~ ZHPDiag v2015.7.5.84 By Nicolas Coolman (2015\07\05)
~ Run by Sean (Administrator)  (2015/07/05 17:50:26)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:  Version OK
~ Mode: Scan
~ Report: C:\Users\Sean\Desktop\ZHPDiag.txt
~ Report: C:\Users\Sean\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
~ Windows 7, 32-bit Service Pack 1 (Build 7601)

---\\ Windows Product Information (3) - 1s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Activation Technologies : OK

---\\ System optimization software (1) - 0s
CCleaner v5.06

---\\ Surveillance software (1) - 0s
Adobe Flash Player 17 NPAPI

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System:  32-bit 
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 3144184
~ System Restore: Activé (Enable)
~ System drive C: has 344 GB free of 476 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: SEAN-PC
~ User Name: Sean
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 6s
~ Drive C: has 344 GB free of 476 GB  (System)
~ Drive E: has 1875 GB free of 1907 GB
~ Drive G: has  GB free of 9 GB

---\\ Search Generic System Files (23) - 0s
[MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [1950720]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Process running (29) - 2s
[MD5.FAE39454D10CC50212BC96D182F82C33] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.8.) -- C:\Windows\System32\nvvsvc.exe [668104] [PID.720]
[MD5.BAD1F0D57B842D3C461B02609A7E7396] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410968] [PID.744]
[MD5.6FE69F8416CB2771101DD9553D544733] - (.DTools LIMITED - Windows DTools.) -- C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [697000] [PID.1300]  =>PUP.Fuyu
[MD5.51A3E36D3E62CDB341C018B0630A7176] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [943048] [PID.1652]
[MD5.FAE39454D10CC50212BC96D182F82C33] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.8.) -- C:\Windows\System32\nvvsvc.exe [668104] [PID.1660]
[MD5.0FB5169E831027B297CEAE030D61616E] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [918160] [PID.1768]
[MD5.E9E2DC4B14F2A20046683E2B699BA79C] - (.XTab system - ProtectSvc.exe.) -- C:\Program Files\MiuiTab\ProtectService.exe [125112] [PID.1824]  =>PUP.MiuiTab
[MD5.36D1D60FD807F98DD81B29C6BC15757F] - (...) -- C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\jnskB465.tmp [227840] [PID.1920]  =>Adware.CrossRider
[MD5.12C85755886299A5AB525F37B74F3B0C] - (...) -- C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\hnsvC910.tmp [311296] [PID.1960]  =>Adware.CrossRider
[MD5.F758A5752CA282925CE3324FDBBADBED] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672] [PID.2012]
[MD5.A0758AF99D157258A970D08ECEF4F378] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20696720] [PID.2040]
[MD5.7A7EC85927C4BE6CD55DEDFA46CD6ACB] - (...) -- C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\knsu47F3.tmp [589312] [PID.384]  =>Adware.CrossRider
[MD5.EAFB798E13C296281878E70BCFE41A69] - (...) -- C:\Program Files\MasterDeals\masterdeals_helper_service.exe [191696] [PID.2948]
[MD5.EAFB798E13C296281878E70BCFE41A69] - (...) -- C:\Program Files\Crazy Deals\crazy_deals_helper_service.exe [191696] [PID.2956]
[MD5.17F601C301CFCF559F496BF268533FC1] - (...) -- C:\Program Files\Spring Sporting Games\spring_sporting_games_helper_service.exe [191692] [PID.2964]
[MD5.0DE6521016CAE929552DD557979E196C] - (.SearchProtect - CmdShell.exe.) -- C:\Program Files\MiuiTab\CmdShell.exe [29368] [PID.3144]  =>PUP.MiuiTab
[MD5.638644168D9B5B5093AD84C9C162B550] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2673296] [PID.3284]
[MD5.ED70821F65B120FDBD76FCFF746FE219] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [335232] [PID.3304]
[MD5.80086ED442941DE2CA18CB6DAE8C1422] - (.Aeria Games & Entertainment - Aeria Ignite.) -- C:\Program Files\Aeria Games\Ignite\aeriaignite.exe [1925656] [PID.3312]
[MD5.D6E2ED7F1F7BE7CCB8676491BF950B57] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Sean\AppData\Local\Akamai\netsession_win.exe [4673432] [PID.3552]
[MD5.BF5B1D2F076E1ACBF6DF56F8C779ABDF] - (...) -- C:\ProgramData\{b7c98e2b-6b4b-3e6a-b7c9-98e2b6b438ad}\Grand Fantasia Hack.exe [374272] [PID.3588]
[MD5.D6E2ED7F1F7BE7CCB8676491BF950B57] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Sean\AppData\Local\Akamai\netsession_win.exe [4673432] [PID.3760]
[MD5.939BAC33069A29BA884E4C6CCA7476BA] - (.Disc Soft Ltd - Disc Soft Bus Service.) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1030928] [PID.3896]
[MD5.06C8589D129973F0B5EAC12D92A5CBA3] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1818456] [PID.4032]
[MD5.84B5D5396472C76E2DC550F4401EA233] - (.XTab system - SupHPNot.exe.) -- C:\Program Files\MiuiTab\HPNotify.exe [673976] [PID.2736]  =>PUP.MiuiTab
[MD5.5588A018C772DBD69FDE3DE255D2A328] - (.Oracle Corporation - Java Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [1058176] [PID.2812]
[MD5.70DF6F7C43B8B84D25A8788F7C588D38] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [5984400] [PID.4568]
[MD5.A0758AF99D157258A970D08ECEF4F378] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20696720] [PID.3256]
[MD5.1269B8E010B50C3EA77425AFE7DF40EA] - (.PC Utilities Software Limited - OptimizerPro  Clean up your PC.) -- c:\programdata\{d8f95fa2-576b-413e-d8f9-95fa25767e89}\hqghumeaylnlf.exe [6019712] [PID.4556]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (2) - 0s
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (5) - 0s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_17_0_0_190.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.40.2] - (.Oracle Corporation.) -- C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.40.2] - (.Oracle Corporation.) -- C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (11) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/  =>PUP.StartSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartsearch.com/  =>PUP.StartSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/  =>Hijacker.OurSurfing
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/  =>PUP.StartSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/  =>Hijacker.OurSurfing
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartsearch.com/  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartsearch.com/  =>PUP.StartSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartsearch.com/  =>PUP.StartSearch
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Auto loading programs from Registry and folders (O4) (19) - 0s
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Aeria Ignite] . (.Aeria Games & Entertainment - Aeria Ignite.) -- C:\Program Files\Aeria Games\Ignite\aeriaignite.exe
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Sean\AppData\Local\Akamai\netsession_win.exe
O4 - HKCU\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3386993730-295807858-1247842499-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-3386993730-295807858-1247842499-1000\..\Run: [Akamai NetSession Interface] . (.Akamai Technologies, Inc. - Akamai NetSession Client.) -- C:\Users\Sean\AppData\Local\Akamai\netsession_win.exe
O4 - HKUS\S-1-5-21-3386993730-295807858-1247842499-1000\..\Run: [HP Photosmart 5520 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
O4 - HKUS\S-1-5-21-3386993730-295807858-1247842499-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKUS\S-1-5-21-3386993730-295807858-1247842499-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

---\\ Lop.com/Domain Hijackers (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.3 195.130.131.3
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.3 195.130.131.3
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.3 195.130.131.3

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (15) - 0s
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: IHProtect Service (IHProtect Service) . (.XTab system - ProtectSvc.exe.) - C:\Program Files\MiuiTab\ProtectService.exe  =>Adware.AgentODR
O23 - Service: Language Setting Background (mofysilo) . (...) - C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\jnskB465.tmp  =>Adware.CrossRider
O23 - Service: Compress Comma (myroqole) . (...) - C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\hnsvC910.tmp  =>Adware.CrossRider
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 337.8.) - C:\Windows\System32\nvvsvc.exe
O23 - Service: Wheel Mouse Back Up (qozonozy) . (...) - C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\knsu47F3.tmp  =>Adware.CrossRider
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Update Banana Phone (Update Banana Phone) . (...) - C:\Program Files\Banana Phone\updateBananaPhone.exe (.not file.)  =>PUP.BananaPhone
O23 - Service: Update Edu App (Update Edu App) . (...) - C:\Program Files\Edu App\updateEduApp.exe (.not file.)  =>PUP.EduApp
O23 - Service: Util Banana Phone (Util Banana Phone) . (...) - C:\Program Files\Banana Phone\bin\utilBananaPhone.exe (.not file.)  =>PUP.BananaPhone
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) . (.DTools LIMITED - Windows DTools.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe  =>PUP.Fuyu

---\\ Task Planned Automatically (O39) (31) - 1s
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job   [830]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\APSnotifierPP1.job   [366]  =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\APSnotifierPP2.job   [364]  =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\APSnotifierPP3.job   [364]  =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job   [338]  =>PUP.BidailySync
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\BYAIAMUF.job   [1682]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\crazy_deals_helper_service.job   [494]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GNOK.job   [1330]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job   [1048]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job   [1052]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\masterdeals_helper_service.job   [494]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\Tasks\spring_sporting_games_helper_service.job   [554]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater   [3768]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1   [2814]  =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2   [2812]  =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3   [2812]  =>PUP.AnyProtect
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32]   [3248]  =>PUP.BidailySync
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\BYAIAMUF   [4704]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC   [2786]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\crazy_deals_helper_service   [3446]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GNOK   [4352]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore   [3796]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA   [4048]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\HPCustParticipation HP Photosmart 5520 series   [3614]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\masterdeals_helper_service   [3446]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task   [4028]  =>PUP.SmartWebSearch
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\spring_sporting_games_helper_service   [3506]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{425999A8-C795-4597-B484-CF9D27506911}   [3146]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{4632BCE5-C3C8-4025-ACDB-70B95B6E62CA}   [3152]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{54EAD183-407F-4D8B-802B-A15092A3AB53}   [3146]
O39 - APT:Automatic Planified Task - (...) -- C:\Windows\System32\Tasks\{CA597C90-0C67-422A-A042-1CA056CC7450}   [3124]

---\\ Software installed (O42) (33) - 6s
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Aeria Ignite - (.Aeria Games & Entertainment.) [HKLM] -- Aeria Ignite 1.13.3296
O42 - Logiciel: BitRaider Streaming Client - (.BitRaider, LLC.) [HKLM] -- BitRaider Streaming Client
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM] -- DAEMON Tools Lite
O42 - Logiciel: DmC - Devil May Cry - (...) [HKLM] -- DmC - Devil May Cry_is1
O42 - Logiciel: Echo of Soul - (...) [HKLM] -- Echo of Soul
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome
O42 - Logiciel: GrandFantasia-FR - (...) [HKLM] -- GrandFantasia-FR
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: S4 League - (...) [HKLM] -- S4 League
O42 - Logiciel: Star Wars: Le Pouvoir de la Force 2 - (.LucasArts.) [HKLM] -- Star Wars: Le Pouvoir de la Force 2_is1
O42 - Logiciel: Star Wars The Old Republic - (.Bioware/EA.) [HKLM] -- swtor_swtor
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Skype 7.6 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Java 8 Update 40 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218040F0}
O42 - Logiciel: Star Wars: The Old Republic - (.Electronic Arts, Inc..) [HKLM] -- {3B11D799-48E0-48ED-BFD7-EA655676D8BB}
O42 - Logiciel: Mumble 1.2.8 - (.Thorvald Natvig.) [HKLM] -- {5D198290-6E7D-426C-9AF0-8DA34CC7E596}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {80407BA7-7763-4395-AB98-5233F1B34E65}
O42 - Logiciel: NVIDIA 3D Vision Driver 337.88 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Graphics Driver 337.88 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.4.1.21 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA 3D Vision Controller Driver 337.88 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA PhysX System Software 9.13.1220 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA HD Audio Driver 1.3.30.1 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: HP Photosmart 5520 series Product Improvement Study - (.Hewlett-Packard Co..) [HKLM] -- {B58FBD4F-C69A-41C1-94AC-1A47AD946C91}
O42 - Logiciel: HP Photosmart 5520 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM] -- {E8ED5ADB-3EB5-4890-85F6-0FEA13A47EEE}
O42 - Logiciel: Aeria Ignite - (.Aeria Games & Entertainment.) [HKLM] -- {FE2D627E-D7E0-46EA-93A6-8583420285FA}
O42 - Logiciel: Akamai NetSession Interface - (.Akamai Technologies, Inc.) [HKCU] -- Akamai
O42 - Logiciel: Popcorn Time - (.Popcorn Official.) [HKCU] -- Popcorn Time
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent

---\\ HKCU & HKLM Software Keys (118) - 6s
HKLM\SOFTWARE\5210691b-d1f9-8b68-9148-4e8e32462aa0  =>PUP.CrossRider
HKLM\SOFTWARE\AGEIA Technologies
HKLM\SOFTWARE\AIM Toolbar
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\ArenaHD  =>Adware.CrossRider
HKLM\SOFTWARE\AskPartnerNetwork  =>Toolbar.Ask
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\BioWare
HKLM\SOFTWARE\Caphyon
HKLM\SOFTWARE\CBSTEST
HKLM\SOFTWARE\Conduit  =>PUP.Conduit
HKLM\SOFTWARE\Crossbrowse  =>PUP.CrossBrowse
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\DJOnlineFB
HKLM\SOFTWARE\FFPluginHp  =>PUP.SweetSearch
HKLM\SOFTWARE\GlobalUpdate  =>PUP.GlobalUpdate
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\HighDefAction  =>Adware.CrossRider
HKLM\SOFTWARE\HP
HKLM\SOFTWARE\IHProtect  =>Adware.AgentODR
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\Iminent  =>Adware.IMBooster
HKLM\SOFTWARE\Infonaut_1.10.0.14  =>PUP.Infonaut
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\LucasArts
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mystartsearchSoftware  =>PUP.StartSearch
HKLM\SOFTWARE\nFlavor
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\oursurfingSoftware  =>Hijacker.OurSurfing
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\SearchProtect  =>PUP.SearchProtect
HKLM\SOFTWARE\searchult  =>PUP.Optional
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SpeedBit
HKLM\SOFTWARE\SupDp  =>Adware.SupTab
HKLM\SOFTWARE\SuperClick_1.10.0.16  =>PUP.SuperClick
HKLM\SOFTWARE\supTab  =>Adware.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect  =>PUP.Fuyu
HKLM\SOFTWARE\Torch  =>PUP.Torch
HKLM\SOFTWARE\Tutorials  =>PUP.AgenceExclusive
HKLM\SOFTWARE\WajIntEnhance  =>PUP.Wajam
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\YorkNewCin  =>Adware.CrossRider
HKCU\SOFTWARE\Aeria Games
HKCU\SOFTWARE\AhnLab
HKCU\SOFTWARE\Akamai
HKCU\SOFTWARE\AnyProtect  =>PUP.AnyProtect
HKCU\SOFTWARE\AOL
HKCU\SOFTWARE\APN PIP  =>PUP.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArenaHD  =>Adware.CrossRider
HKCU\SOFTWARE\AskPartnerNetwork  =>Toolbar.Ask
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Burda
HKCU\SOFTWARE\BYAIAMUF
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CinemaP-1.9cV16.03-nv-ie  =>Adware.CrossRider
HKCU\SOFTWARE\CinemaPlus-3.2cV29.06-nv-ie  =>Adware.CrossRider
HKCU\SOFTWARE\Crossbrowse  =>PUP.CrossBrowse
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\gamesdesktop  =>Adware.GamesDesktop
HKCU\SOFTWARE\globalUpdate  =>PUP.GlobalUpdate
HKCU\SOFTWARE\GNOK
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HighDefAction  =>Adware.CrossRider
HKCU\SOFTWARE\HomeTab  =>PUP.CertifiedToolbar
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstallPath
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Kromtech
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Linkey  =>PUP.LinkeySearch
HKCU\SOFTWARE\LucasArts
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Mumble
HKCU\SOFTWARE\Nico Mak Computing
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\OB
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Optimizer Pro  =>PUP.OptimizerPro
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Rapl
HKCU\SOFTWARE\SearchProtectWS  =>PUP.SearchProtect
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\sidecom  =>PUP.Sidecom
HKCU\SOFTWARE\SimplyTech  =>PUP.SimplyTech
HKCU\SOFTWARE\Skyhook Wireless
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\TNT2  =>Adware.TidyNetwork
HKCU\SOFTWARE\Torch  =>PUP.Torch
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TutoTag  =>PUP.AgenceExclusive
HKCU\SOFTWARE\WajIEnhance  =>Adware.Multiplug
HKCU\SOFTWARE\WajIntEnhance  =>PUP.Wajam
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\YorkNewCin  =>Adware.CrossRider
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Crossrider  =>Adware.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

---\\ Contents of the Common Files folders (O43) (166) - 6s
O43 - CFD: 2015/07/05 16:30:42 - [0] D -- C:\Program Files\ One
O43 - CFD: 2015/04/03 16:56:51 - [] D -- C:\Program Files\Aeria Games
O43 - CFD: 2015/06/03 18:19:04 - [0] D -- C:\Program Files\AGEIA Technologies
O43 - CFD: 2015/07/05 16:28:46 - [0] D -- C:\Program Files\Banana Phone
O43 - CFD: 2015/06/06 22:08:32 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2015/07/03 11:50:20 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/05/29 20:43:46 - [] D -- C:\Program Files\Crazy Deals
O43 - CFD: 2015/04/03 00:35:08 - [] D -- C:\Program Files\DAEMON Tools Lite
O43 - CFD: 2015/04/03 11:36:40 - [0] D -- C:\Program Files\Driver Downloader
O43 - CFD: 2010/11/21 02:47:00 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/06/24 23:30:35 - [] D -- C:\Program Files\Electronic Arts
O43 - CFD: 2015/06/08 17:27:05 - [] D -- C:\Program Files\FunDEaaLLs  =>Adware.Multiplug
O43 - CFD: 2015/06/08 17:27:14 - [] D -- C:\Program Files\FunDieaels  =>Adware.Multiplug
O43 - CFD: 2015/06/08 17:27:24 - [] D -- C:\Program Files\FuunDaeauls  =>Adware.Multiplug
O43 - CFD: 2015/06/30 23:10:10 - [] D -- C:\Program Files\globalUpdate  =>PUP.GlobalUpdate
O43 - CFD: 2015/07/04 20:18:32 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/06/03 18:10:32 - [] D -- C:\Program Files\GUPlayer  =>PUP.GUPlayer
O43 - CFD: 2015/04/28 20:17:47 - [] D -- C:\Program Files\HP
O43 - CFD: 2015/06/11 17:07:33 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/04/03 13:06:07 - [] D -- C:\Program Files\Java
O43 - CFD: 2015/05/29 23:15:12 - [] D -- C:\Program Files\MasterDeals
O43 - CFD: 2010/11/21 02:47:00 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2015/04/03 11:44:12 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2015/07/04 20:54:02 - [] D -- C:\Program Files\MiuiTab  =>PUP.MiuiTab
O43 - CFD: 2009/07/14 06:52:30 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2015/04/06 15:26:33 - [] D -- C:\Program Files\Mumble
O43 - CFD: 2015/04/03 12:01:13 - [] D -- C:\Program Files\NVIDIA Corporation
O43 - CFD: 2015/05/29 23:15:43 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/05/29 22:56:12 - [0] D -- C:\Program Files\predm  =>Adware.Downware
O43 - CFD: 2015/06/19 23:54:53 - [] D -- C:\Program Files\PriceDownlOAder  =>Adware.Multiplug
O43 - CFD: 2015/06/19 23:54:40 - [] D -- C:\Program Files\PuraiceDownnloAider  =>Adware.Multiplug
O43 - CFD: 2009/07/14 06:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/04/23 17:56:28 - [] D -- C:\Program Files\RRoBBoSavEr  =>Adware.Multiplug
O43 - CFD: 2015/04/16 11:55:34 - [] D -- C:\Program Files\SeallePolusi  =>Adware.Multiplug
O43 - CFD: 2015/07/03 11:50:20 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/06/03 18:10:43 - [] D -- C:\Program Files\Spring Sporting Games
O43 - CFD: 2009/07/14 06:53:23 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2015/05/20 22:03:16 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2010/11/21 02:38:49 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/06/11 17:07:32 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2009/07/14 06:52:30 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2010/11/21 02:38:49 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2010/11/20 23:33:48 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2010/11/21 02:38:50 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2015/04/03 00:31:23 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/06/03 18:27:38 - [] D -- C:\Program Files\ZHPDiag
O43 - CFD: 2015/04/03 08:54:39 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/04/03 08:54:45 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/04/03 16:56:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
O43 - CFD: 2015/04/04 16:40:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Capcom
O43 - CFD: 2015/06/06 22:08:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/04/03 00:34:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
O43 - CFD: 2015/06/24 23:30:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA
O43 - CFD: 2015/06/24 23:30:38 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/07/04 20:18:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/04/28 20:17:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2015/04/03 13:06:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2009/07/14 06:42:30 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/06 15:26:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
O43 - CFD: 2015/04/03 11:58:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2015/07/03 11:50:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/04/03 00:32:36 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2010/11/21 02:46:50 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/04/03 00:31:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/06/19 15:14:23 - [] D -- C:\ProgramData\3bcafb64000039d1
O43 - CFD: 2015/06/19 23:55:56 - [] D -- C:\ProgramData\4851282531061613252
O43 - CFD: 2015/06/08 17:07:01 - [0] D -- C:\ProgramData\4decabe600003e47
O43 - CFD: 2015/05/29 22:55:51 - [0] D -- C:\ProgramData\6293ba48000009d0
O43 - CFD: 2015/06/19 15:14:29 - [0] D -- C:\ProgramData\634247ff000042ea
O43 - CFD: 2015/06/30 12:39:59 - [] D -- C:\ProgramData\7892c320000716f
O43 - CFD: 2015/04/21 18:55:19 - [] D -- C:\ProgramData\AdBlocker Manger  =>PUP.Adblocker
O43 - CFD: 2015/04/03 00:53:09 - [] D -- C:\ProgramData\Aeria Games
O43 - CFD: 2015/04/03 13:08:53 - [] D -- C:\ProgramData\APN
O43 - CFD: 2009/07/14 06:53:55 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/06/24 23:33:43 - [] D -- C:\ProgramData\BitRaider
O43 - CFD: 2015/04/03 00:34:27 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2009/07/14 06:53:55 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2009/07/14 06:53:55 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2009/07/14 06:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/04/16 11:55:22 - [] D -- C:\ProgramData\ggkdgeikonmlpnokdghpnjjkpafjlkhg
O43 - CFD: 2015/04/28 20:17:22 - [] D -- C:\ProgramData\HP
O43 - CFD: 2015/05/29 20:39:12 - [] D -- C:\ProgramData\IHProtectUpDate  =>Adware.AgentODR
O43 - CFD: 2015/05/29 22:59:37 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/05/04 07:12:32 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/07/05 16:28:49 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2015/04/03 11:59:57 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2015/04/03 13:01:05 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/04/04 19:04:01 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/07/03 11:50:28 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2009/07/14 06:53:55 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/04/04 17:30:39 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2015/04/03 13:01:36 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2009/07/14 06:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/05/29 20:38:07 - [] D -- C:\ProgramData\WindowsMangerProtect  =>PUP.Fuyu
O43 - CFD: 2015/05/07 21:46:07 - [0] D -- C:\ProgramData\WinZip
O43 - CFD: 2015/06/14 17:49:36 - [] D -- C:\ProgramData\{b7c98e2b-6b4b-3e6a-b7c9-98e2b6b438ad}
O43 - CFD: 2015/06/05 23:10:00 - [] D -- C:\ProgramData\{d8f95fa2-576b-413e-d8f9-95fa25767e89}
O43 - CFD: 2015/06/24 23:30:37 - [] D -- C:\Program Files\Common Files\BioWare
O43 - CFD: 2015/04/03 13:06:51 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2015/04/11 14:39:27 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2009/07/14 04:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2015/07/03 11:50:20 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2009/07/14 04:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/04/04 10:10:11 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/07/05 16:12:45 - [] D -- C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C
O43 - CFD: 2015/04/03 14:48:12 - [] D -- C:\Users\Sean\AppData\Roaming\Adobe
O43 - CFD: 2015/05/29 23:45:21 - [] SHD -- C:\Users\Sean\AppData\Roaming\AnyProtectEx  =>PUP.AnyProtect
O43 - CFD: 2015/05/29 22:49:02 - [] D -- C:\Users\Sean\AppData\Roaming\aqmrpwwi
O43 - CFD: 2015/06/06 22:10:02 - [] D -- C:\Users\Sean\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/04/16 11:57:25 - [] D -- C:\Users\Sean\AppData\Roaming\EZDownloader
O43 - CFD: 2015/05/07 17:16:57 - [] D -- C:\Users\Sean\AppData\Roaming\HpUpdate
O43 - CFD: 2015/04/03 00:04:41 - [] D -- C:\Users\Sean\AppData\Roaming\Identities
O43 - CFD: 2015/05/29 22:50:33 - [] D -- C:\Users\Sean\AppData\Roaming\kgaviodi
O43 - CFD: 2015/05/29 22:53:36 - [] D -- C:\Users\Sean\AppData\Roaming\kqnvwkib
O43 - CFD: 2015/05/07 18:18:40 - [] D -- C:\Users\Sean\AppData\Roaming\Macromedia
O43 - CFD: 2010/11/21 02:46:50 - [0] D -- C:\Users\Sean\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/04/06 15:30:20 - [] SD -- C:\Users\Sean\AppData\Roaming\Microsoft
O43 - CFD: 2015/05/04 07:12:48 - [] D -- C:\Users\Sean\AppData\Roaming\Mozilla
O43 - CFD: 2015/06/13 00:55:47 - [] D -- C:\Users\Sean\AppData\Roaming\Mumble
O43 - CFD: 2015/05/29 22:49:31 - [] D -- C:\Users\Sean\AppData\Roaming\nufovtdv
O43 - CFD: 2015/05/29 23:15:40 - [0] D -- C:\Users\Sean\AppData\Roaming\Opera Software
O43 - CFD: 2015/05/29 21:45:35 - [] D -- C:\Users\Sean\AppData\Roaming\qntqekwz
O43 - CFD: 2015/07/05 17:37:14 - [] D -- C:\Users\Sean\AppData\Roaming\Skype
O43 - CFD: 2015/06/06 22:10:02 - [] D -- C:\Users\Sean\AppData\Roaming\uTorrent
O43 - CFD: 2015/04/03 13:32:18 - [] D -- C:\Users\Sean\AppData\Roaming\WinRAR
O43 - CFD: 2015/04/08 23:22:16 - [] D -- C:\Users\Sean\AppData\Roaming\WinZip
O43 - CFD: 2015/07/05 17:50:38 - [] D -- C:\Users\Sean\AppData\Roaming\ZHP
O43 - CFD: 2015/04/03 11:32:34 - [0] D -- C:\Users\Sean\AppData\Local\Adobe
O43 - CFD: 2015/04/03 00:53:39 - [] D -- C:\Users\Sean\AppData\Local\Aeria Games
O43 - CFD: 2015/07/04 22:37:02 - [] D -- C:\Users\Sean\AppData\Local\Akamai
O43 - CFD: 2015/04/03 00:04:12 - [0] SHD -- C:\Users\Sean\AppData\Local\Application Data
O43 - CFD: 2015/04/03 00:21:38 - [] D -- C:\Users\Sean\AppData\Local\Apps
O43 - CFD: 2015/04/03 00:21:44 - [0] D -- C:\Users\Sean\AppData\Local\Deployment
O43 - CFD: 2015/07/05 16:58:23 - [0] D -- C:\Users\Sean\AppData\Local\Diagnostics
O43 - CFD: 2015/06/12 17:30:15 - [0] SHD -- C:\Users\Sean\AppData\Local\EmieBrowserModeList
O43 - CFD: 2015/06/12 17:30:15 - [0] SHD -- C:\Users\Sean\AppData\Local\EmieSiteList
O43 - CFD: 2015/06/12 17:30:15 - [0] SHD -- C:\Users\Sean\AppData\Local\EmieUserList
O43 - CFD: 2015/05/29 20:38:37 - [] D -- C:\Users\Sean\AppData\Local\globalUpdate  =>PUP.GlobalUpdate
O43 - CFD: 2015/07/04 20:10:20 - [] D -- C:\Users\Sean\AppData\Local\Google
O43 - CFD: 2015/04/03 00:04:12 - [0] SHD -- C:\Users\Sean\AppData\Local\History
O43 - CFD: 2015/04/04 20:33:53 - [] D -- C:\Users\Sean\AppData\Local\Howei
O43 - CFD: 2015/04/28 20:19:16 - [] D -- C:\Users\Sean\AppData\Local\HP
O43 - CFD: 2015/04/03 14:15:22 - [] D -- C:\Users\Sean\AppData\Local\LucasArts
O43 - CFD: 2015/05/07 18:18:40 - [] D -- C:\Users\Sean\AppData\Local\Macromedia
O43 - CFD: 2015/05/29 23:04:45 - [] D -- C:\Users\Sean\AppData\Local\Microsoft
O43 - CFD: 2015/05/04 07:12:48 - [] D -- C:\Users\Sean\AppData\Local\Mozilla
O43 - CFD: 2015/04/03 11:59:58 - [] D -- C:\Users\Sean\AppData\Local\NVIDIA
O43 - CFD: 2015/04/03 12:01:37 - [] D -- C:\Users\Sean\AppData\Local\NVIDIA Corporation
O43 - CFD: 2015/05/29 23:15:40 - [0] D -- C:\Users\Sean\AppData\Local\Opera Software
O43 - CFD: 2015/07/04 20:29:46 - [] D -- C:\Users\Sean\AppData\Local\Popcorn Time
O43 - CFD: 2015/07/04 21:21:44 - [] D -- C:\Users\Sean\AppData\Local\Popcorn-Time
O43 - CFD: 2015/04/03 11:34:10 - [] D -- C:\Users\Sean\AppData\Local\Programs
O43 - CFD: 2015/04/03 00:30:06 - [] D -- C:\Users\Sean\AppData\Local\Skype
O43 - CFD: 2015/07/05 16:32:39 - [] D -- C:\Users\Sean\AppData\Local\SmartWeb  =>PUP.SmartWebSearch
O43 - CFD: 2015/06/25 12:31:12 - [] D -- C:\Users\Sean\AppData\Local\SWTOR
O43 - CFD: 2015/06/24 23:33:24 - [] D -- C:\Users\Sean\AppData\Local\SWTORPerf
O43 - CFD: 2015/07/05 17:49:55 - [] D -- C:\Users\Sean\AppData\Local\Temp
O43 - CFD: 2015/04/03 00:04:12 - [0] SHD -- C:\Users\Sean\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/04/11 21:08:50 - [] D -- C:\Users\Sean\AppData\Local\VirtualStore
O43 - CFD: 2009/07/14 06:42:04 - [] RD -- C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/04/03 14:48:19 - [] RD -- C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/05/07 18:23:49 - [] D -- C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
O43 - CFD: 2009/07/14 06:37:42 - [] RD -- C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/04 20:29:46 - [] D -- C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time
O43 - CFD: 2015/07/05 16:32:39 - [] RD -- C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/04/03 00:31:24 - [] D -- C:\Users\Sean\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ System Drivers List (SDL) (O58) (69) - 17s
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [422976]
O58 - SDL:2009/07/14 03:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [297552]
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys   [146512]
O58 - SDL:2009/07/14 03:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [14400]
O58 - SDL:2010/11/20 23:29:03 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [80256]
O58 - SDL:2009/07/14 03:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [159312]
O58 - SDL:2010/11/20 23:29:03 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [22400]
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [76368]
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [86608]
O58 - SDL:2009/07/14 00:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys   [229888]
O58 - SDL:2009/07/14 00:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [13568]
O58 - SDL:2009/07/14 00:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [5248]
O58 - SDL:2009/07/14 02:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys   [272128]
O58 - SDL:2009/07/14 00:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [62336]
O58 - SDL:2009/07/14 00:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [12160]
O58 - SDL:2009/07/14 00:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [11904]
O58 - SDL:2009/07/14 00:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys   [430080]
O58 - SDL:2009/07/14 03:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [15952]
O58 - SDL:2009/07/14 03:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys   [70720]
O58 - SDL:2015/04/03 00:35:23 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) -- C:\Windows\System32\drivers\dtlitescsibus.sys   [25104]
O58 - SDL:2009/07/14 03:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [453712]
O58 - SDL:2009/07/14 00:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys   [3100160]
O58 - SDL:2009/07/14 00:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [26624]
O58 - SDL:2009/07/14 03:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [67152]
O58 - SDL:2010/11/20 23:29:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys   [332160]
O58 - SDL:2009/07/14 03:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [41040]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [95824]
O58 - SDL:2009/07/14 03:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [89168]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [54864]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [96848]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [30800]
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [235584]
O58 - SDL:2009/07/14 03:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [44624]
O58 - SDL:2014/05/20 04:39:05 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda32v.sys   [162592]
O58 - SDL:2014/05/20 04:39:05 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys   [10533152]
O58 - SDL:2010/11/20 23:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [117120]
O58 - SDL:2010/11/20 23:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [143744]
O58 - SDL:2014/11/22 12:46:30 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad32v.sys   [32912]
O58 - SDL:2009/07/14 03:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1383488]
O58 - SDL:2009/07/14 03:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [106064]
O58 - SDL:2009/07/14 00:02:52 A . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys   [139776]
O58 - SDL:2009/07/13 22:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [20480]
O58 - SDL:2009/07/14 03:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [40016]
O58 - SDL:2009/07/14 03:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [77888]
O58 - SDL:2009/07/14 03:19:04 A . (.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [21072]
O58 - SDL:2009/07/14 03:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [16976]
O58 - SDL:2009/07/14 03:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [141904]
O58 - SDL:2015/05/29 12:39:16 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw.sys   [43144]  =>PUP.LinkiDoo
O58 - SDL:2015/06/07 05:35:30 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{42f8f729-2fa8-44bb-b01a-28c57a8162c7}Gw.sys   [43144]  =>PUP.LinkiDoo
O58 - SDL:2015/06/29 18:54:34 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{6ca4ee32-3a59-4d23-8471-2bae8d896a33}Gw.sys   [43152]  =>PUP.LinkiDoo
O58 - SDL:2015/05/29 12:40:58 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{a5ba7e96-2359-44ae-a061-636c507901d1}Gw.sys   [43152]  =>PUP.LinkiDoo
O58 - SDL:2015/07/04 02:54:42 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{e0ec4d2c-6253-42d1-86ea-28f6d9a48110}Gw.sys   [43152]  =>PUP.LinkiDoo
O58 - SDL:2015/05/28 23:46:08 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{e6a873ea-7ac2-4092-bda3-b2bf46afde25}Gw.sys   [43152]  =>PUP.LinkiDoo
O58 - SDL:2015/06/02 20:40:46 A . (.StdLib - StdLib.) -- C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw.sys   [43144]  =>PUP.LinkiDoo
O58 - SDL:2009/07/13 23:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:2009/07/13 23:40:44 A . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:2009/07/13 23:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:2009/07/13 23:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:2009/07/13 23:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:2009/07/13 23:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:2009/07/13 23:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:2009/07/13 23:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:2009/07/13 23:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:2009/07/13 23:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:2009/07/13 23:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:2009/07/13 23:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:2009/07/13 23:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:2009/07/13 23:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:2009/07/13 23:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]

---\\ Last modified or created user files (O61) (11) - 15s
O61 - LFC: 2015/07/04 20:29:13 A . (.Popcorn Official.) -- C:\Users\Sean\Downloads\Popcorn-Time-0.3.7.2-Setup.exe   [23315064]
O61 - LFC: 2015/07/03 12:20:45 A . (.SoftBrain Technologies Ltd..) -- C:\Users\Sean\AppData\Local\SmartWeb\__u.exe   [172673]  =>PUP.SmartWebSearch
O61 - LFC: 2015/07/04 20:29:46 A . (.Popcorn Official.) -- C:\Users\Sean\AppData\Local\Popcorn Time\Uninstall.exe   [380212]
O61 - LFC: 2015/06/30 14:02:40 A . (..) -- C:\Users\Sean\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin   [4438960]
O61 - LFC: 2015/07/03 23:33:53 A . (..) -- C:\Users\Sean\AppData\Local\NVIDIA\NvBackend\Packages\00007998\DAO.19733759.exe   [5871552]
O61 - LFC: 2015/06/30 23:31:24 A . (..) -- C:\Users\Sean\AppData\Local\NVIDIA\NvBackend\Packages\00007984\CoProc update.19722912.exe   [455224]
O61 - LFC: 2015/07/03 12:14:26 A . (.NVIDIA Corporation.) -- C:\Users\Sean\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe   [628664]
O61 - LFC: 2015/07/03 12:14:20 A . (.NVIDIA Corporation.) -- C:\Users\Sean\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe   [172984]
O61 - LFC: 2015/07/03 12:14:14 A . (.NVIDIA Corporation.) -- C:\Users\Sean\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll   [1357240]
O61 - LFC: 2015/07/05 17:48:22 A . (..) -- C:\Users\Sean\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin   [1113849]
O61 - LFC: 2015/07/04 22:36:49 A . (.Akamai Technologies, Inc..) -- C:\Users\Sean\AppData\Local\Akamai\netsession_installer.exe   [10473944]

---\\ File Associations Shell Spawning (O67) (9) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.oursurfing.com/  =>Hijacker.OurSurfing
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (12) - 3s
O69 - SBI: prefs.js [Sean - sqpjq103.default] user_pref("browser.search.searchengine.alias", "mystartsearch");  =>PUP.SearchEngine
O69 - SBI: prefs.js [Sean - sqpjq103.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine");  =>PUP.SearchEngine
O69 - SBI: prefs.js [Sean - sqpjq103.default] user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/favicon.ico");  =>PUP.StartSearch
O69 - SBI: prefs.js [Sean - sqpjq103.default] user_pref("browser.search.searchengine.name", "mystartsearch");  =>PUP.SearchEngine
O69 - SBI: prefs.js [Sean - sqpjq103.default] user_pref("browser.search.searchengine.ptid", "cmi");  =>PUP.SearchEngine
O69 - SBI: prefs.js [Sean - sqpjq103.default] user_pref("browser.search.searchengine.uid", "WDCXWD5000AAKS-00UU3A0_WD-WCAYU742584425844");  =>PUP.SearchEngine
O69 - SBI: prefs.js [Sean - sqpjq103.default] user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=ds&ts=1433331684&z=be0d04bcee43f8748e6b64ag2z[...]  =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.mystartsearch.com/  =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} [DefaultScope] - (e) - http://www.mystartsearch.com/  =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (mystartsearch) - http://www.mystartsearch.com/  =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://www.mystartsearch.com/  =>PUP.StartSearch
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.mystartsearch.com/  =>PUP.StartSearch

---\\ Search Svchost Services (SSS) (O83) (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll   [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll   [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll   [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL   [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll   [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll   [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll   [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll   [2020864]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll   [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll   [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll   [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll   [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll   [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll   [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll   [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll   [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll   [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL   [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll   [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll   [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll   [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll   [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll   [149504]

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (16) - 9s
SS - Demand [2015/06/23 20:23:06] [  268464]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - Demand [2015/06/24 23:33:38] [  363208]  BitRaider Mini-Support Service Stub Loader (BRSptStub) . (.BitRaider, LLC.) - C:\ProgramData\BitRaider\BRSptStub.exe
SR - Demand [2015/02/27 18:40:30] [ 1030928]  Disc Soft Lite Bus Service (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
SR - Auto   [2015/03/28 05:45:00] [  918160]  NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SS - Auto   [2015/07/04 20:17:48] [  144200]  Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2015/07/04 20:17:48] [  144200]  Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - Auto   [2015/06/24 04:08:12] [  125112]  IHProtect Service (IHProtect Service) . (.XTab system.) - C:\Program Files\MiuiTab\ProtectService.exe
SR - Auto   [2015/05/29 22:56:46] [  227840]  Language Setting Background (mofysilo) . (...) - C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\jnskB465.tmp
SR - Auto   [2015/05/29 22:56:52] [  311296]  Compress Comma (myroqole) . (...) - C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\hnsvC910.tmp
SR - Auto   [2015/03/28 05:45:01] [ 1878672]  NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - Auto   [2015/03/28 05:45:00] [20696720]  NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - Auto   [2014/05/20 02:04:02] [  668104]  NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - Auto   [2015/07/05 15:11:30] [  589312]  Wheel Mouse Back Up (qozonozy) . (...) - C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\knsu47F3.tmp
SS - Auto   [2015/06/03 16:42:38] [  327296]  Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - Auto   [2014/05/20 01:11:19] [  410968]  NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - Auto   [2015/05/29 20:38:03] [  697000]  WindowsMangerProtect Service (WindowsMangerProtect) . (.DTools LIMITED.) - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe

---\\ Search Tracing Registry Key (O100) (12) - 3s
HKLM\SOFTWARE\Microsoft\Tracing\SpeedCheckerService_RASAPI32  =>PUP.InternetSpeedChecker
HKLM\SOFTWARE\Microsoft\Tracing\SpeedCheckerService_RASMANCS  =>PUP.InternetSpeedChecker
HKLM\SOFTWARE\Microsoft\Tracing\SuperClickAutoUpdateClient_RASAPI32  =>PUP.SuperClick
HKLM\SOFTWARE\Microsoft\Tracing\SuperClickAutoUpdateClient_RASMANCS  =>PUP.SuperClick
HKLM\SOFTWARE\Microsoft\Tracing\updateMetalMaker_RASAPI32  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\updateMetalMaker_RASMANCS  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\updateWoodenSeal_RASAPI32  =>PUP.WoodenSeal
HKLM\SOFTWARE\Microsoft\Tracing\updateWoodenSeal_RASMANCS  =>PUP.WoodenSeal
HKLM\SOFTWARE\Microsoft\Tracing\utilMetalMaker_RASAPI32  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\utilMetalMaker_RASMANCS  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\utilWoodenSeal_RASAPI32  =>PUP.WoodenSeal
HKLM\SOFTWARE\Microsoft\Tracing\utilWoodenSeal_RASMANCS  =>PUP.WoodenSeal

---\\ Additional Scan (O88) (108) - 0s
C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe  =>PUP.Fuyu
C:\Program Files\MiuiTab\ProtectService.exe  =>PUP.MiuiTab
C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\jnskB465.tmp  =>Adware.CrossRider
C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\hnsvC910.tmp  =>Adware.CrossRider
C:\Users\Sean\AppData\Roaming\00000000-1432932988-0000-0000-00241D1EDC8C\knsu47F3.tmp  =>Adware.CrossRider
C:\Program Files\MiuiTab\CmdShell.exe  =>PUP.MiuiTab
C:\Program Files\MiuiTab\HPNotify.exe  =>PUP.MiuiTab
HKLM\SYSTEM\CurrentControlSet\Services\IHProtect Service  =>Adware.AgentODR
C:\Program Files\MiuiTab\ProtectService.exe  =>Adware.AgentODR
HKLM\SYSTEM\CurrentControlSet\Services\mofysilo  =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\myroqole  =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\qozonozy  =>Adware.CrossRider
HKLM\SYSTEM\CurrentControlSet\Services\Update Banana Phone  =>PUP.BananaPhone
HKLM\SYSTEM\CurrentControlSet\Services\Update Edu App  =>PUP.EduApp
HKLM\SYSTEM\CurrentControlSet\Services\Util Banana Phone  =>PUP.BananaPhone
HKLM\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect  =>PUP.Fuyu
C:\Windows\Tasks\APSnotifierPP1.job  =>PUP.AnyProtect
C:\Windows\Tasks\APSnotifierPP2.job  =>PUP.AnyProtect
C:\Windows\Tasks\APSnotifierPP3.job  =>PUP.AnyProtect
C:\Windows\Tasks\Bidaily Synchronize Task[3c32].job  =>PUP.BidailySync
C:\Windows\System32\Tasks\APSnotifierPP1  =>PUP.AnyProtect
C:\Windows\System32\Tasks\APSnotifierPP2  =>PUP.AnyProtect
C:\Windows\System32\Tasks\APSnotifierPP3  =>PUP.AnyProtect
C:\Windows\System32\Tasks\Bidaily Synchronize Task[3c32]  =>PUP.BidailySync
C:\Windows\System32\Tasks\SmartWeb Upgrade Trigger Task  =>PUP.SmartWebSearch
HKLM\SOFTWARE\ArenaHD  =>Adware.CrossRider
HKLM\SOFTWARE\AskPartnerNetwork  =>Toolbar.Ask
HKLM\SOFTWARE\Conduit  =>PUP.Conduit
HKLM\SOFTWARE\Crossbrowse  =>PUP.CrossBrowse
HKLM\SOFTWARE\FFPluginHp  =>PUP.SweetSearch
HKLM\SOFTWARE\GlobalUpdate  =>PUP.GlobalUpdate
HKLM\SOFTWARE\HighDefAction  =>Adware.CrossRider
HKLM\SOFTWARE\IHProtect  =>Adware.AgentODR
HKLM\SOFTWARE\Iminent  =>Adware.IMBooster
HKLM\SOFTWARE\Infonaut_1.10.0.14  =>PUP.Infonaut
HKLM\SOFTWARE\mystartsearchSoftware  =>PUP.StartSearch
HKLM\SOFTWARE\oursurfingSoftware  =>Hijacker.OurSurfing
HKLM\SOFTWARE\SearchProtect  =>PUP.SearchProtect
HKLM\SOFTWARE\searchult  =>PUP.Optional
HKLM\SOFTWARE\SupDp  =>Adware.SupTab
HKLM\SOFTWARE\SuperClick_1.10.0.16  =>PUP.SuperClick
HKLM\SOFTWARE\supTab  =>Adware.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect  =>PUP.Fuyu
HKLM\SOFTWARE\Torch  =>PUP.Torch
HKLM\SOFTWARE\Tutorials  =>PUP.AgenceExclusive
HKLM\SOFTWARE\WajIntEnhance  =>PUP.Wajam
HKLM\SOFTWARE\YorkNewCin  =>Adware.CrossRider
HKCU\SOFTWARE\AnyProtect  =>PUP.AnyProtect
HKCU\SOFTWARE\APN PIP  =>PUP.Conduit
HKCU\SOFTWARE\ArenaHD  =>Adware.CrossRider
HKCU\SOFTWARE\AskPartnerNetwork  =>Toolbar.Ask
HKCU\SOFTWARE\CinemaP-1.9cV16.03-nv-ie  =>Adware.CrossRider
HKCU\SOFTWARE\CinemaPlus-3.2cV29.06-nv-ie  =>Adware.CrossRider
HKCU\SOFTWARE\Crossbrowse  =>PUP.CrossBrowse
HKCU\SOFTWARE\gamesdesktop  =>Adware.GamesDesktop
HKCU\SOFTWARE\globalUpdate  =>PUP.GlobalUpdate
HKCU\SOFTWARE\HighDefAction  =>Adware.CrossRider
HKCU\SOFTWARE\HomeTab  =>PUP.CertifiedToolbar
HKCU\SOFTWARE\Linkey  =>PUP.LinkeySearch
HKCU\SOFTWARE\Optimizer Pro  =>PUP.OptimizerPro
HKCU\SOFTWARE\SearchProtectWS  =>PUP.SearchProtect
HKCU\SOFTWARE\sidecom  =>PUP.Sidecom
HKCU\SOFTWARE\SimplyTech  =>PUP.SimplyTech
HKCU\SOFTWARE\TNT2  =>Adware.TidyNetwork
HKCU\SOFTWARE\Torch  =>PUP.Torch
HKCU\SOFTWARE\TutoTag  =>PUP.AgenceExclusive
HKCU\SOFTWARE\WajIEnhance  =>Adware.Multiplug
HKCU\SOFTWARE\WajIntEnhance  =>PUP.Wajam
HKCU\SOFTWARE\YorkNewCin  =>Adware.CrossRider
HKCU\SOFTWARE\AppDataLow\Software\Crossrider  =>Adware.CrossRider  =>Adware.CrossRider
C:\Program Files\FunDEaaLLs  =>Adware.Multiplug
C:\Program Files\FunDieaels  =>Adware.Multiplug
C:\Program Files\FuunDaeauls  =>Adware.Multiplug
C:\Program Files\globalUpdate  =>PUP.GlobalUpdate
C:\Program Files\GUPlayer  =>PUP.GUPlayer
C:\Program Files\MiuiTab  =>PUP.MiuiTab
C:\Program Files\predm  =>Adware.Downware
C:\Program Files\PriceDownlOAder  =>Adware.Multiplug
C:\Program Files\PuraiceDownnloAider  =>Adware.Multiplug
C:\Program Files\RRoBBoSavEr  =>Adware.Multiplug
C:\Program Files\SeallePolusi  =>Adware.Multiplug
C:\ProgramData\AdBlocker Manger  =>PUP.Adblocker
C:\ProgramData\IHProtectUpDate  =>Adware.AgentODR
C:\ProgramData\WindowsMangerProtect  =>PUP.Fuyu
C:\Users\Sean\AppData\Roaming\AnyProtectEx  =>PUP.AnyProtect
C:\Users\Sean\AppData\Local\globalUpdate  =>PUP.GlobalUpdate
C:\Users\Sean\AppData\Local\SmartWeb  =>PUP.SmartWebSearch
C:\Windows\System32\drivers\{36ed28a4-ac0a-4653-91ff-10beb4246550}Gw.sys  =>PUP.LinkiDoo
C:\Windows\System32\drivers\{42f8f729-2fa8-44bb-b01a-28c57a8162c7}Gw.sys  =>PUP.LinkiDoo
C:\Windows\System32\drivers\{6ca4ee32-3a59-4d23-8471-2bae8d896a33}Gw.sys  =>PUP.LinkiDoo
C:\Windows\System32\drivers\{a5ba7e96-2359-44ae-a061-636c507901d1}Gw.sys  =>PUP.LinkiDoo
C:\Windows\System32\drivers\{e0ec4d2c-6253-42d1-86ea-28f6d9a48110}Gw.sys  =>PUP.LinkiDoo
C:\Windows\System32\drivers\{e6a873ea-7ac2-4092-bda3-b2bf46afde25}Gw.sys  =>PUP.LinkiDoo
C:\Windows\System32\drivers\{eb01aed1-bba3-4e72-8323-a77bb027b1d4}Gw.sys  =>PUP.LinkiDoo
C:\Users\Sean\AppData\Local\SmartWeb\__u.exe  =>PUP.SmartWebSearch
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\Open\command [Bad: C:\Program Files\Internet Explorer\iexplore.ex http://www.oursurfing.com/]  =>Hijacker.OurSurfing
HKLM\SOFTWARE\Microsoft\Tracing\SpeedCheckerService_RASAPI32  =>PUP.InternetSpeedChecker
HKLM\SOFTWARE\Microsoft\Tracing\SpeedCheckerService_RASMANCS  =>PUP.InternetSpeedChecker
HKLM\SOFTWARE\Microsoft\Tracing\SuperClickAutoUpdateClient_RASAPI32  =>PUP.SuperClick
HKLM\SOFTWARE\Microsoft\Tracing\SuperClickAutoUpdateClient_RASMANCS  =>PUP.SuperClick
HKLM\SOFTWARE\Microsoft\Tracing\updateMetalMaker_RASAPI32  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\updateMetalMaker_RASMANCS  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\updateWoodenSeal_RASAPI32  =>PUP.WoodenSeal
HKLM\SOFTWARE\Microsoft\Tracing\updateWoodenSeal_RASMANCS  =>PUP.WoodenSeal
HKLM\SOFTWARE\Microsoft\Tracing\utilMetalMaker_RASAPI32  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\utilMetalMaker_RASMANCS  =>PUP.MetalMaker
HKLM\SOFTWARE\Microsoft\Tracing\utilWoodenSeal_RASAPI32  =>PUP.WoodenSeal
HKLM\SOFTWARE\Microsoft\Tracing\utilWoodenSeal_RASMANCS  =>PUP.WoodenSeal

---\\ Summary of the detections found on your workstation (41) - 0s
http://www.nicolascoolman.fr/trojan-fuyu/  =>PUP.Fuyu
http://www.nicolascoolman.fr/blog  =>PUP.MiuiTab
http://www.nicolascoolman.fr/pup-crossrider/  =>Adware.CrossRider
http://www.nicolascoolman.fr/pup-startsearch/  =>PUP.StartSearch
http://www.nicolascoolman.fr/blog  =>Hijacker.OurSurfing
http://www.nicolascoolman.fr/blog  =>Adware.AgentODR
http://www.nicolascoolman.fr/blog  =>PUP.BananaPhone
http://www.nicolascoolman.fr/blog  =>PUP.EduApp
http://www.nicolascoolman.fr/pup-anyprotect/  =>PUP.AnyProtect
http://www.nicolascoolman.fr/blog  =>PUP.BidailySync
http://www.nicolascoolman.fr/pup-smartwebsearch/  =>PUP.SmartWebSearch
http://www.nicolascoolman.fr/toolbar-ask/  =>Toolbar.Ask
http://www.nicolascoolman.fr/toolbar-conduit/  =>PUP.Conduit
http://www.nicolascoolman.fr/blog  =>PUP.CrossBrowse
http://www.nicolascoolman.fr/blog  =>PUP.SweetSearch
http://www.nicolascoolman.fr/pup-globalupdate/  =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/adware-imbooster/  =>Adware.IMBooster
http://www.nicolascoolman.fr/blog  =>PUP.Infonaut
http://www.nicolascoolman.fr/pup-searchprotect/  =>PUP.SearchProtect
http://www.nicolascoolman.fr/blog  =>PUP.Optional
http://www.nicolascoolman.fr/pup-suptab/  =>Adware.SupTab
http://www.nicolascoolman.fr/pup-superClick/  =>PUP.SuperClick
http://www.nicolascoolman.fr/blog  =>PUP.Torch
http://www.nicolascoolman.fr/spyware-agenceexclusive/  =>PUP.AgenceExclusive
http://www.nicolascoolman.fr/pup-wajam/  =>PUP.Wajam
http://www.nicolascoolman.fr/blog  =>Adware.GamesDesktop
http://www.nicolascoolman.fr/pup-certifiedtoolbar/  =>PUP.CertifiedToolbar
http://www.nicolascoolman.fr/pup-linkeysearch/  =>PUP.LinkeySearch
http://www.nicolascoolman.fr/pup-optimizerpro/  =>PUP.OptimizerPro
http://www.nicolascoolman.fr/pup-sidecom/  =>PUP.Sidecom
http://www.nicolascoolman.fr/blog  =>PUP.SimplyTech
http://www.nicolascoolman.fr/adware-tidynetwork/  =>Adware.TidyNetwork
http://www.nicolascoolman.fr/pup-mutiplug/  =>Adware.Multiplug
http://www.nicolascoolman.fr/blog  =>PUP.GUPlayer
http://www.nicolascoolman.fr/adware-downware/  =>Adware.Downware
http://www.nicolascoolman.fr/blog  =>PUP.Adblocker
http://www.nicolascoolman.fr/pup-linkidoo/  =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog  =>PUP.SearchEngine
http://www.nicolascoolman.fr/pup-internetspeedchecker/  =>PUP.InternetSpeedChecker
http://www.nicolascoolman.fr/blog  =>PUP.MetalMaker
http://www.nicolascoolman.fr/blog  =>PUP.WoodenSeal

~ End of the scan, 27487 items in 75 seconds (830)(0)()