/07/31 14:25:15 - [] D -- C:\Users\MOMAIB\AppData\Local\Comms
O43 - CFD: 2015/08/16 11:29:11 - [0] D -- C:\Users\MOMAIB\AppData\Local\CrashDumps
O43 - CFD: 2015/09/08 07:31:24 - [0] D -- C:\Users\MOMAIB\AppData\Local\Diagnostics
O43 - CFD: 2015/02/13 02:06:02 - [] D -- C:\Users\MOMAIB\AppData\Local\Downloaded Installations
O43 - CFD: 2015/10/05 02:27:38 - [] D -- C:\Users\MOMAIB\AppData\Local\EAD7DE58-1439489549-11DD-BBDA-8112680F0024
O43 - CFD: 2014/12/15 00:23:14 - [] SHD -- C:\Users\MOMAIB\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/10/09 16:53:00 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\EmieSiteList
O43 - CFD: 2015/10/09 16:53:00 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\EmieUserList
O43 - CFD: 2014/06/20 14:38:16 - [] D -- C:\Users\MOMAIB\AppData\Local\ESN
O43 - CFD: 2015/08/30 23:42:21 - [] D -- C:\Users\MOMAIB\AppData\Local\Free_Picture_Solutions
O43 - CFD: 2015/09/16 12:52:47 - [] D -- C:\Users\MOMAIB\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/01 19:10:13 - [] D -- C:\Users\MOMAIB\AppData\Local\Google
O43 - CFD: 2015/06/01 23:31:01 - [] D -- C:\Users\MOMAIB\AppData\Local\GWX
O43 - CFD: 2015/07/31 13:18:28 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\History
O43 - CFD: 2015/08/16 10:25:29 - [0] D -- C:\Users\MOMAIB\AppData\Local\LG Electronics
O43 - CFD: 2014/06/20 03:40:50 - [] D -- C:\Users\MOMAIB\AppData\Local\Macromedia
O43 - CFD: 2014/07/11 16:59:43 - [] D -- C:\Users\MOMAIB\AppData\Local\Mega Limited
O43 - CFD: 2015/08/08 21:10:31 - [] D -- C:\Users\MOMAIB\AppData\Local\MEGAsync
O43 - CFD: 2015/09/30 14:27:49 - [] D -- C:\Users\MOMAIB\AppData\Local\Microsoft
O43 - CFD: 2014/07/17 04:50:04 - [] D -- C:\Users\MOMAIB\AppData\Local\Microsoft Games
O43 - CFD: 2015/06/02 20:35:24 - [] D -- C:\Users\MOMAIB\AppData\Local\Microsoft Help
O43 - CFD: 2015/07/31 13:46:04 - [] D -- C:\Users\MOMAIB\AppData\Local\MicrosoftEdge
O43 - CFD: 2015/02/18 12:46:46 - [] D -- C:\Users\MOMAIB\AppData\Local\Mozilla
O43 - CFD: 2015/01/05 08:18:27 - [] D -- C:\Users\MOMAIB\AppData\Local\Nokia
O43 - CFD: 2015/01/07 11:58:24 - [] D -- C:\Users\MOMAIB\AppData\Local\NokiaAccount
O43 - CFD: 2015/01/17 11:43:12 - [0] D -- C:\Users\MOMAIB\AppData\Local\Opera Software
O43 - CFD: 2015/10/13 19:26:38 - [] D -- C:\Users\MOMAIB\AppData\Local\Packages
O43 - CFD: 2015/08/01 19:05:57 - [0] D -- C:\Users\MOMAIB\AppData\Local\PeerDistRepub
O43 - CFD: 2014/06/20 04:28:48 - [] D -- C:\Users\MOMAIB\AppData\Local\Programs
O43 - CFD: 2015/07/31 13:41:51 - [] D -- C:\Users\MOMAIB\AppData\Local\Publishers
O43 - CFD: 2014/06/20 14:39:23 - [] D -- C:\Users\MOMAIB\AppData\Local\PunkBuster
O43 - CFD: 2015/01/15 13:32:27 - [] D -- C:\Users\MOMAIB\AppData\Local\Research In Motion
O43 - CFD: 2014/06/20 03:41:16 - [] D -- C:\Users\MOMAIB\AppData\Local\Skype
O43 - CFD: 2015/01/17 11:47:41 - [0] D -- C:\Users\MOMAIB\AppData\Local\Sparta
O43 - CFD: 2014/07/11 16:44:39 - [] D -- C:\Users\MOMAIB\AppData\Local\Spoon
O43 - CFD: 2015/02/13 02:08:22 - [] D -- C:\Users\MOMAIB\AppData\Local\SRS Labs
O43 - CFD: 2015/08/15 22:44:09 - [] D -- C:\Users\MOMAIB\AppData\Local\SysassistByHotWheel =>PUP.Optional.Generic
O43 - CFD: 2015/10/24 14:19:14 - [] D -- C:\Users\MOMAIB\AppData\Local\Temp
O43 - CFD: 2015/07/31 13:18:28 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/06/20 02:43:10 - [] D -- C:\Users\MOMAIB\AppData\Local\Thinstall
O43 - CFD: 2015/07/31 13:39:33 - [] D -- C:\Users\MOMAIB\AppData\Local\TileDataLayer
O43 - CFD: 2014/09/30 11:51:02 - [0] D -- C:\Users\MOMAIB\AppData\Local\TuneUp Software
O43 - CFD: 2015/06/03 17:15:42 - [] D -- C:\Users\MOMAIB\AppData\Local\Unity
O43 - CFD: 2014/09/27 22:51:13 - [] D -- C:\Users\MOMAIB\AppData\Local\VirtualStore
O43 - CFD: 2015/05/30 11:24:37 - [] D -- C:\Users\MOMAIB\AppData\Local\VMware
O43 - CFD: 2015/08/16 12:17:03 - [] D -- C:\Users\MOMAIB\AppData\Local\W3CLogging
O43 - CFD: 2015/10/23 22:23:22 - [] D -- C:\Users\MOMAIB\AppData\Local\Windows Live
O43 - CFD: 2014/06/26 16:40:41 - [] D -- C:\Users\MOMAIB\AppData\Local\Xenocode
O43 - CFD: 2015/07/10 09:28:25 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/08/16 12:17:15 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/09/26 15:32:30 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
O43 - CFD: 2015/08/28 13:30:50 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/09/18 15:15:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
O43 - CFD: 2015/07/31 13:27:23 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
O43 - CFD: 2015/09/26 03:26:09 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EyeLeo
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/10/09 16:37:50 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hitman Codename 47
O43 - CFD: 2015/07/31 13:19:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
O43 - CFD: 2015/09/18 15:13:29 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
O43 - CFD: 2015/09/26 03:26:09 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/10 09:28:25 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/08/02 02:57:43 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 2015/07/10 09:28:32 - [] RSD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YU-GI-OH ! STAREDITION 2010
---\\ Latest files created in Prefetcher (1) - 13s
O45 - LFCP:[MD5.D92D21A2816C4DB3A51DF30FE2D87E01] 2015/10/24 07:03:22 A -- C:\WINDOWS\Prefetch\RVLKL.EXE-4346CD87.pf =>PUP.Optional.RelevantKnowledge
---\\ ShellIconOverlayIdentifiers (SIOI) (17) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll ©
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: UpToDateOverlayHandler Class [ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SyncingOverlayHandler Class [ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: ErrorOverlayHandler Class [ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: ###MegaShellExtPending [###MegaShellExtPending] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\MOMAIB\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSynced [###MegaShellExtSynced] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\MOMAIB\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSyncing [###MegaShellExtSyncing] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\MOMAIB\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll ©
---\\ ShareTools MSconfig StartupReg (26) - 1s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O53 - SMSR:HKLM\...\startupreg\BlueStacks Agent [Key] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe ©
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe ©
O53 - SMSR:HKLM\...\startupreg\EADM [Key] . (...) -- C:\Program Files\Origin\Origin.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\eRclient [Key] . (...) -- C:\Users\MOMAIB\AppData\Roaming\eRclient\eRclient.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (...) -- C:\Windows\system32\hkcmd.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (...) -- C:\Windows\system32\igfxtray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\InstallerLauncher [Key] . (...) -- C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\IP Hider Pro [Key] . (...) -- C:\Program Files\IP Hider Pro\IPHiderPro.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe ©
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (...) -- C:\Program Files\Microsoft Security Client\msseces.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (...) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Overwolf [Key] . (...) -- C:\Program Files\Overwolf\Overwolf.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (...) -- C:\Windows\system32\igfxpers.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Premium Sound Software for HP Thin USB Powered Speakers [Key] . (...) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSound_HPSm.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Qsocial [Key] . (...) -- C:\Program Files\QSocial\QSocial.exe
O53 - SMSR:HKLM\...\startupreg\RIMBBLaunchAgent.exe [Key] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe ©
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ©
O53 - SMSR:HKLM\...\startupreg\Software Informer [Key] . (...) -- C:\Program Files\Software Informer\softinfo.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SoundMAXPnP [Key] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe ©
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe ©
O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O53 - SMSR:HKLM\...\startupreg\VMware Netlink 3 HV Install Utility [Key] . (...) -- C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Voobly [Key] . (.Voobly - Voobly.) -- C:\Program Files\Voobly\voobly.exe ©
---\\ System Drivers List (67) - 6s
O58 - SDL:2014/12/16 06:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\2F5D0550.sys [114904] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [85856] ©
O58 - SDL:2009/05/18 14:32:58 A . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys [381440] ©
O58 - SDL:2015/07/10 09:24:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1038176] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [75104] ©
O58 - SDL:2015/07/10 09:24:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [215392] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [22880] ©
O58 - SDL:2015/07/10 09:24:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [116576] ©
O58 - SDL:2012/11/08 12:41:32 A . (.ASMedia Technology Inc - ASMedia USB3 Hub Driver.) -- C:\WINDOWS\System32\drivers\asmthub3.sys [110920] ©
O58 - SDL:2012/11/08 12:41:32 A . (.ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver.) -- C:\WINDOWS\System32\drivers\asmtxhci.sys [333128] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [16088] ©
O58 - SDL:2012/03/08 10:09:40 A . (.Broadcom Corporation - Broadcom NetXtreme II Diagnostic Driver.) -- C:\WINDOWS\System32\drivers\bxdiagx.sys [75816] ©
O58 - SDL:2012/02/22 17:05:54 A . (.Broadcom Corporation - FCoE offload x86 FREE.) -- C:\WINDOWS\System32\drivers\bxfcoe.sys [150568] ©
O58 - SDL:2012/02/22 17:33:32 A . (.Broadcom Corporation - iSCSI offload x86 FREE.) -- C:\WINDOWS\System32\drivers\bxois.sys [435240] ©
O58 - SDL:2014/07/06 21:03:08 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128] ©
O58 - SDL:2015/07/10 09:24:19 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\WINDOWS\System32\drivers\e1i6332.sys [397336] ©
O58 - SDL:2012/07/24 20:58:00 A . (.Etron Technology Inc - Etron eXtensible Hub Driver..) -- C:\WINDOWS\System32\drivers\EtronHub3.sys [65152] ©
O58 - SDL:2012/07/24 20:58:00 A . (.Etron Technology Inc - Etron Enhance USB Mass Storage Driver..) -- C:\WINDOWS\System32\drivers\EtronSTOR.sys [32512] ©
O58 - SDL:2012/07/24 20:58:00 A . (.Etron Technology Inc - Etron eXtensible Host Controller Driver..) -- C:\WINDOWS\System32\drivers\EtronXHCI.sys [88832] ©
O58 - SDL:2007/08/09 05:06:40 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [23424] ©
O58 - SDL:2009/10/12 16:22:56 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys [101120] ©
O58 - SDL:2009/12/07 20:53:18 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [103168] ©
O58 - SDL:2009/12/07 20:36:48 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [201168] ©
O58 - SDL:2012/10/03 17:14:58 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26840] ©
O58 - SDL:2009/06/24 05:28:12 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECI.sys [40832] ©
O58 - SDL:2015/08/18 13:20:45 A . (.© 2014 SurfRight B.V. - HitmanPro 3.7 Support Driver.) -- C:\WINDOWS\System32\drivers\hitmanpro37.sys [35992] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [56672] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\WINDOWS\System32\drivers\iaiogpio.sys [22016] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\WINDOWS\System32\drivers\iaioi2c.sys [61936] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [524640] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [333664] ©
O58 - SDL:2015/06/12 03:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [123968] ©
O58 - SDL:2012/03/23 19:09:38 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd32.sys [9036288] ©
O58 - SDL:2012/12/21 06:44:10 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\WINDOWS\System32\drivers\iusb3hub.sys [359560] ©
O58 - SDL:2012/12/21 06:44:10 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\WINDOWS\System32\drivers\iusb3xhc.sys [792712] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [94048] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [88928] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [83296] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [69472] ©
O58 - SDL:2015/06/18 08:41:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] ©
O58 - SDL:2015/06/18 08:41:42 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [94936] ©
O58 - SDL:2015/08/16 14:02:33 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [98520] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [52064] ©
O58 - SDL:2015/07/10 09:24:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [464736] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [58208] ©
O58 - SDL:2015/06/18 08:41:58 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [51928] ©
O58 - SDL:2010/06/25 18:07:14 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35088] ©
O58 - SDL:2011/10/25 18:57:14 A . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\WINDOWS\System32\drivers\nusb3hub.sys [73984] ©
O58 - SDL:2011/10/25 18:57:14 A . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\WINDOWS\System32\drivers\nusb3xhc.sys [165120] ©
O58 - SDL:2015/07/10 09:24:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [119136] ©
O58 - SDL:2015/07/10 09:24:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [142176] ©
O58 - SDL:2012/10/17 15:53:46 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [19072] ©
O58 - SDL:2015/07/10 09:24:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [51040] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [51552] ©
O58 - SDL:2012/12/10 16:48:12 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\WINDOWS\System32\drivers\RimSerial.sys [35840] ©
O58 - SDL:2015/07/23 02:08:28 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\WINDOWS\System32\drivers\scdemu.sys [114304] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [41312] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [79200] ©
O58 - SDL:2009/11/10 16:28:44 A . (.Copyright (C) 2008 SRS Labs, Inc. - SRS Premium Sound driver.) -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys [246000]
O58 - SDL:2014/01/22 09:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [88576] ©
O58 - SDL:2014/01/22 09:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [184192] ©
O58 - SDL:2014/01/22 09:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\WINDOWS\System32\drivers\ssudserd.sys [184192] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [26976] ©
O58 - SDL:2015/07/10 09:24:28 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [31744]
O58 - SDL:2015/07/10 09:24:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [149856] ©
O58 - SDL:2015/07/10 09:24:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [276832] ©
O58 - SDL:2012/02/22 15:27:02 A . (.Bigfoot Networks, Inc. - Bigfoot Networks Killer(TM) PCI-E Gaming Ad.) -- C:\WINDOWS\System32\drivers\Xeno7x86.sys [130152] ©
---\\ Last modified or created user files (3) - 33s
O61 - LFC: 2015/10/24 05:15:11 A . (..) -- C:\Users\MOMAIB\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2015/10/19 13:50:31 A . (..) -- C:\Users\MOMAIB\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635808516723895165.bin [13916]
O61 - LFC: 2015/10/24 12:14:13 A . (..) -- C:\Users\MOMAIB\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
---\\ File Associations Shell Spawning (9) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
---\\ Search Browser Infection (14) - 12s
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("browser.startup.homepage", "http://www.oursurfing.com/?type=hp&ts=1442404064&z=5ab86231e1e7cedefb5b239g5z1zdo1z1e5z0eeq[...] =>PUP.Optional.OurSurfing
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledUrls.expiration",[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledUrls.value", "%7B[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledWithHash.expirati[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledWithHash.value", [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_notBundledArr_.expiratio[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_notBundledArr_.value", "[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_regBundledWithSoftware.e[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_regBundledWithSoftware.v[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.name", "SavePass v2.2"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.crossrider.bic", "14fd6045810ade1931296d0068bf5f97"); =>PUP.Optional.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (42) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [161792] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [161792] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [218112] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1195520] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [737792] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [838656] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [25088] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [75776] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [116224] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [87040] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [822272] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [183808] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [105984] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [243712] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [312320] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [68096] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [1543680] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll [129024] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [143360] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\Windows\System32\dcpsvc.dll [152064] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [185344] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [549376] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [53760] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [807936] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [236032] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [22528] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\Windows\System32\RDXService.dll [733184] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [307200] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [193024] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [520192] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [93184] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [587264] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [410112] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [57344] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [392704] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [254976] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1829376] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [802816] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [544768] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [733696] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [165376] ©
---\\ Firewall Active Exception List (12) - 3s
O87 - FAEL: "UDP Query User{103DB17D-ED61-4C9A-B0D7-2A86038C31CA}C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe" [In-None-P17-TRUE] .(...) -- C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe
O87 - FAEL: "TCP Query User{95A932C2-FA8D-4E0A-953F-E646DAA8D1F1}C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe" [In-None-P6-TRUE] .(...) -- C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe
O87 - FAEL: "UDP Query User{0573B8E1-84D9-4A7B-A7DE-06A6283DEE29}C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe" [In-None-P17-TRUE] .(.Rebtel Networks AB - RebtelPhone.) -- C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe
O87 - FAEL: "TCP Query User{E1E89CA3-7676-4409-90CB-A73ADEC9E635}C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe" [In-None-P6-TRUE] .(.Rebtel Networks AB - RebtelPhone.) -- C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe
O87 - FAEL: "{C1B335DA-5395-4681-BA33-05C9D93036D0}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{BDAED6ED-0965-40AB-AB65-DF30AA65FEBC}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{4269A74A-29B2-4AD3-BAE7-2AE2860D6127}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{93306D2D-C340-450C-A9B3-F178751F518E}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{1D61A832-E1CF-4978-B189-406819FD0DD7}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P6-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
O87 - FAEL: "UDP Query User{E01FCAB6-9676-4142-8A22-ECDA324EE908}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P17-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
O87 - FAEL: "TCP Query User{CC3316F4-3DA1-46B3-BC25-2AE1F6D4D8B2}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P6-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
O87 - FAEL: "UDP Query User{19520800-C378-4008-909C-8E82982706D1}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P17-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (24) - 30s
SR - Auto [2015/09/14 09:25:38] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [2015/10/17 15:14:13] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [2008/07/15 14:09:52] [ 90112] @oem131.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.EXE ©
SR - Auto [2011/07/28 18:35:44] [ 262144] Arp Intelligent Protection Service (AIPS) . (.Arcai.com.) - C:\Program Files\netcut\services\aips.exe ©
SR - Auto [2015/05/29 18:51:26] [ 60744] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
SS - Demand [2013/01/18 18:10:18] [ 577536] Blackberry Device Manager (Blackberry Device Manager) . (.Research In Motion Limited.) - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe ©
SR - Auto [2011/08/31 00:05:02] [ 390504] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe ©
SS - Auto [2014/12/12 14:29:12] [ 409304] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe ©
SR - Auto [2014/12/12 14:29:42] [ 388824] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe ©
SR - Auto [2014/12/12 14:31:34] [ 786136] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-UpdaterService.exe ©
SS - Demand [2014/06/20 20:58:49] [ 654848] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe ©
SS - Auto [2015/02/03 03:07:25] [ 107912] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/02/03 03:07:25] [ 107912] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
SR - Demand [2015/08/13 02:43:28] [ 541968] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe ©
SS - Disabled [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2015/08/09 17:01:40] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe ©
SR - Auto [2015/08/17 12:42:57] [ 7548928] Qsocial Service (QsocialUpdater) . (...) - C:\Program Files\QSocial\QSocial_Updater.exe
SS - Demand [2010/06/25 18:07:20] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe ©
SS - Demand [2013/04/18 12:06:42] [ 737616] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe ©
SS - Auto [2015/01/02 20:45:12] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe ©
SS - Auto [2015/08/06 11:40:58] [ 580144] Wise Boot Assistant (WiseBootAssistant) . (.WiseCleaner.com.) - C:\Program Files\Wise\Wise Care 365\BootTime.exe ©
SS - Demand [2015/05/07 18:03:40] [ 13264] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo32.dll ©
---\\ Additional Scan (O88) (42) - 0s
C:\ProgramData\rvlkl\rvlkl.exe =>PUP.Optional.RelevantKnowledge
C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\searchplugins\findit.xml =>PUP.Optional.SmartBar
C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml =>PUP.Optional.SmartBar
C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
HKLM\SOFTWARE\0968be64-279e-4848-8623-30fa42e5f57b =>PUP.Optional.CrossRider
HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\oursurfingSoftware =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKLM\SOFTWARE\searchult =>PUP.Optional.Generic
HKLM\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV16.09-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\SavePass 1.1 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
C:\Program Files\cce98bbb-5151-42aa-9461-de1d152a01b3 =>PUP.Optional.CrossRider
C:\Program Files\fchk32 =>PUP.Optional.Amonetize
C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files\GoHD =>PUP.Optional.CrossRider
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files\Ski Search =>PUP.Optional.SkiSearch
C:\ProgramData\ExtTag =>PUP.Optional.ExtTag
C:\ProgramData\ExtTags =>PUP.Optional.ExtTag
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\rvlkl =>PUP.Optional.RelevantKnowledge
C:\Users\MOMAIB\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\MOMAIB\AppData\Local\SysassistByHotWheel =>PUP.Optional.Generic
C:\WINDOWS\Prefetch\RVLKL.EXE-4346CD87.pf =>PUP.Optional.RelevantKnowledge
---\\ Summary of the elements found (15) - 0s
http://www.nicolascoolman.fr/adware-relevantknowledge/ =>PUP.Optional.RelevantKnowledge
http://www.nicolascoolman.fr/blog =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic
http://www.nicolascoolman.fr/pup-optional-skisearch/ =>PUP.Optional.SkiSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/pup-amonetize/ =>PUP.Optional.Amonetize
http://www.nicolascoolman.fr/pup-kmspico/ =>HackTool.KMSpico
http://www.nicolascoolman.fr/pup-optional-exttag =>PUP.Optional.ExtTag
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS
http://www.nicolascoolman.fr/blog =>PUP.Optional.Monetization
~ End of the scan, 44831 items in 198 seconds (1303)(0)()
~ Run by MOMAIB (Administrator) (2015/10/24 14:18:18)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\MOMAIB\Desktop\ZHPDiag.txt
~ Report: C:\Users\MOMAIB\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 10 Pro, 32-bit (Build 10240)
---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v45.0.2454.101
MFIE: Mozilla Firefox 39.0.3 (x86 en-US) v39.0.3
MSIE: Internet Explorer v11.0.10240.16431
---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (3) - 3s
Malwarebytes Anti-Malware version 2.1.8.1057
Microsoft Security Client v4.8.0204.0
Windows Defender (Deactivate)
---\\ System optimization software (1) - 3s
CCleaner v5.03
---\\ Surveillance software (2) - 3s
Adobe Flash Player 19 NPAPI
Adobe Acrobat Reader DC - Français
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3089.728 MB (39% free)
~ System Restore: Activé (Enable)
~ System drive C: has 22 GB free of 204 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: MOMAIB-PC
~ User Name: MOMAIB
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 22 GB free of 204 GB (System)
~ Drive D: has 0 GB free of 272 GB
---\\ State of the Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (23) - 5s
[MD5.B3F90790F991A5A21113B58EE50FA696] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [4048808] ©
[MD5.543C8A2961F38C20438A61B9455E914C] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [53760] ©
[MD5.43A465F658A66CF051C443947420B3E8] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\WINDOWS\System32\Wininit.exe [191144] ©
[MD5.73FC0143E518D8DB7AFE9675F4AF8063] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [2207232] ©
[MD5.72BABD33125885F826CE9CFCCF012CC4] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [490496] ©
[MD5.109CCF5163D6C397CF2E39408431B402] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\WINDOWS\System32\sppcomapi.dll [419328] ©
[MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [534064] ©
[MD5.C5E1DEF4FE031F6CD59AF5E46165F5A8] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [479072] ©
[MD5.8A2FA4E32D4949DA60D900BF495D5801] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [23392] ©
[MD5.45825ED9F218A1601253620BF516171E] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [74752] ©
[MD5.F9859843E5ABAB82E63CC3AA0FC50CF0] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [130560] ©
[MD5.FF2FAE24F70AC0501C59C20136A333DD] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [104960] ©
[MD5.D102A17D9A1B5D6205D9945835DCE21E] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [72704] ©
[MD5.4AFC7F3F691B8259B41712917808F35B] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [90624] ©
[MD5.48B70CFC8132E60A009F500B181EB91A] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [124416] ©
[MD5.0AFDF5734DAF0D1438802CF22238518C] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [343552] ©
[MD5.F60AE46F9B244F3FF02BFE0DF8DBFF86] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [216576] ©
[MD5.E42F80FB4C1A06EF4B071608571F5155] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [1808224] ©
[MD5.D2377D0CCC9396F37FACCF4AA9E0220A] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [81408] ©
[MD5.DCACCE3F3FF364F228E4197DC435A503] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [81408] ©
[MD5.86D46542F5B4CF19949A9D88F62F03CE] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [132608] ©
[MD5.35C4DBFAE5E7C4A5F53CAF94C23F0E82] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [95072] ©
[MD5.12999D4773D8034431795440A3DF910A] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [342368] ©
---\\ Process running (31) - 1s
[MD5.2870CE9BFD6BA66FB0FFC6D11C9E41A7] - (.Arcai.com - Arp Intelligent Protection Service.) -- C:\Program Files\netcut\services\aips.exe [262144] [PID.1632] ©
[MD5.F6CEFEF46986DE02A3AE5D93AE32B5DC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.460] ©
[MD5.4DC6B0772D1698F04FC79053A21C8260] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\AEADISRV.EXE [90112] [PID.552] ©
[MD5.2F2BD5EFFA8E91295F4DB493D85534B5] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [60744] [PID.624] ©
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.484] ©
[MD5.6782337A0A679DA909C1D2524E46433F] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe [388824] [PID.1208] ©
[MD5.6F220928AC68325AB50532EFBF5CB52B] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) -- C:\Program Files\BlueStacks\HD-UpdaterService.exe [786136] [PID.1428] ©
[MD5.BAADB247AF790439EA1C04008B907CF6] - (...) -- C:\Program Files\QSocial\QSocial_Updater.exe [7548928] [PID.2596]
[MD5.F172AD4E906D97ED8F071896FC6789DC] - (.Google Inc. - Google Installer.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] [PID.3972] ©
[MD5.7686690C40B41423273C31F0075332B7] - (.WiseCleaner.com - Wise System Monitor.) -- C:\Program Files\Wise\Wise System Monitor\WiseSystemMonitor.exe [3323952] [PID.3988] ©
[MD5.CB8C1CC4F46FBAC78150754D77460C73] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe [230792] [PID.4092] ©
[MD5.AE543176A07B4C39F86BDE74FC9391E6] - (.Logixoft - Revealer Keylogger Free.) -- C:\ProgramData\rvlkl\rvlkl.exe [375360] [PID.4268] =>PUP.Optional.RelevantKnowledge
[MD5.AFD15F701B550037FFDDE6B18171479D] - (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816] [PID.4324] ©
[MD5.D1B2FADBF98C2B7A53893B939802004B] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [157968] [PID.4400] ©
[MD5.E4085C9692976E98DC081828485BDE48] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3911248] [PID.4444] ©
[MD5.1AA479D2A100ACFDE3A7B7B2D6E53DC0] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [541968] [PID.4744] ©
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3616] ©
[MD5.A8C1BF646DD0168E81AFAA9662CCD843] - (...) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\updater\ace_update.exe [22824] [PID.2148]
[MD5.E693A24FD65B259131B8894A2D870DF2] - (...) -- C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x86__8wekyb3d8bbwe\Calculator.exe [2836992] [PID.2860]
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.3880] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.5588] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.3520] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.700] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.748] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.4672] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.5812] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.3456] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.7840] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.2264] ©
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [815944] [PID.6368] ©
[MD5.231AE3BE35DFA790FE484CCA354BCD15] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\MOMAIB\Desktop\ZHPDiag3.exe [1958912] [PID.8144] ©
---\\ Google Chrome, Start,Search,Extensions (12) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.facebook.com
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bigefpfhnfcobdlfbedofhhaibnlghod] MEGA
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [elioihkkcdgakfbahdoddophfngopipi] Photo Zoom for Facebook
G2 - GCE: Preference [User Data\Default] [gffkhmkbijdmbncaoclaclldnbndflck] Wolf and the Ice Planet
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (25) - 2s
M0 - MFSP: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] http://www.oursurfing.com/?type=hp&ts=1442404064&z=5ab86231e1e7cedefb5b239g5z1zdo1z1e5z0eeq1c&from=amt&uid=ST3500418AS_5VM519LDXXXX5VM519LD =>PUP.Optional.OurSurfing
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.FRA
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\elemhidehelper@adblockplus.org.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\firefox@mega.co.nz.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\info@youtube-mp3.org.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\whodeletedme@deleted.io.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
P2 - EXT FILE: (...) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\searchplugins\findit.xml =>PUP.Optional.SmartBar
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml =>PUP.Optional.SmartBar
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (.OB - SavePass 1.1.) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\389579c4-efa9-4d96-a1dd-3c86f7bd1a51@gmail.com
P2 - EXT: (. - 018f31601a6f465084fdaad8c13609c8.) -- C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\extensions\{018f3160-1a6f-4650-84fd-aad8c13609c8}
P2 - FPN: [HKCU] [@acestream.net/acestreamplugin,version=3.1.0] - (.Innovative Digital Technologies.) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\player\npace_plugin.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_19_0_0_226.dll ©
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ©
P2 - FPN: [HKLM] [@RIM.com/WebSLLauncher,version=1.0] - (.Research In Motion.) -- C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ©
---\\ Internet Explorer Extensions, Start, Search (10) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTxkij9_Bw56VMFZJr47C0zjXs2DH2uYqt4puxQ8bpwNTZc-gM0BeB5XHumrUebfwrQhHj43ZMvr5gwgFqfJDgsbiEUj3gfpqO7Slibo9-dE5Lhoe29sea8mOTxzbNDwQ9oI5Y8LUDArfjCRraA1krLtzAoKU8XtGAI5-
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://%66%65%65%64.%73%6f%6e%69%63-%73%65%61%72%63%68.%63%6f%6d/?p=mko_awfzxipyrahdgkbutxkij9_bw56vmfzjr47c0zjxs2dh2uyqt4puxq8bpwntzc-gm0beb5xhumruebfwrqhhj43zmvr5gwgfqfjdgsodvzcxopp8rinui6rlc8aawbmhhybqcd-hxsxgzcwd4ymgc-slndgevkwumnmjli4v-z26djolzeg6&q={searchterms}
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©
---\\ Hosts file redirection (2) - 0s
31.13
~ Le fichier hôte est sain (The hosts file is clean) (49)
---\\ Browser Helper Object (BHO) (5) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll ©
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll ©
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ©
---\\ Auto loading programs from Registry and folders (26) - 1s
O4 - HKLM\..\Run: [Qsocial] C:\Program Files\QSocial\ /auto (.not file.)
O4 - HKLM\..\Run: [SoundMAXPnP] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe ©
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe ©
O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE ©
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKCU\..\Run: [Qsocial] . (...) -- C:\Program Files\QSocial\QSocial.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe ©
O4 - HKCU\..\Run: [FreeAC] . (.Comfort Software Group - Free Alarm Clock.) -- C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
O4 - HKCU\..\Run: [WaterWarner] . (...) -- C:\Program Files\WaterWarner\WaterWarner.lnk
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [AceStream] . (...) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\engine\ace_engine.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\System32\OneDriveSetup.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [Qsocial] . (...) -- C:\Program Files\QSocial\QSocial.exe
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [FreeAC] . (.Comfort Software Group - Free Alarm Clock.) -- C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [WaterWarner] . (...) -- C:\Program Files\WaterWarner\WaterWarner.lnk
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\OneDrive.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe ©
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-2674939989-929359133-1117883083-1001\..\Run: [AceStream] . (...) -- C:\Users\MOMAIB\AppData\Roaming\ACEStream\engine\ace_engine.exe
---\\ Lop.com/Domain Hijackers (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 212.217.0.12 212.217.1.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 62.251.230.241 212.217.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 212.217.0.12 212.217.1.12
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 62.251.230.241 212.217.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
---\\ Extra protocols (26) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL ©
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\System32\tbauth.dll ©
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll ©
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll ©
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL ©
---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\ProgramData\ExtTag\laqrtny0.dll (.not file.)
---\\ Non Microsoft non disabled Windows Services (13) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: @oem131.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) - C:\Windows\System32\AEADISRV.EXE ©
O23 - Service: Arp Intelligent Protection Service (AIPS) . (.Arcai.com - Arp Intelligent Protection Service.) - C:\Program Files\netcut\services\aips.exe ©
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe ©
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files\BlueStacks\HD-Service.exe ©
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe ©
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files\BlueStacks\HD-UpdaterService.exe ©
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: Qsocial Service (QsocialUpdater) . (...) - C:\Program Files\QSocial\QSocial_Updater.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe ©
O23 - Service: Wise Boot Assistant (WiseBootAssistant) . (.WiseCleaner.com - Wise BootTime Service.) - C:\Program Files\Wise\Wise Care 365\BootTime.exe ©
---\\ Task Planned Automatically (37) - 4s
[MD5.83371B8890405945A712BC37584B4689] [APT] [3dxvfef2] (...) -- C:\Program Files\Common Files\sjpvbho0\6563ca0n31ajr.exe [54784]
[MD5.2EED3542F86F77D56569504B37C8108A] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1045720] ©
[MD5.8C194A201698B4B4F77D974549819D1F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.2B24F194FC5B657397ECB2923A68350E] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5503768] ©
[MD5.F172AD4E906D97ED8F071896FC6789DC] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] ©
[MD5.F172AD4E906D97ED8F071896FC6789DC] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] ©
[MD5.432B6BB30A6B1B9EF03F3125AB7DCD0D] [APT] [snf] (...) -- C:\ProgramData\ExtTag\sqlq4hm0.exe [4096]
[MD5.432B6BB30A6B1B9EF03F3125AB7DCD0D] [APT] [snp] (...) -- C:\ProgramData\ExtTag\sqlq4hm0.exe [4096]
[MD5.45042BE9FD94BBA8306D354696CA4E3B] [APT] [Wise Care 365] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2343984] ©
[MD5.B77EA52A2F5C975B7EDCA233BFACBBD8] [APT] [Wise Care 365 PC Checkup Task] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise Care 365\WiseCare365.exe [7947208] ©
[MD5.45042BE9FD94BBA8306D354696CA4E3B] [APT] [Wise Care 365.job] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2343984] ©
[MD5.7686690C40B41423273C31F0075332B7] [APT] [Wise System Monitor] (.WiseCleaner.com.) -- C:\Program Files\Wise\Wise System Monitor\WiseSystemMonitor.exe [3323952] ©
[MD5.83371B8890405945A712BC37584B4689] [APT] [xkyug0yw] (...) -- C:\Program Files\Common Files\ybsp5dr5\1f8bbrpvwi3tc.exe [54784]
[MD5.83371B8890405945A712BC37584B4689] [APT] [ylufljbb] (...) -- C:\Program Files\Common Files\k4kk0tuj\a872dokv2vxg5.exe [54784]
[MD5.83371B8890405945A712BC37584B4689] [APT] [z5db54ol] (...) -- C:\Program Files\Common Files\v2yc4kcu\7b6ccdg1t2ozo.exe [54784]
[MD5.71DCFA65CC4349CF08BFFF7A14D8BAE4] [APT] [{36B4D59D-3338-40A5-AA12-350D833755BB}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [815944] ©
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [882] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [886] ©
O39 - APT: Wise Care 365 - (.WiseCleaner.com.) -- C:\WINDOWS\Tasks\Wise Care 365.job [400] ©
O39 - APT: Wise System Monitor - (.WiseCleaner.com.) -- C:\WINDOWS\Tasks\Wise System Monitor.job [440] ©
O39 - APT: 3dxvfef2 - (...) -- C:\WINDOWS\System32\Tasks\3dxvfef2 [3208]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3960] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3804] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2884] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3740] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3992] ©
O39 - APT: snf - (...) -- C:\WINDOWS\System32\Tasks\snf [3172]
O39 - APT: snp - (...) -- C:\WINDOWS\System32\Tasks\snp [3534]
O39 - APT: Wise Care 365 - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise Care 365 [2938] ©
O39 - APT: Wise Care 365 PC Checkup Task - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise Care 365 PC Checkup Task [4132] ©
O39 - APT: Wise Care 365 - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise Care 365.job [3602] ©
O39 - APT: Wise System Monitor - (.WiseCleaner.com.) -- C:\WINDOWS\System32\Tasks\Wise System Monitor [2978] ©
O39 - APT: xkyug0yw - (...) -- C:\WINDOWS\System32\Tasks\xkyug0yw [3208]
O39 - APT: ylufljbb - (...) -- C:\WINDOWS\System32\Tasks\ylufljbb [3208]
O39 - APT: z5db54ol - (...) -- C:\WINDOWS\System32\Tasks\z5db54ol [3208]
---\\ Software installed (128) - 16s
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0 - (.Nokia.) [HKLM] -- 17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382 ©
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Adobe Photoshop CS4 - (...) [HKLM] -- Adobe Photoshop CS4_is1
O42 - Logiciel: Microsoft Age of Empires II - (...) [HKLM] -- Age of Empires 2.0
O42 - Logiciel: Microsoft Age of Empires II: The Conquerors Expansion - (...) [HKLM] -- Age of Empires II: The Conquerors Expansion 1.0
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM] -- ASIO4ALL ©
O42 - Logiciel: Astroburn Lite - (.Disc Soft Ltd.) [HKLM] -- Astroburn Lite ©
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM] -- BlackBerry_Desktop ©
O42 - Logiciel: BlackBerry Device Manager 7.0 - (.Research In Motion Ltd..) [HKLM] -- BlackBerry_HandheldManager ©
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM] -- BlueStacks App Player ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner ©
O42 - Logiciel: CDisplayEx 1.10.29 - (.Progdigy Software S.A.R.L..) [HKLM] -- CDisplayEx_is1
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite ©
O42 - Logiciel: EyeLeo - (...) [HKLM] -- EyeLeo
O42 - Logiciel: FL Studio 12 - (.Image-Line.) [HKLM] -- FL Studio 12 ©
O42 - Logiciel: FL Studio ASIO - (.Image-Line.) [HKLM] -- FL Studio ASIO ©
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome ©
O42 - Logiciel: Guitar Pro 5.2 - (.Arobas Music.) [HKLM] -- Guitar Pro 5_is1 ©
O42 - Logiciel: Intel(R) Management Engine Interface - (.Intel Corporation.) [HKLM] -- HECI ©
O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM] -- IL Download Manager ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager ©
O42 - Logiciel: Internet Mobile - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Internet Mobile ©
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- League of Legends 3.0.1 ©
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM] -- MEGAsync ©
O42 - Logiciel: Mozilla Firefox 39.0.3 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 39.0.3 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService ©
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO ©
O42 - Logiciel: Qsocial - (.Qsocial.) [HKLM] -- Qsocial
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client ©
O42 - Logiciel: TechPowerUp GPU-Z - (.TechPowerUp.) [HKLM] -- TechPowerUp GPU-Z
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player ©
O42 - Logiciel: Voobly - (.Voobly.) [HKLM] -- Voobly_is1 ©
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst ©
O42 - Logiciel: WinRAR 5.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver ©
O42 - Logiciel: Wise Auto Shutdown 1.45 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Auto Shutdown_is1 ©
O42 - Logiciel: Wise Care 365 3.87 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise Care 365_is1 ©
O42 - Logiciel: Wise System Monitor 1.32 - (.WiseCleaner.com, Inc..) [HKLM] -- Wise System Monitor_is1 ©
O42 - Logiciel: YU-GI-OH ! STAREDITION 2010 - (.StarTeD.) [HKLM] -- YU-GI-OH ! STAREDITION 20101.0
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {025E78AC-BD91-4E9E-B165-3C09D4084BA4} ©
O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {04AF207D-9A77-465A-8B76-991F6AB66245} ©
O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} ©
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} ©
O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {14A5537C-3F8F-4681-A741-138D8515B8CC} ©
O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6} ©
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94} ©
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} ©
O42 - Logiciel: WinSoftMEsti - (.Adobe Systems Incorporated.) [HKLM] -- {1FFB45AE-120B-4A9D-A914-BE466C6BBB0A} ©
O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM] -- {212748BB-0DA5-46DE-82A1-403736DC9F27} ©
O42 - Logiciel: Skype™ 7.2 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: MPC-HC 1.7.8 - (.MPC-HC Team.) [HKLM] -- {2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1 ©
O42 - Logiciel: Java 7 Update 71 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF} ©
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {29373274-977E-413C-A4DE-DC0F8E80C429} ©
O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {293D5729-7C01-4FA4-A4DE-BB6A1587BBB9} ©
O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} ©
O42 - Logiciel: Inpaint 6.0 - (.Teorex.) [HKLM] -- {2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1 ©
O42 - Logiciel: Adobe Color EU Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {51846830-E7B2-4218-8968-B77F0FF475B8} ©
O42 - Logiciel: Free Picture Resizer version 1.0.1.2 - (.Free Picture Solutions.) [HKLM] -- {53076EED-5E5F-47D7-BB90-9B061B524D17}_is1
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {538227C6-C74B-4A74-99E1-2C0B4F9DA5E1} ©
O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078} ©
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} ©
O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B} ©
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B} ©
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} ©
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {6E3939AE-9996-4D07-9A30-14C78AE93576} ©
O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} ©
O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7678C8F6-1EEE-4832-8E22-199B01333ECC} ©
O42 - Logiciel: WaterWarner 0.1 - (.James, Ltd..) [HKLM] -- {77CA19C8-EB0D-413E-A1DB-94C23EBF86E7}_is1
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} ©
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} ©
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {79BF4901-1EC4-4726-B3C2-A7859706C6E7} ©
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM] -- {7FE25256-B7C1-480D-B736-10A67A833AEA} ©
O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {802771A9-A856-4A41-ACF7-1450E523C923} ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} ©
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} ©
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} ©
O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312} ©
O42 - Logiciel: Free Alarm Clock 3.1.0 - (.Comfort Software Group.) [HKLM] -- {8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3085500) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6A5F1709-91E6-479F-B09F-D7FC9D2404D8} ©
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0117-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3085500) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{6A5F1709-91E6-479F-B09F-D7FC9D2404D8} ©
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BF1B3F01-93F3-4B83-93DB-132EB1AED259} ©
O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95} ©
O42 - Logiciel: AMD Problem Report Wizard - (.Advanced Micro Devices, Inc..) [HKLM] -- {9021FF29-D705-75C8-D808-C45D796EBC7E} ©
O42 - Logiciel: Adobe Color NA Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {95655ED4-7CA5-46DF-907F-7144877A32E5} ©
O42 - Logiciel: Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.11761. - (.Microsoft Corporation.) [HKLM] -- {986E003C-E56D-5A47-110E-D3C81F0E8535} ©
O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} ©
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408} ©
O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C} ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824157129} ©
O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} ©
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} ©
O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} ©
O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D} ©
O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM] -- {BE5B0450-DCCB-4FE9-93E2-3B38D88A745B} ©
O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} ©
O42 - Logiciel: BlackBerry Device Manager 7.0 - (.Research In Motion Ltd..) [HKLM] -- {CBAB27F5-C326-410D-B789-3C7240D91D25} ©
O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} ©
O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C} ©
O42 - Logiciel: GTA San Andreas - (.Rockstar Games.) [HKLM] -- {D417C96A-FCC7-4590-A1BB-FAF73F5BC98E} ©
O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {D92B72E2-C854-4738-8ED6-4C3661CC17AE} ©
O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} ©
O42 - Logiciel: HydraVision - (.Advanced Micro Devices, Inc..) [HKLM] -- {DE89F007-B75E-368D-47D2-ADE9AF616261} ©
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} ©
O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8} ©
O42 - Logiciel: SoundMAX - (.Analog Devices.) [HKLM] -- {F0A37341-D692-11D4-A984-009027EC0A9C} ©
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: BlueStacks Notification Center - (.BlueStack Systems, Inc..) [HKLM] -- {FDB8F715-FC8D-4C20-B614-E0361BB69A17} ©
O42 - Logiciel: Ace Stream Media 3.1.0 - (.Ace Stream Media.) [HKCU] -- AceStream ©
O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU] -- GameRanger ©
O42 - Logiciel: PhotoFiltre Studio X - (...) [HKCU] -- PhotoFiltre Studio X
O42 - Logiciel: Qsocial - (.Qsocial.) [HKCU] -- Qsocial
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU] -- UnityWebPlayer ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent
---\\ HKCU & HKLM Software Keys (212) - 17s
HKLM\SOFTWARE\0968be64-279e-4848-8623-30fa42e5f57b =>PUP.Optional.CrossRider
HKLM\SOFTWARE\121_31
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Ahead
HKLM\SOFTWARE\Analog Devices
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\Arcai
HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Arobas Music
HKLM\SOFTWARE\ASIO
HKLM\SOFTWARE\ASIO4ALL
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\AVG
HKLM\SOFTWARE\BitDefender Parental Control
HKLM\SOFTWARE\BlueStacks
HKLM\SOFTWARE\Caphyon
HKLM\SOFTWARE\CBSTEST
HKLM\SOFTWARE\Client
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\Docudesk
HKLM\SOFTWARE\Extended Systems
HKLM\SOFTWARE\EyeLeo
HKLM\SOFTWARE\Forward Development
HKLM\SOFTWARE\Fraps
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\HitmanPro
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\IDM
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\Image-Line
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\IO Interactive
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KONAMI
HKLM\SOFTWARE\L&H
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\LogMeInRescueCallingCard
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Macrovision
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mtExtTag
HKLM\SOFTWARE\mtNimzap
HKLM\SOFTWARE\NCH Software
HKLM\SOFTWARE\NCH Swift Sound
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\Nokia
HKLM\SOFTWARE\NSIS.Library.RegTool.v3
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\OEM
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Origin Games
HKLM\SOFTWARE\oursurfingSoftware =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\Outsim
HKLM\SOFTWARE\PC Connectivity Solution
HKLM\SOFTWARE\PCSuite
HKLM\SOFTWARE\pictureresizer_setup
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\PowerISO
HKLM\SOFTWARE\Propellerhead Software
HKLM\SOFTWARE\Reason
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Research In Motion
HKLM\SOFTWARE\Riot Games
HKLM\SOFTWARE\Rockstar Games
HKLM\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKLM\SOFTWARE\searchult =>PUP.Optional.Generic
HKLM\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SoftVoice
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SonicFocus
HKLM\SOFTWARE\SOSVirus
HKLM\SOFTWARE\Syntrillium
HKLM\SOFTWARE\TeamSpeak 3 Client
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\ThinPrint
HKLM\SOFTWARE\tueagles
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\VMware, Inc.
HKLM\SOFTWARE\Voice
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\VST
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\WiseCleaner
HKLM\SOFTWARE\WOW6432Node
HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AceStream
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\Analog Devices
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Arcai.com
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Caphyon
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaP-1.9cV16.09-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ComfortSoftware
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Extended Systems
HKCU\SOFTWARE\FormatFactory
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GameRanger
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Image-Line
HKCU\SOFTWARE\IMDownloader
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\Integrator
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\L2j Community Network
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Logitech
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\mtExtTag
HKCU\SOFTWARE\mtNimzap
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\NCH Swift Sound
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nokia
HKCU\SOFTWARE\Noromaa Solutions
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\PhotoFiltre Studio X
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RDP
HKCU\SOFTWARE\Reason
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Research In Motion
HKCU\SOFTWARE\SAMP
HKCU\SOFTWARE\SavePass 1.1 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Skyshape
HKCU\SOFTWARE\Smart Soft
HKCU\SOFTWARE\SoftVoice
HKCU\SOFTWARE\Syntrillium
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\techPowerUp
HKCU\SOFTWARE\TeleCharger
HKCU\SOFTWARE\Teorex
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\undefined
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Voobly
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ZAR
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\lescifut
HKCU\SOFTWARE\AppDataLow\Software\Unity
HKCU\SOFTWARE\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
---\\ Contents of the Common Files folders (384) - 24s
O43 - CFD: 2015/04/10 02:24:44 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/09/17 03:22:06 - [] D -- C:\Program Files\AMD APP
O43 - CFD: 2015/08/02 03:09:40 - [] D -- C:\Program Files\Analog Devices
O43 - CFD: 2015/08/16 10:22:10 - [] D -- C:\Program Files\Anki
O43 - CFD: 2015/03/10 20:32:25 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2015/09/18 15:15:24 - [] D -- C:\Program Files\ASIO4ALL v2
O43 - CFD: 2014/10/20 20:49:16 - [] D -- C:\Program Files\Astroburn Lite
O43 - CFD: 2015/08/02 03:58:23 - [] D -- C:\Program Files\ATI Technologies
O43 - CFD: 2015/06/08 02:32:50 - [] D -- C:\Program Files\Auto Shutdown
O43 - CFD: 2015/08/16 12:16:55 - [] D -- C:\Program Files\baidu
O43 - CFD: 2015/01/07 12:41:17 - [] D -- C:\Program Files\BlueStacks
O43 - CFD: 2015/08/28 14:34:07 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2015/01/19 20:46:47 - [] D -- C:\Program Files\BrainWave Generator
O43 - CFD: 2015/08/13 18:41:09 - [0] D -- C:\Program Files\cce98bbb-5151-42aa-9461-de1d152a01b3 =>PUP.Optional.CrossRider
O43 - CFD: 2015/04/07 21:29:16 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2015/09/26 12:06:56 - [] D -- C:\Program Files\CDisplayEx
O43 - CFD: 2015/09/16 12:53:23 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2014/10/20 20:49:19 - [] D -- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 2015/01/04 20:17:22 - [] D -- C:\Program Files\DIFX
O43 - CFD: 2015/03/20 18:22:41 - [] D -- C:\Program Files\DSPRobotics
O43 - CFD: 2015/07/31 13:21:33 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/09/26 03:26:08 - [] D -- C:\Program Files\EyeLeo
O43 - CFD: 2015/08/16 12:21:43 - [] D -- C:\Program Files\fchk32 =>PUP.Optional.Amonetize
O43 - CFD: 2015/08/30 23:40:24 - [] D -- C:\Program Files\Free Picture Resizer
O43 - CFD: 2015/07/20 04:59:22 - [] D -- C:\Program Files\FreeAlarmClock
O43 - CFD: 2015/04/06 18:13:32 - [] D -- C:\Program Files\FreeTime
O43 - CFD: 2015/07/17 22:52:07 - [] D -- C:\Program Files\FROM_Monitor
O43 - CFD: 2015/09/17 12:57:03 - [] D -- C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/16 12:17:00 - [] D -- C:\Program Files\GoHD =>PUP.Optional.CrossRider
O43 - CFD: 2015/02/03 03:09:13 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/08/02 02:57:40 - [] D -- C:\Program Files\GPU-Z
O43 - CFD: 2014/10/20 20:49:19 - [] D -- C:\Program Files\Guitar Pro 5
O43 - CFD: 2015/04/13 23:47:55 - [] D -- C:\Program Files\Hitman Codename 47
O43 - CFD: 2015/08/16 11:32:16 - [0] D -- C:\Program Files\HitmanPro
O43 - CFD: 2015/09/18 15:15:26 - [] D -- C:\Program Files\Image-Line
O43 - CFD: 2015/05/03 17:20:12 - [] D -- C:\Program Files\Inpaint
O43 - CFD: 2015/08/02 03:09:33 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2014/11/13 14:01:33 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/10/09 16:35:19 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2015/08/07 17:13:22 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/03/25 12:26:55 - [] D -- C:\Program Files\Internet Mobile
O43 - CFD: 2015/08/28 14:36:53 - [] D -- C:\Program Files\iPod
O43 - CFD: 2015/08/28 14:37:37 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2014/10/31 22:39:33 - [] D -- C:\Program Files\Java
O43 - CFD: 2014/07/18 03:04:53 - [0] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 2015/08/16 10:25:33 - [0] D -- C:\Program Files\LG Electronics
O43 - CFD: 2015/08/16 10:50:16 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 2014/07/11 05:05:39 - [] D -- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 2015/07/31 13:21:34 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2015/08/24 14:23:23 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2014/12/22 01:32:06 - [] D -- C:\Program Files\Microsoft OneDrive
O43 - CFD: 2015/08/13 18:42:26 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2014/07/11 05:09:01 - [] D -- C:\Program Files\Microsoft SQL Server
O43 - CFD: 2014/12/22 01:37:27 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2014/06/23 00:14:57 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2015/07/31 13:21:35 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/10/05 02:27:37 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/08/13 18:42:26 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2015/02/13 02:44:05 - [] D -- C:\Program Files\MPC-HC
O43 - CFD: 2015/07/31 20:36:49 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2014/12/22 05:14:08 - [] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 2015/07/24 22:36:38 - [] D -- C:\Program Files\netcut
O43 - CFD: 2015/03/15 14:58:57 - [] D -- C:\Program Files\NetCutDefender
O43 - CFD: 2015/03/15 15:27:39 - [] D -- C:\Program Files\Nokia
O43 - CFD: 2015/06/05 10:58:04 - [] D -- C:\Program Files\NVIDIA Corporation
O43 - CFD: 2015/01/17 11:43:15 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/03/15 15:30:35 - [] D -- C:\Program Files\Origin
O43 - CFD: 2014/12/07 22:40:08 - [] D -- C:\Program Files\Origin Games
O43 - CFD: 2014/07/27 08:34:39 - [] D -- C:\Program Files\Outsim
O43 - CFD: 2015/01/04 20:17:16 - [] D -- C:\Program Files\PC Connectivity Solution
O43 - CFD: 2015/07/03 20:10:47 - [] D -- C:\Program Files\PhotoFiltre Studio X
O43 - CFD: 2015/08/30 23:39:06 - [] D -- C:\Program Files\pictureresizer_setup
O43 - CFD: 2014/08/08 15:49:55 - [] D -- C:\Program Files\Portforward.com
O43 - CFD: 2015/09/09 18:22:11 - [] D -- C:\Program Files\PowerISO
O43 - CFD: 2015/08/17 12:44:17 - [] D -- C:\Program Files\QSocial
O43 - CFD: 2015/06/21 14:47:56 - [0] D -- C:\Program Files\Reason
O43 - CFD: 2015/07/31 20:36:49 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/05/12 15:52:57 - [] D -- C:\Program Files\Research In Motion
O43 - CFD: 2015/03/20 15:11:33 - [] D -- C:\Program Files\ReviverSoft
O43 - CFD: 2014/08/03 05:17:20 - [] D -- C:\Program Files\Rockstar Games
O43 - CFD: 2015/05/21 22:56:49 - [] D -- C:\Program Files\Ski Search =>PUP.Optional.SkiSearch
O43 - CFD: 2015/06/05 11:00:06 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/05/28 00:28:50 - [] D -- C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 2015/07/10 10:55:46 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2014/11/09 21:32:07 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 2014/11/13 14:07:38 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2015/07/16 04:17:40 - [] D -- C:\Program Files\Voobly
O43 - CFD: 2015/09/18 15:14:01 - [] D -- C:\Program Files\VstPlugins
O43 - CFD: 2015/07/27 13:01:06 - [] D -- C:\Program Files\WaterWarner
O43 - CFD: 2015/08/03 17:57:49 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2015/09/09 13:53:18 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2014/12/22 01:50:12 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2015/07/31 13:21:36 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/08/03 17:57:49 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 2015/07/10 09:28:23 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2015/08/03 17:57:49 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2015/07/31 13:21:37 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 2015/10/23 12:26:58 - [] HD -- C:\Program Files\WindowsApps
O43 - CFD: 2015/07/10 09:28:23 - [] SD -- C:\Program Files\WindowsPowerShell
O43 - CFD: 2015/07/15 04:24:20 - [] D -- C:\Program Files\WinPcap
O43 - CFD: 2014/10/20 20:49:27 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/06/27 14:04:46 - [] D -- C:\Program Files\Wise
O43 - CFD: 2015/04/09 00:48:46 - [] D -- C:\Program Files\YU-GI-OH ! STAREDITION 2010
O43 - CFD: 2015/10/01 04:29:35 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/07/31 13:27:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/31 13:27:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 2015/08/02 03:58:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astroburn Lite
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/09/26 12:06:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Alarm Clock
O43 - CFD: 2015/08/30 23:40:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Picture Resizer
O43 - CFD: 2015/03/15 15:22:53 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 5
O43 - CFD: 2015/09/18 15:13:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inpaint
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Mobile
O43 - CFD: 2015/08/28 14:37:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/07/31 13:27:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/16 10:50:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/07/31 13:21:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medal of Honor™
O43 - CFD: 2015/07/31 13:21:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
O43 - CFD: 2015/10/14 03:55:46 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/08/12 11:34:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
O43 - CFD: 2015/09/09 18:22:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2015/07/31 13:21:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
O43 - CFD: 2015/07/31 13:21:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/08/17 13:03:55 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2015/07/10 09:28:25 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/07/10 11:49:43 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Capture Convert Split Merge Burn Studio
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voobly
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaterWarner
O43 - CFD: 2015/07/31 13:27:27 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown
O43 - CFD: 2015/10/03 18:04:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
O43 - CFD: 2015/07/31 13:27:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise System Monitor
O43 - CFD: 2015/02/03 00:31:13 - [] D -- C:\ProgramData\15110483129248663602
O43 - CFD: 2015/04/10 03:18:01 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2014/12/22 05:31:55 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 2015/03/10 20:32:20 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2015/03/10 20:33:23 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2014/06/30 22:02:45 - [] D -- C:\ProgramData\Astroburn Lite
O43 - CFD: 2014/09/27 22:57:52 - [] D -- C:\ProgramData\AutoHideIP
O43 - CFD: 2015/08/28 14:36:44 - [] D -- C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 2015/04/06 18:14:39 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 2014/06/20 12:14:54 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 2015/01/07 12:41:34 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 2015/03/15 15:12:56 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2014/07/27 08:39:37 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/07/10 09:28:23 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 2014/06/20 21:20:21 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2015/01/19 20:45:44 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/11/07 17:37:59 - [] SHD -- C:\ProgramData\DSS
O43 - CFD: 2014/06/20 14:37:00 - [] D -- C:\ProgramData\EA Core
O43 - CFD: 2014/06/20 15:02:54 - [] D -- C:\ProgramData\EA Logs
O43 - CFD: 2014/06/20 14:37:03 - [] D -- C:\ProgramData\Electronic Arts
O43 - CFD: 2015/08/16 12:17:01 - [] D -- C:\ProgramData\ExtTag =>PUP.Optional.ExtTag
O43 - CFD: 2015/08/15 22:56:46 - [] D -- C:\ProgramData\ExtTags =>PUP.Optional.ExtTag
O43 - CFD: 2015/07/31 13:37:52 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/06/27 14:02:41 - [] D -- C:\ProgramData\fbphhcmlhjedglhheehmleemhejnlcli
O43 - CFD: 2014/06/23 17:09:30 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2015/08/16 12:17:15 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 2014/06/20 03:03:03 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2014/09/22 17:20:30 - [] D -- C:\ProgramData\Informer Technologies, Inc
O43 - CFD: 2014/09/29 14:31:31 - [] D -- C:\ProgramData\Installations
O43 - CFD: 2015/01/18 14:35:22 - [] D -- C:\ProgramData\Internet Mobile
O43 - CFD: 2014/06/26 16:36:56 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2014/12/05 10:27:09 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/08/02 02:18:57 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/10/14 03:55:33 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/12/22 01:31:42 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 2014/07/11 06:07:53 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 2014/06/20 02:46:08 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/08/16 12:17:01 - [] D -- C:\ProgramData\Nimzap
O43 - CFD: 2015/08/15 21:47:39 - [] D -- C:\ProgramData\Nimzaps
O43 - CFD: 2015/01/07 11:59:40 - [0] D -- C:\ProgramData\Nokia
O43 - CFD: 2015/01/04 20:09:40 - [] D -- C:\ProgramData\NokiaInstallerCache
O43 - CFD: 2014/10/31 22:39:48 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/03/15 15:30:29 - [] D -- C:\ProgramData\Origin
O43 - CFD: 2014/09/29 14:34:12 - [] D -- C:\ProgramData\PC Suite
O43 - CFD: 2015/05/21 21:49:15 - [] D -- C:\ProgramData\Reason
O43 - CFD: 2015/08/24 14:25:05 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/01/15 13:30:39 - [] D -- C:\ProgramData\Research In Motion
O43 - CFD: 2015/05/09 20:08:23 - [0] D -- C:\ProgramData\Riot Games
O43 - CFD: 2015/08/17 13:03:54 - [] D -- C:\ProgramData\rvlkl =>PUP.Optional.RelevantKnowledge
O43 - CFD: 2015/03/25 02:35:34 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2015/08/03 06:50:50 - [] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 2015/08/02 03:09:41 - [] D -- C:\ProgramData\SonicFocus
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2014/10/31 04:03:39 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2014/07/30 14:24:28 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 2015/07/10 10:55:30 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/09/29 01:42:31 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 2014/07/02 19:40:16 - [] D -- C:\ProgramData\Ubisoft
O43 - CFD: 2015/07/10 10:56:39 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 2015/07/10 10:56:39 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 2015/05/30 11:20:06 - [] D -- C:\ProgramData\VMware
O43 - CFD: 2014/07/27 08:39:44 - [] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O43 - CFD: 2014/12/19 16:08:57 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2015/04/10 02:24:48 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2015/08/28 14:36:52 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2014/11/06 19:11:09 - [] D -- C:\Program Files\Common Files\Bitdefender
O43 - CFD: 2014/10/20 20:49:17 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2014/12/07 22:40:12 - [0] HD -- C:\Program Files\Common Files\EAInstaller
O43 - CFD: 2014/08/03 05:16:16 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2014/10/31 22:39:44 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\k4kk0tuj
O43 - CFD: 2014/06/20 20:58:49 - [] D -- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 2015/07/31 13:21:32 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2015/03/20 18:24:22 - [] D -- C:\Program Files\Common Files\Propellerhead Software
O43 - CFD: 2015/01/15 13:30:49 - [] D -- C:\Program Files\Common Files\Research In Motion
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\sjpvbho0
O43 - CFD: 2015/03/25 02:35:15 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2015/07/31 13:21:32 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/08/03 17:57:48 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\v2yc4kcu
O43 - CFD: 2014/12/22 01:30:29 - [] D -- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2015/01/15 13:30:43 - [] D -- C:\Program Files\Common Files\XCPCSync.OEM
O43 - CFD: 2015/08/15 21:28:37 - [] D -- C:\Program Files\Common Files\ybsp5dr5
O43 - CFD: 2015/09/27 04:51:00 - [] D -- C:\Users\MOMAIB\AppData\Roaming\.ACEStream
O43 - CFD: 2015/09/26 15:33:48 - [] D -- C:\Users\MOMAIB\AppData\Roaming\ACEStream
O43 - CFD: 2015/04/10 02:27:27 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Adobe
O43 - CFD: 2014/12/30 09:31:27 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Ahead
O43 - CFD: 2015/08/29 17:09:56 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Apple Computer
O43 - CFD: 2015/07/07 05:45:11 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Audacity
O43 - CFD: 2014/07/27 08:41:03 - [] D -- C:\Users\MOMAIB\AppData\Roaming\AVG
O43 - CFD: 2015/09/26 12:07:38 - [] D -- C:\Users\MOMAIB\AppData\Roaming\CDisplayEx
O43 - CFD: 2014/09/21 02:26:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Cool Record Edit Pro
O43 - CFD: 2015/08/16 11:30:57 - [] D -- C:\Users\MOMAIB\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/01/14 14:46:44 - [] D -- C:\Users\MOMAIB\AppData\Roaming\deskPDF Editor
O43 - CFD: 2015/01/14 14:53:38 - [] D -- C:\Users\MOMAIB\AppData\Roaming\deskUNPDF
O43 - CFD: 2015/10/24 05:15:09 - [] D -- C:\Users\MOMAIB\AppData\Roaming\DMCache
O43 - CFD: 2015/09/26 03:26:12 - [] D -- C:\Users\MOMAIB\AppData\Roaming\EyeLeo
O43 - CFD: 2014/12/19 16:06:52 - [] D -- C:\Users\MOMAIB\AppData\Roaming\FlowStone
O43 - CFD: 2015/01/14 14:22:28 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Free PDF to Word Converter
O43 - CFD: 2015/07/19 10:59:12 - [] D -- C:\Users\MOMAIB\AppData\Roaming\FROM_Monitor
O43 - CFD: 2014/06/30 01:44:05 - [] D -- C:\Users\MOMAIB\AppData\Roaming\GameRanger
O43 - CFD: 2015/07/03 21:44:40 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Identities
O43 - CFD: 2015/10/23 12:03:47 - [] D -- C:\Users\MOMAIB\AppData\Roaming\IDM
O43 - CFD: 2014/12/19 16:07:04 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Image-Line
O43 - CFD: 2015/08/02 03:09:25 - [] D -- C:\Users\MOMAIB\AppData\Roaming\InstallShield
O43 - CFD: 2015/08/16 10:25:29 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\LG Electronics
O43 - CFD: 2015/05/28 00:08:51 - [] D -- C:\Users\MOMAIB\AppData\Roaming\LolClient
O43 - CFD: 2014/06/20 03:40:50 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Macromedia
O43 - CFD: 2011/04/12 03:24:18 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/08/02 03:58:17 - [] SD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft
O43 - CFD: 2014/06/20 02:50:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Mozilla
O43 - CFD: 2015/02/13 02:57:49 - [] D -- C:\Users\MOMAIB\AppData\Roaming\MPC-HC
O43 - CFD: 2014/12/14 16:26:20 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Nokia
O43 - CFD: 2014/11/07 17:38:03 - [] D -- C:\Users\MOMAIB\AppData\Roaming\NVIDIA
O43 - CFD: 2015/01/17 11:43:12 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\Opera Software
O43 - CFD: 2014/06/20 12:16:48 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Origin
O43 - CFD: 2014/12/14 16:22:08 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PC Suite
O43 - CFD: 2014/08/20 17:48:13 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PFStaticIP
O43 - CFD: 2014/10/27 03:16:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PhotoFiltre
O43 - CFD: 2015/07/03 21:45:27 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PhotoFiltre Studio X
O43 - CFD: 2014/08/08 15:50:38 - [] D -- C:\Users\MOMAIB\AppData\Roaming\PortForward.com
O43 - CFD: 2015/08/15 22:15:07 - [] D -- C:\Users\MOMAIB\AppData\Roaming\ppslog
O43 - CFD: 2015/10/13 02:43:44 - [] D -- C:\Users\MOMAIB\AppData\Roaming\QSocial
O43 - CFD: 2014/06/20 02:50:34 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\QuickScan
O43 - CFD: 2015/01/15 13:38:57 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Research In Motion
O43 - CFD: 2015/05/09 20:03:50 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Riot Games
O43 - CFD: 2015/09/16 15:13:28 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Skype
O43 - CFD: 2015/01/14 14:19:55 - [] D -- C:\Users\MOMAIB\AppData\Roaming\sparta111
O43 - CFD: 2014/09/22 17:16:28 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Syntrillium
O43 - CFD: 2015/06/05 10:16:02 - [] D -- C:\Users\MOMAIB\AppData\Roaming\TeamViewer
O43 - CFD: 2014/07/11 00:51:37 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Thinstall
O43 - CFD: 2015/06/05 10:15:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\TS3Client
O43 - CFD: 2014/09/30 11:51:02 - [0] D -- C:\Users\MOMAIB\AppData\Roaming\TuneUp Software
O43 - CFD: 2014/07/02 19:40:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Ubisoft
O43 - CFD: 2014/08/01 20:39:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Unity
O43 - CFD: 2015/10/24 12:44:42 - [] D -- C:\Users\MOMAIB\AppData\Roaming\uTorrent
O43 - CFD: 2015/10/22 23:27:31 - [] D -- C:\Users\MOMAIB\AppData\Roaming\vlc
O43 - CFD: 2015/05/30 11:26:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\VMware
O43 - CFD: 2014/06/20 03:34:59 - [] D -- C:\Users\MOMAIB\AppData\Roaming\WinRAR
O43 - CFD: 2015/05/22 01:54:02 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Wise Auto Shutdown
O43 - CFD: 2015/10/24 07:03:00 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Wise Care 365
O43 - CFD: 2015/06/27 14:05:06 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Wise System Monitor
O43 - CFD: 2015/10/24 14:18:39 - [] D -- C:\Users\MOMAIB\AppData\Roaming\ZHP
O43 - CFD: 2014/08/02 04:50:32 - [] D -- C:\Users\MOMAIB\AppData\Local\24762
O43 - CFD: 2014/12/11 21:39:22 - [] D -- C:\Users\MOMAIB\AppData\Local\24811
O43 - CFD: 2015/08/13 18:48:24 - [] D -- C:\Users\MOMAIB\AppData\Local\7B1E190E-EDBC-4D24-9A95-BDCACDAF136B
O43 - CFD: 2015/07/14 17:12:20 - [] D -- C:\Users\MOMAIB\AppData\Local\Adobe
O43 - CFD: 2014/12/30 08:57:43 - [] D -- C:\Users\MOMAIB\AppData\Local\Ahead
O43 - CFD: 2015/03/10 20:32:28 - [] D -- C:\Users\MOMAIB\AppData\Local\Apple
O43 - CFD: 2015/03/10 20:34:49 - [] D -- C:\Users\MOMAIB\AppData\Local\Apple Computer
O43 - CFD: 2015/07/31 13:18:28 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\Application Data
O43 - CFD: 2015/01/11 13:24:48 - [] D -- C:\Users\MOMAIB\AppData\Local\Apps
O43 - CFD: 2014/07/27 08:41:03 - [] D -- C:\Users\MOMAIB\AppData\Local\AVG
O43 - CFD: 2015/01/07 12:40:14 - [] D -- C:\Users\MOMAIB\AppData\Local\Bluestacks
O43 - CFD: 2015/07/22 10:50:14 - [] D -- C:\Users\MOMAIB\AppData\Local\CEF
O43 - CFD: 2014/10/09 17:00:43 - [] D -- C:\Users\MOMAIB\AppData\Local\Chromium
O43 - CFD: 2015/07/31 14:25:15 - [] D -- C:\Users\MOMAIB\AppData\Local\Comms
O43 - CFD: 2015/08/16 11:29:11 - [0] D -- C:\Users\MOMAIB\AppData\Local\CrashDumps
O43 - CFD: 2015/09/08 07:31:24 - [0] D -- C:\Users\MOMAIB\AppData\Local\Diagnostics
O43 - CFD: 2015/02/13 02:06:02 - [] D -- C:\Users\MOMAIB\AppData\Local\Downloaded Installations
O43 - CFD: 2015/10/05 02:27:38 - [] D -- C:\Users\MOMAIB\AppData\Local\EAD7DE58-1439489549-11DD-BBDA-8112680F0024
O43 - CFD: 2014/12/15 00:23:14 - [] SHD -- C:\Users\MOMAIB\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/10/09 16:53:00 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\EmieSiteList
O43 - CFD: 2015/10/09 16:53:00 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\EmieUserList
O43 - CFD: 2014/06/20 14:38:16 - [] D -- C:\Users\MOMAIB\AppData\Local\ESN
O43 - CFD: 2015/08/30 23:42:21 - [] D -- C:\Users\MOMAIB\AppData\Local\Free_Picture_Solutions
O43 - CFD: 2015/09/16 12:52:47 - [] D -- C:\Users\MOMAIB\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
O43 - CFD: 2015/08/01 19:10:13 - [] D -- C:\Users\MOMAIB\AppData\Local\Google
O43 - CFD: 2015/06/01 23:31:01 - [] D -- C:\Users\MOMAIB\AppData\Local\GWX
O43 - CFD: 2015/07/31 13:18:28 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\History
O43 - CFD: 2015/08/16 10:25:29 - [0] D -- C:\Users\MOMAIB\AppData\Local\LG Electronics
O43 - CFD: 2014/06/20 03:40:50 - [] D -- C:\Users\MOMAIB\AppData\Local\Macromedia
O43 - CFD: 2014/07/11 16:59:43 - [] D -- C:\Users\MOMAIB\AppData\Local\Mega Limited
O43 - CFD: 2015/08/08 21:10:31 - [] D -- C:\Users\MOMAIB\AppData\Local\MEGAsync
O43 - CFD: 2015/09/30 14:27:49 - [] D -- C:\Users\MOMAIB\AppData\Local\Microsoft
O43 - CFD: 2014/07/17 04:50:04 - [] D -- C:\Users\MOMAIB\AppData\Local\Microsoft Games
O43 - CFD: 2015/06/02 20:35:24 - [] D -- C:\Users\MOMAIB\AppData\Local\Microsoft Help
O43 - CFD: 2015/07/31 13:46:04 - [] D -- C:\Users\MOMAIB\AppData\Local\MicrosoftEdge
O43 - CFD: 2015/02/18 12:46:46 - [] D -- C:\Users\MOMAIB\AppData\Local\Mozilla
O43 - CFD: 2015/01/05 08:18:27 - [] D -- C:\Users\MOMAIB\AppData\Local\Nokia
O43 - CFD: 2015/01/07 11:58:24 - [] D -- C:\Users\MOMAIB\AppData\Local\NokiaAccount
O43 - CFD: 2015/01/17 11:43:12 - [0] D -- C:\Users\MOMAIB\AppData\Local\Opera Software
O43 - CFD: 2015/10/13 19:26:38 - [] D -- C:\Users\MOMAIB\AppData\Local\Packages
O43 - CFD: 2015/08/01 19:05:57 - [0] D -- C:\Users\MOMAIB\AppData\Local\PeerDistRepub
O43 - CFD: 2014/06/20 04:28:48 - [] D -- C:\Users\MOMAIB\AppData\Local\Programs
O43 - CFD: 2015/07/31 13:41:51 - [] D -- C:\Users\MOMAIB\AppData\Local\Publishers
O43 - CFD: 2014/06/20 14:39:23 - [] D -- C:\Users\MOMAIB\AppData\Local\PunkBuster
O43 - CFD: 2015/01/15 13:32:27 - [] D -- C:\Users\MOMAIB\AppData\Local\Research In Motion
O43 - CFD: 2014/06/20 03:41:16 - [] D -- C:\Users\MOMAIB\AppData\Local\Skype
O43 - CFD: 2015/01/17 11:47:41 - [0] D -- C:\Users\MOMAIB\AppData\Local\Sparta
O43 - CFD: 2014/07/11 16:44:39 - [] D -- C:\Users\MOMAIB\AppData\Local\Spoon
O43 - CFD: 2015/02/13 02:08:22 - [] D -- C:\Users\MOMAIB\AppData\Local\SRS Labs
O43 - CFD: 2015/08/15 22:44:09 - [] D -- C:\Users\MOMAIB\AppData\Local\SysassistByHotWheel =>PUP.Optional.Generic
O43 - CFD: 2015/10/24 14:19:14 - [] D -- C:\Users\MOMAIB\AppData\Local\Temp
O43 - CFD: 2015/07/31 13:18:28 - [0] SHD -- C:\Users\MOMAIB\AppData\Local\Temporary Internet Files
O43 - CFD: 2014/06/20 02:43:10 - [] D -- C:\Users\MOMAIB\AppData\Local\Thinstall
O43 - CFD: 2015/07/31 13:39:33 - [] D -- C:\Users\MOMAIB\AppData\Local\TileDataLayer
O43 - CFD: 2014/09/30 11:51:02 - [0] D -- C:\Users\MOMAIB\AppData\Local\TuneUp Software
O43 - CFD: 2015/06/03 17:15:42 - [] D -- C:\Users\MOMAIB\AppData\Local\Unity
O43 - CFD: 2014/09/27 22:51:13 - [] D -- C:\Users\MOMAIB\AppData\Local\VirtualStore
O43 - CFD: 2015/05/30 11:24:37 - [] D -- C:\Users\MOMAIB\AppData\Local\VMware
O43 - CFD: 2015/08/16 12:17:03 - [] D -- C:\Users\MOMAIB\AppData\Local\W3CLogging
O43 - CFD: 2015/10/23 22:23:22 - [] D -- C:\Users\MOMAIB\AppData\Local\Windows Live
O43 - CFD: 2014/06/26 16:40:41 - [] D -- C:\Users\MOMAIB\AppData\Local\Xenocode
O43 - CFD: 2015/07/10 09:28:25 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/08/16 12:17:15 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/09/26 15:32:30 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
O43 - CFD: 2015/08/28 13:30:50 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/09/18 15:15:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
O43 - CFD: 2015/07/31 13:27:23 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
O43 - CFD: 2015/09/26 03:26:09 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EyeLeo
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/10/09 16:37:50 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hitman Codename 47
O43 - CFD: 2015/07/31 13:19:16 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS
O43 - CFD: 2015/09/18 15:13:29 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/07/10 09:28:25 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
O43 - CFD: 2015/09/26 03:26:09 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/10 09:28:25 - [] RD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/08/02 02:57:43 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 2015/07/10 09:28:32 - [] RSD -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/07/31 13:27:24 - [] D -- C:\Users\MOMAIB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YU-GI-OH ! STAREDITION 2010
---\\ Latest files created in Prefetcher (1) - 13s
O45 - LFCP:[MD5.D92D21A2816C4DB3A51DF30FE2D87E01] 2015/10/24 07:03:22 A -- C:\WINDOWS\Prefetch\RVLKL.EXE-4346CD87.pf =>PUP.Optional.RelevantKnowledge
---\\ ShellIconOverlayIdentifiers (SIOI) (17) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll ©
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: UpToDateOverlayHandler Class [ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: SyncingOverlayHandler Class [ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: ErrorOverlayHandler Class [ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\MOMAIB\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: ###MegaShellExtPending [###MegaShellExtPending] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\MOMAIB\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSynced [###MegaShellExtSynced] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\MOMAIB\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSyncing [###MegaShellExtSyncing] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\MOMAIB\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll ©
---\\ ShareTools MSconfig StartupReg (26) - 1s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O53 - SMSR:HKLM\...\startupreg\BlueStacks Agent [Key] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe ©
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe ©
O53 - SMSR:HKLM\...\startupreg\EADM [Key] . (...) -- C:\Program Files\Origin\Origin.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\eRclient [Key] . (...) -- C:\Users\MOMAIB\AppData\Roaming\eRclient\eRclient.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (...) -- C:\Windows\system32\hkcmd.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (...) -- C:\Windows\system32\igfxtray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\InstallerLauncher [Key] . (...) -- C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\IP Hider Pro [Key] . (...) -- C:\Program Files\IP Hider Pro\IPHiderPro.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe ©
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (...) -- C:\Program Files\Microsoft Security Client\msseces.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (...) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Overwolf [Key] . (...) -- C:\Program Files\Overwolf\Overwolf.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (...) -- C:\Windows\system32\igfxpers.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Premium Sound Software for HP Thin USB Powered Speakers [Key] . (...) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSound_HPSm.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Qsocial [Key] . (...) -- C:\Program Files\QSocial\QSocial.exe
O53 - SMSR:HKLM\...\startupreg\RIMBBLaunchAgent.exe [Key] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe ©
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ©
O53 - SMSR:HKLM\...\startupreg\Software Informer [Key] . (...) -- C:\Program Files\Software Informer\softinfo.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SoundMAXPnP [Key] . (.Analog Devices, Inc. - SMax4PNP.) -- C:\Program Files\Analog Devices\Core\smax4pnp.exe ©
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe ©
O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O53 - SMSR:HKLM\...\startupreg\VMware Netlink 3 HV Install Utility [Key] . (...) -- C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Voobly [Key] . (.Voobly - Voobly.) -- C:\Program Files\Voobly\voobly.exe ©
---\\ System Drivers List (67) - 6s
O58 - SDL:2014/12/16 06:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\2F5D0550.sys [114904] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [85856] ©
O58 - SDL:2009/05/18 14:32:58 A . (.Analog Devices, Inc. - High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\ADIHdAud.sys [381440] ©
O58 - SDL:2015/07/10 09:24:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1038176] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [75104] ©
O58 - SDL:2015/07/10 09:24:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [215392] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [22880] ©
O58 - SDL:2015/07/10 09:24:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [116576] ©
O58 - SDL:2012/11/08 12:41:32 A . (.ASMedia Technology Inc - ASMedia USB3 Hub Driver.) -- C:\WINDOWS\System32\drivers\asmthub3.sys [110920] ©
O58 - SDL:2012/11/08 12:41:32 A . (.ASMedia Technology Inc - ASMEDIA XHCI Host Controller Driver.) -- C:\WINDOWS\System32\drivers\asmtxhci.sys [333128] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [16088] ©
O58 - SDL:2012/03/08 10:09:40 A . (.Broadcom Corporation - Broadcom NetXtreme II Diagnostic Driver.) -- C:\WINDOWS\System32\drivers\bxdiagx.sys [75816] ©
O58 - SDL:2012/02/22 17:05:54 A . (.Broadcom Corporation - FCoE offload x86 FREE.) -- C:\WINDOWS\System32\drivers\bxfcoe.sys [150568] ©
O58 - SDL:2012/02/22 17:33:32 A . (.Broadcom Corporation - iSCSI offload x86 FREE.) -- C:\WINDOWS\System32\drivers\bxois.sys [435240] ©
O58 - SDL:2014/07/06 21:03:08 A . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128] ©
O58 - SDL:2015/07/10 09:24:19 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\WINDOWS\System32\drivers\e1i6332.sys [397336] ©
O58 - SDL:2012/07/24 20:58:00 A . (.Etron Technology Inc - Etron eXtensible Hub Driver..) -- C:\WINDOWS\System32\drivers\EtronHub3.sys [65152] ©
O58 - SDL:2012/07/24 20:58:00 A . (.Etron Technology Inc - Etron Enhance USB Mass Storage Driver..) -- C:\WINDOWS\System32\drivers\EtronSTOR.sys [32512] ©
O58 - SDL:2012/07/24 20:58:00 A . (.Etron Technology Inc - Etron eXtensible Host Controller Driver..) -- C:\WINDOWS\System32\drivers\EtronXHCI.sys [88832] ©
O58 - SDL:2007/08/09 05:06:40 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\WINDOWS\System32\drivers\ewdcsc.sys [23424] ©
O58 - SDL:2009/10/12 16:22:56 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ewusbdev.sys [101120] ©
O58 - SDL:2009/12/07 20:53:18 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys [103168] ©
O58 - SDL:2009/12/07 20:36:48 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\WINDOWS\System32\drivers\ewusbnet.sys [201168] ©
O58 - SDL:2012/10/03 17:14:58 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26840] ©
O58 - SDL:2009/06/24 05:28:12 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECI.sys [40832] ©
O58 - SDL:2015/08/18 13:20:45 A . (.© 2014 SurfRight B.V. - HitmanPro 3.7 Support Driver.) -- C:\WINDOWS\System32\drivers\hitmanpro37.sys [35992] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [56672] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\WINDOWS\System32\drivers\iaiogpio.sys [22016] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\WINDOWS\System32\drivers\iaioi2c.sys [61936] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [524640] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [333664] ©
O58 - SDL:2015/06/12 03:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [123968] ©
O58 - SDL:2012/03/23 19:09:38 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd32.sys [9036288] ©
O58 - SDL:2012/12/21 06:44:10 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\WINDOWS\System32\drivers\iusb3hub.sys [359560] ©
O58 - SDL:2012/12/21 06:44:10 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\WINDOWS\System32\drivers\iusb3xhc.sys [792712] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [94048] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [88928] ©
O58 - SDL:2015/07/10 09:24:22 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [83296] ©
O58 - SDL:2015/07/10 09:24:22 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [69472] ©
O58 - SDL:2015/06/18 08:41:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] ©
O58 - SDL:2015/06/18 08:41:42 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [94936] ©
O58 - SDL:2015/08/16 14:02:33 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [98520] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [52064] ©
O58 - SDL:2015/07/10 09:24:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [464736] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [58208] ©
O58 - SDL:2015/06/18 08:41:58 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [51928] ©
O58 - SDL:2010/06/25 18:07:14 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35088] ©
O58 - SDL:2011/10/25 18:57:14 A . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\WINDOWS\System32\drivers\nusb3hub.sys [73984] ©
O58 - SDL:2011/10/25 18:57:14 A . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\WINDOWS\System32\drivers\nusb3xhc.sys [165120] ©
O58 - SDL:2015/07/10 09:24:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [119136] ©
O58 - SDL:2015/07/10 09:24:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [142176] ©
O58 - SDL:2012/10/17 15:53:46 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\drivers\pccsmcfd.sys [19072] ©
O58 - SDL:2015/07/10 09:24:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [51040] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [51552] ©
O58 - SDL:2012/12/10 16:48:12 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\WINDOWS\System32\drivers\RimSerial.sys [35840] ©
O58 - SDL:2015/07/23 02:08:28 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\WINDOWS\System32\drivers\scdemu.sys [114304] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [41312] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [79200] ©
O58 - SDL:2009/11/10 16:28:44 A . (.Copyright (C) 2008 SRS Labs, Inc. - SRS Premium Sound driver.) -- C:\WINDOWS\System32\drivers\SRS_PremiumSound_i386.sys [246000]
O58 - SDL:2014/01/22 09:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [88576] ©
O58 - SDL:2014/01/22 09:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [184192] ©
O58 - SDL:2014/01/22 09:52:12 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Mobile Logging Device Driver (M.) -- C:\WINDOWS\System32\drivers\ssudserd.sys [184192] ©
O58 - SDL:2015/07/10 09:24:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [26976] ©
O58 - SDL:2015/07/10 09:24:28 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [31744]
O58 - SDL:2015/07/10 09:24:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [149856] ©
O58 - SDL:2015/07/10 09:24:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [276832] ©
O58 - SDL:2012/02/22 15:27:02 A . (.Bigfoot Networks, Inc. - Bigfoot Networks Killer(TM) PCI-E Gaming Ad.) -- C:\WINDOWS\System32\drivers\Xeno7x86.sys [130152] ©
---\\ Last modified or created user files (3) - 33s
O61 - LFC: 2015/10/24 05:15:11 A . (..) -- C:\Users\MOMAIB\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2015/10/19 13:50:31 A . (..) -- C:\Users\MOMAIB\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635808516723895165.bin [13916]
O61 - LFC: 2015/10/24 12:14:13 A . (..) -- C:\Users\MOMAIB\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
---\\ File Associations Shell Spawning (9) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (14) - 12s
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("browser.startup.homepage", "http://www.oursurfing.com/?type=hp&ts=1442404064&z=5ab86231e1e7cedefb5b239g5z1zdo1z1e5z0eeq[...] =>PUP.Optional.OurSurfing
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledUrls.expiration",[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledUrls.value", "%7B[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledWithHash.expirati[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_bundledWithHash.value", [...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_notBundledArr_.expiratio[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_notBundledArr_.value", "[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_regBundledWithSoftware.e[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.internaldb.monetization_plugin_regBundledWithSoftware.v[...] =>PUP.Optional.Monetization
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.a389579c4efa94d96a1dd3c86f7bd1a51gmailcom69829.69829.name", "SavePass v2.2"); =>PUP.Optional.CrossRider
O69 - SBI: prefs.js [MOMAIB - 3aitiz03.default-1426450933850] user_pref("extensions.crossrider.bic", "14fd6045810ade1931296d0068bf5f97"); =>PUP.Optional.CrossRider
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (42) - 1s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [161792] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [161792] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [218112] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1195520] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [737792] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [838656] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [25088] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [75776] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [116224] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [87040] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [822272] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [183808] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [105984] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [243712] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [312320] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [68096] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [1543680] ©
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\Windows\System32\NetSetupSvc.dll [129024] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [143360] ©
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\Windows\System32\dcpsvc.dll [152064] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [185344] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] ©
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\Windows\System32\usermgr.dll [549376] ©
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\Windows\System32\dmwappushsvc.dll [53760] ©
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\Windows\System32\XboxNetApiSvc.dll [807936] ©
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\Windows\System32\usocore.dll [236032] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [22528] ©
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\Windows\System32\RDXService.dll [733184] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [307200] ©
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [193024] ©
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\Windows\System32\XblAuthManager.dll [520192] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [93184] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [587264] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [410112] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [57344] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [392704] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [254976] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1829376] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [802816] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [544768] ©
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\Windows\System32\XblGameSave.dll [733696] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [165376] ©
---\\ Firewall Active Exception List (12) - 3s
O87 - FAEL: "UDP Query User{103DB17D-ED61-4C9A-B0D7-2A86038C31CA}C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe" [In-None-P17-TRUE] .(...) -- C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe
O87 - FAEL: "TCP Query User{95A932C2-FA8D-4E0A-953F-E646DAA8D1F1}C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe" [In-None-P6-TRUE] .(...) -- C:\program files\yu-gi-oh ! staredition 2010\yu-gi-oh!\joey the passion\joey_pc.exe
O87 - FAEL: "UDP Query User{0573B8E1-84D9-4A7B-A7DE-06A6283DEE29}C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe" [In-None-P17-TRUE] .(.Rebtel Networks AB - RebtelPhone.) -- C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe
O87 - FAEL: "TCP Query User{E1E89CA3-7676-4409-90CB-A73ADEC9E635}C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe" [In-None-P6-TRUE] .(.Rebtel Networks AB - RebtelPhone.) -- C:\users\momaib\appdata\local\apps\2.0\rxtpro93.1xq\6p0t6beb.glx\rebt..tion_59eb1b2cffdb6323_0002.0005_4441f936d900cc2b\rebtelphone.exe
O87 - FAEL: "{C1B335DA-5395-4681-BA33-05C9D93036D0}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{BDAED6ED-0965-40AB-AB65-DF30AA65FEBC}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{4269A74A-29B2-4AD3-BAE7-2AE2860D6127}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{93306D2D-C340-450C-A9B3-F178751F518E}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\MOMAIB\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "TCP Query User{1D61A832-E1CF-4978-B189-406819FD0DD7}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P6-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
O87 - FAEL: "UDP Query User{E01FCAB6-9676-4142-8A22-ECDA324EE908}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P17-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
O87 - FAEL: "TCP Query User{CC3316F4-3DA1-46B3-BC25-2AE1F6D4D8B2}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P6-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
O87 - FAEL: "UDP Query User{19520800-C378-4008-909C-8E82982706D1}C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe" [In-None-P17-TRUE] .(...) -- C:\users\momaib\appdata\roaming\acestream\engine\ace_engine.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (24) - 30s
SR - Auto [2015/09/14 09:25:38] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [2015/10/17 15:14:13] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [2008/07/15 14:09:52] [ 90112] @oem131.inf,%AEADISRV.SvcDesc%;Andrea ADI Filters Service (AEADIFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\AEADISRV.EXE ©
SR - Auto [2011/07/28 18:35:44] [ 262144] Arp Intelligent Protection Service (AIPS) . (.Arcai.com.) - C:\Program Files\netcut\services\aips.exe ©
SR - Auto [2015/05/29 18:51:26] [ 60744] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe ©
SS - Demand [2013/01/18 18:10:18] [ 577536] Blackberry Device Manager (Blackberry Device Manager) . (.Research In Motion Limited.) - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe ©
SR - Auto [2011/08/31 00:05:02] [ 390504] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe ©
SS - Auto [2014/12/12 14:29:12] [ 409304] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe ©
SR - Auto [2014/12/12 14:29:42] [ 388824] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe ©
SR - Auto [2014/12/12 14:31:34] [ 786136] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-UpdaterService.exe ©
SS - Demand [2014/06/20 20:58:49] [ 654848] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe ©
SS - Auto [2015/02/03 03:07:25] [ 107912] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/02/03 03:07:25] [ 107912] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
SR - Demand [2015/08/13 02:43:28] [ 541968] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe ©
SS - Disabled [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2015/08/09 17:01:40] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe ©
SR - Auto [2015/08/17 12:42:57] [ 7548928] Qsocial Service (QsocialUpdater) . (...) - C:\Program Files\QSocial\QSocial_Updater.exe
SS - Demand [2010/06/25 18:07:20] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe ©
SS - Demand [2013/04/18 12:06:42] [ 737616] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe ©
SS - Auto [2015/01/02 20:45:12] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe ©
SS - Auto [2015/08/06 11:40:58] [ 580144] Wise Boot Assistant (WiseBootAssistant) . (.WiseCleaner.com.) - C:\Program Files\Wise\Wise Care 365\BootTime.exe ©
SS - Demand [2015/05/07 18:03:40] [ 13264] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo32.dll ©
---\\ Additional Scan (O88) (42) - 0s
C:\ProgramData\rvlkl\rvlkl.exe =>PUP.Optional.RelevantKnowledge
C:\Users\MOMAIB\AppData\Roaming\Mozilla\Firefox\Profiles\3aitiz03.default-1426450933850\searchplugins\findit.xml =>PUP.Optional.SmartBar
C:\Program Files\Mozilla Firefox\browser\searchplugins\findit.xml =>PUP.Optional.SmartBar
C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
HKLM\SOFTWARE\0968be64-279e-4848-8623-30fa42e5f57b =>PUP.Optional.CrossRider
HKLM\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKLM\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKLM\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKLM\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKLM\SOFTWARE\oursurfingSoftware =>PUP.Optional.OurSurfing
HKLM\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKLM\SOFTWARE\searchult =>PUP.Optional.Generic
HKLM\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKLM\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\ArenaHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\CinemaP-1.9cV16.09-nv-ie =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Crossbrowse =>PUP.Optional.CrossBrowse
HKCU\SOFTWARE\globalUpdate =>PUP.Optional.GlobalUpdate
HKCU\SOFTWARE\GoHD =>PUP.Optional.CrossRider
HKCU\SOFTWARE\GoHD-nv =>PUP.Optional.CrossRider
HKCU\SOFTWARE\HighDefAction =>PUP.Optional.CrossRider
HKCU\SOFTWARE\InstalledBrowserExtensions =>PUP.Optional.BrowserExtensions
HKCU\SOFTWARE\SavePass 1.1 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\SavePass 1.1-nv-edge =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Ski Search =>PUP.Optional.SkiSearch
HKCU\SOFTWARE\YorkNewCin =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider =>PUP.Optional.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\_CrossriderRegNamePlaceHolder_ =>PUP.Optional.CrossRider
C:\Program Files\cce98bbb-5151-42aa-9461-de1d152a01b3 =>PUP.Optional.CrossRider
C:\Program Files\fchk32 =>PUP.Optional.Amonetize
C:\Program Files\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Program Files\GoHD =>PUP.Optional.CrossRider
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\Program Files\Ski Search =>PUP.Optional.SkiSearch
C:\ProgramData\ExtTag =>PUP.Optional.ExtTag
C:\ProgramData\ExtTags =>PUP.Optional.ExtTag
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\rvlkl =>PUP.Optional.RelevantKnowledge
C:\Users\MOMAIB\AppData\Local\globalUpdate =>PUP.Optional.GlobalUpdate
C:\Users\MOMAIB\AppData\Local\SysassistByHotWheel =>PUP.Optional.Generic
C:\WINDOWS\Prefetch\RVLKL.EXE-4346CD87.pf =>PUP.Optional.RelevantKnowledge
---\\ Summary of the elements found (15) - 0s
http://www.nicolascoolman.fr/adware-relevantknowledge/ =>PUP.Optional.RelevantKnowledge
http://www.nicolascoolman.fr/blog =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/hijacker-smartbar/ =>PUP.Optional.SmartBar
http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/blog =>PUP.Optional.BrowserExtensions
http://www.nicolascoolman.fr/blog =>PUP.Optional.Generic
http://www.nicolascoolman.fr/pup-optional-skisearch/ =>PUP.Optional.SkiSearch
http://www.nicolascoolman.fr/blog =>PUP.Optional.CrossBrowse
http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate
http://www.nicolascoolman.fr/pup-amonetize/ =>PUP.Optional.Amonetize
http://www.nicolascoolman.fr/pup-kmspico/ =>HackTool.KMSpico
http://www.nicolascoolman.fr/pup-optional-exttag =>PUP.Optional.ExtTag
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS
http://www.nicolascoolman.fr/blog =>PUP.Optional.Monetization
~ End of the scan, 44831 items in 198 seconds (1303)(0)()