~ ZHPDiag v2015.10.14.149 By Nicolas Coolman (2015/10/14) ~ Run by DELL (Administrator) (2015/10/22 20:34:17) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\DELL\Desktop\ZHPDiag.txt ~ Report: C:\Users\DELL\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Home Single Language, 64-bit (Build 10240) ---\\ Internet Browsers (2) - 0s MFIE: Mozilla Firefox 41.0.2 (x86 en-US) v41.0.2 MSIE: Internet Explorer v11.0.10240.16431 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Key Management Service client information : KO Windows Automatic Updates : OK ---\\ System protection software (3) - 3s Kaspersky Internet Security v16.0.0.614 Malwarebytes Anti-Malware version 2.2.0.1024 Windows Defender (Deactivate) ---\\ Surveillance software (2) - 4s Adobe Flash Player 19 PPAPI Adobe Reader XI ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8267.032 MB (67% free) ~ System Restore: Activé (Enable) ~ System drive C: has 243 GB free of 322 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: DELL-PC ~ User Name: DELL ~ Logged in as Administrator ---\\ Enumeration of the disk units (2) - 0s ~ Drive C: has 243 GB free of 322 GB (System) ~ Drive E: has 477 GB free of 614 GB ---\\ State of the Windows Security Center (9) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (24) - 1s [MD5.F1CBCB7FA6F3B309639AA2D4EF74469C] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [4532304] © [MD5.5DED2A3F11AE916C8F2724947E736261] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [59392] © [MD5.7718A2A9B2BFB2C8E2BAEB03310CA3FD] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\WINDOWS\System32\Wininit.exe [290312] © [MD5.E5D86250453B33900666D92ED1A92ABE] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [2740224] © [MD5.6688FE37E767BA15F022B7E59E5E7EA6] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [579072] © [MD5.ECB1943967424DFB96E03F6A098434EF] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\WINDOWS\System32\sppcomapi.dll [430592] © [MD5.C287D0E32771E3222A444DC527A29477] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [680256] © [MD5.BB5BBD0E4D04047585E4ED0F07AA51E7] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\Syswow64\dnsapi.dll [534064] © [MD5.6C12C7E01A4F64E0AA9C88AF66955CC9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [577888] © [MD5.8921DF6060DB5C7700AA48CB12E9EA08] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [28512] © [MD5.F2829DC6D292DCAC5029893BB2E9FEE3] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] © [MD5.CA160E02F35A61C6F5C681FB4669C519] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080] © [MD5.25435407D97419627F4B10653433BF2B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [138240] © [MD5.C277A49F8A8295840DEBC9240B75A282] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [80896] © [MD5.D4CDEE4A62BDFFF6E8558A9552148EA7] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] © [MD5.5D3744E6FDEC1A6FB3FA9B1DD4AF0694] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] © [MD5.1DF2C5FD2710A13B07E663A12F0E0EEA] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [415232] © [MD5.F0D791348AD254360CC3C3E501CCB745] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [273408] © [MD5.466EC5659C02ED53DBD47DC1BC2B8086] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2116448] © [MD5.38F1AE32339731F6E5A7281AE8042545] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [96768] © [MD5.CA60F6C03611AF1710BC903ED9F566FB] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] © [MD5.A32AED8C644734B283A7C9D08D76064D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [176128] © [MD5.28E1E63A1AC65E17B3194238FA2CF3BF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [116576] © [MD5.823A237D871CD652C6BFD47BECB6810A] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [378720] © ---\\ Process running (43) - 1s [MD5.361AF7F2908DE1AD1EAC14C39AC8C55C] - (.AMD - AMD External Events Service Module.) -- C:\WINDOWS\system32\atiesrxx.exe [263200] [PID.1220] © [MD5.75909533EECD0CD9D5974B59474AA6C0] - (.Intel Corporation - igfxCUIService Module.) -- C:\WINDOWS\system32\igfxCUIService.exe [330136] [PID.1468] © [MD5.A10CF010E1A2B4337230B4929E0FE4A1] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872] [PID.1720] © [MD5.F6CEFEF46986DE02A3AE5D93AE32B5DC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2140] © [MD5.D1E343BC00136CE03C4D403194D06A80] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208] [PID.2148] © [MD5.50C3C62FFE6337E6E4F2F01CB07DF63C] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000] [PID.2188] © [MD5.3E7C6639E424FD28952C29D66B7E5277] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104] [PID.2200] © [MD5.B5C2F92EE1106DFE7BB1CCE4D35B6037] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462096] [PID.2220] © [MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.2320] © [MD5.3C4002D339491AF73D663FFC7F6E5ECB] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760] [PID.2516] © [MD5.41DDCF1ADD1FB7DE23DCF671740DDBE6] - (.Copyright 2004 - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512] [PID.2772] [MD5.57A85230DA22ABCFD9AF2E5A3D946F41] - (.Apple Inc. - iPodService Module (64-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [644880] [PID.7156] © [MD5.777788D9B63CCEEEF2DB353BA4EDD454] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [14904] [PID.3532] © [MD5.4269D44BB47A6DA5D80B11F4C8536458] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [276864] [PID.7600] © [MD5.DBE2E6388379D5CC78099650541E9566] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [364416] [PID.7212] © [MD5.15750A78DBCD4BC33BEA35646F5DFAD0] - (.AMD - AMD External Events Client Module.) -- C:\WINDOWS\system32\atieclxx.exe [688160] [PID.5196] © [MD5.932A21CF0DA4E951C7C4A62D27E6D8FB] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe [211712] [PID.2576] © [MD5.E9752E0CD9FB37612474B23973443FC9] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520] [PID.7292] © [MD5.CACD279EAC04E8C829FA2C529EA80B02] - (.Copyright (C) 2015 - .) -- C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [485240] [PID.9840] [MD5.2584A5BACB8F7CEC323EA92A9EC401D2] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010952] [PID.6448] © [MD5.FEE1D045E9B728A23C6046C1AFFF3CD0] - (.H.D.S. Hungary - Hard Disk Sentinel Engine.) -- C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [4137112] [PID.9372] [MD5.80A11F070E9EEFCB48B357E9E0E2C7D1] - (.Intel Corporation - igfxEM Module.) -- C:\WINDOWS\system32\igfxEM.exe [541600] [PID.9292] © [MD5.B6C52FADECE225339D02B6923E930B5C] - (.Intel Corporation - igfxHK Module.) -- C:\WINDOWS\system32\igfxHK.exe [258456] [PID.3840] © [MD5.8D2A1935AE10BE1E11A8C58B2F473560] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxTray.exe [395168] [PID.9976] © [MD5.F2C26D1E79FEC5EE558B5D3998DCF1A6] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [126856] [PID.5828] © [MD5.DB333A5F69B00A6B550901A5C854929F] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096] [PID.10048] © [MD5.E9752E0CD9FB37612474B23973443FC9] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520] [PID.1848] © [MD5.E30987C26979B7D45DABAD46E512569F] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [5762408] [PID.10012] © [MD5.6D44DE61A0BC7EE359D65992665C6432] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [170256] [PID.1032] © [MD5.77C01F1850E55373280A1B865D824F58] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\DELL\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.6716] © [MD5.E4085C9692976E98DC081828485BDE48] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248] [PID.8256] © [MD5.80DD073CBC9F1352AEE119D824063682] - (.TechSmith Corporation - Snagit.) -- C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe [9519544] [PID.9416] © [MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.988] © [MD5.139C3E683C64935D397A3A656D443E29] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928] [PID.3876] © [MD5.0A1810F3CF866F67856C8A4E98194493] - (.TechSmith Corporation - TechSmith HTML Help Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe [46080] [PID.4040] © [MD5.056E23AFCE4665A3F6C0895F72C5EA0A] - (.TechSmith Corporation - Snagit RPC Helper.) -- C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe [103864] [PID.1316] © [MD5.BAC15D03EFC8249216D1D610F3B1E67F] - (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe [695528] [PID.1628] [MD5.021228664C4F8EFDCF10EB528B9240F6] - (.TechSmith Corporation - Snagit Editor.) -- C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe [8845240] [PID.1624] © [MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056] [PID.9560] © [MD5.F419E9A607B79DAB0AC93119016E8342] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] [PID.4156] © [MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.3080] © [MD5.14DCA74CB34502CA919966F31FBB8B0D] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [377000] [PID.9908] © [MD5.AC8799DC1813802936209865892CE485] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\DELL\Desktop\ZHPDiag3.exe [1956352] [PID.4668] © ---\\ Google Chrome, Start,Search,Extensions (20) - 1s G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://gc.kis.scr.kaspersky-labs.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://home.searchpile.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://searchinterneat-a.akamaihd.net =>PUP.Optional.Browser G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.linkszb.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients1.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com.bh G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [eahebamiopdhefndnmappcihfajigkka] __MSG_ExtensionName__ G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 0s P2 - EXT FILE: (...) -- C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\ur6u70nq.default-1444914012169\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll © P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll © P2 - FPN: [HKLM] [@itools.hk/npiTools, version=1.0.0] - (.itools.hk Copyright (C) 2012.) -- C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\npiTools.dll ---\\ Internet Explorer Extensions, Start, Search (24) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s F2 - REG:system.ini: UserInit=C:\WINDOWS\SysWOW64\Userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (5) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll © O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL © O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL © O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll O2 - BHO: iToolsBHO [64Bits] - {E1499FE7-129D-4B6E-B681-DDF21E14172C} . (.iTools.hk - .) -- C:\Program Files (x86)\ThinkSky\iTools 3\Extensions\iToolsBHO.dll ---\\ Internet Explorer Toolbars (1) - 0s O3 - Toolbar: (no name) - [HKLM]{3507FA00-ADA2-4A02-99B9-51AD26CA9120} (Orphean) ---\\ Auto loading programs from Registry and folders (22) - 0s O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe © O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe © O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\quickset.exe © O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\wscript.exe © O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe © O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\DELL\AppData\Local\Microsoft\OneDrive\OneDrive.exe © O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\DELL\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe © O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe © O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe © O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe © O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe © O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [USB Security] . (.Zbshareware Lab - USB Disk Security.) -- C:\Program Files (x86)\USB Disk Security\USBGuard.exe O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe © O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe © O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe © O4 - HKUS\S-1-5-21-616811682-2499254475-3198381026-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\DELL\AppData\Local\Microsoft\OneDrive\OneDrive.exe © O4 - HKUS\S-1-5-21-616811682-2499254475-3198381026-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\DELL\AppData\Local\Microsoft\BingSvc\BingSvc.exe © O4 - HKUS\S-1-5-21-616811682-2499254475-3198381026-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe © O4 - HKUS\S-1-5-21-616811682-2499254475-3198381026-1001\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe © ---\\ Lop.com/Domain Hijackers (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1 ---\\ Extra protocols (24) - 1s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll © O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll © O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll © O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL © ---\\ Non Microsoft non disabled Windows Services (17) - 0s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe © O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\system32\atiesrxx.exe © O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe © O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe © O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe © O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) . (.Dell Products, LP. - Dell Digital Delivery Windows Service.) - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe © O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe © O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\WINDOWS\system32\igfxCUIService.exe © O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe © O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe © O23 - Service: KMService (KMService) . (...) - C:\Windows\System32\srvany.exe (.not file.) =>PUP.Optional.Office O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe © O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe © O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Copyright 2004 - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe © O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe © ---\\ Task Planned Automatically (41) - 4s [MD5.00000000000000000000000000000000] [APT] [2aOHlaja] (...) -- C:\Users\DELL\AppData\Roaming\2aOHlaja.exe (.not file.) [0] =>PUP.Optional.CrossRider [MD5.2EED3542F86F77D56569504B37C8108A] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1045720] © [MD5.9F48A3BB2EA2B65C308C8D88AB913FDA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] © [MD5.F419E9A607B79DAB0AC93119016E8342] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] © [MD5.2FC635380608BD0D1BF3FB4986676D05] [APT] [CLVDLauncher] (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340000] © [MD5.B24066E4F085F70EFEF3DDF7FF3C55E5] [APT] [GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001Core] (.Google Inc..) -- C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe [144200] © [MD5.B24066E4F085F70EFEF3DDF7FF3C55E5] [APT] [GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001UA] (.Google Inc..) -- C:\Users\DELL\AppData\Local\Google\Update\GoogleUpdate.exe [144200] © [MD5.CEC2EE3F2D7D9E14E1E1BAF0D740D860] [APT] [HPCustParticipation HP Deskjet 1510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 1510 series\Bin\HPCustPartic.exe [5642272] © [MD5.57A2664E14863B90056E0DE510D05AA8] [APT] [HPCustParticipation HP Deskjet 2540 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5745672] © [MD5.CACD279EAC04E8C829FA2C529EA80B02] [APT] [iToolsDaemon] (.Copyright (C) 2015.) -- C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe [485240] [MD5.2A5C656B0A364580E578B26EAE2EE889] [APT] [klcp_update] (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1173504] [MD5.2584A5BACB8F7CEC323EA92A9EC401D2] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- \Program Files\Synaptics\SynTP\SynTPEnh.exe [3010952] © [MD5.00000000000000000000000000000000] [APT] [WTjNtlo] (...) -- C:\Users\DELL\AppData\Roaming\WTjNtlo.exe (.not file.) [0] =>PUP.Optional.CrossRider [MD5.00000000000000000000000000000000] [APT] [Ye7qrQDxd6tcqgch9P4] (...) -- C:\Users\DELL\AppData\Roaming\Ye7qrQDxd6tcqgch9P4.exe (.not file.) [0] =>PUP.Optional.CrossRider [MD5.00000000000000000000000000000000] [APT] [ZprUG609] (...) -- C:\Users\DELL\AppData\Roaming\ZprUG609.exe (.not file.) [0] =>PUP.Optional.CrossRider [MD5.BC41666FF68C364CD3EAA486E50C9270] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [563000] © [MD5.FEE1D045E9B728A23C6046C1AFFF3CD0] [APT] [HardDiskSentinel\Hard Disk Sentinel_DELL] (.H.D.S. Hungary.) -- C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [4137112] O39 - APT: 2aOHlaja - (...) -- C:\WINDOWS\Tasks\2aOHlaja.job [1000] =>PUP.Optional.CrossRider O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001Core - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001Core.job [868] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001UA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001UA.job [920] © O39 - APT: iToolsDaemon - (.Copyright (C) 2015.) -- C:\WINDOWS\Tasks\iToolsDaemon.job [332] O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job [264] © O39 - APT: WTjNtlo - (...) -- C:\WINDOWS\Tasks\WTjNtlo.job [998] =>PUP.Optional.CrossRider O39 - APT: Ye7qrQDxd6tcqgch9P4 - (...) -- C:\WINDOWS\Tasks\Ye7qrQDxd6tcqgch9P4.job [1022] =>PUP.Optional.CrossRider O39 - APT: ZprUG609 - (...) -- C:\WINDOWS\Tasks\ZprUG609.job [1000] =>PUP.Optional.CrossRider O39 - APT: 2aOHlaja - (...) -- C:\WINDOWS\System32\Tasks\2aOHlaja [4120] =>PUP.Optional.CrossRider O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] © O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3816] © O39 - APT: CLMLSvc_P2G8 - (.CyberLink.) -- C:\WINDOWS\System32\Tasks\CLMLSvc_P2G8 [3270] © O39 - APT: CLVDLauncher - (.CyberLink Corp..) -- C:\WINDOWS\System32\Tasks\CLVDLauncher [3270] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001Core - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001Core [3658] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001UA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-616811682-2499254475-3198381026-1001UA [4034] © O39 - APT: HPCustParticipation HP Deskjet 1510 series - (.Hewlett-Packard Co..) -- C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 1510 series [3744] © O39 - APT: HPCustParticipation HP Deskjet 2540 series - (.Hewlett-Packard Co..) -- C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 2540 series [3744] © O39 - APT: iToolsDaemon - (.Copyright (C) 2015.) -- C:\WINDOWS\System32\Tasks\iToolsDaemon [3326] O39 - APT: klcp_update - (...) -- C:\WINDOWS\System32\Tasks\klcp_update [3006] O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements [3092] © O39 - APT: WTjNtlo - (...) -- C:\WINDOWS\System32\Tasks\WTjNtlo [4118] =>PUP.Optional.CrossRider O39 - APT: Ye7qrQDxd6tcqgch9P4 - (...) -- C:\WINDOWS\System32\Tasks\Ye7qrQDxd6tcqgch9P4 [4164] =>PUP.Optional.CrossRider O39 - APT: ZprUG609 - (...) -- C:\WINDOWS\System32\Tasks\ZprUG609 [4120] =>PUP.Optional.CrossRider ---\\ Software installed (85) - 5s O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- PC-Doctor for Windows © O42 - Logiciel: Dell Touchpad - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey © O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player © O42 - Logiciel: WinRAR 5.30 beta 1 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver © O42 - Logiciel: Apple Application Support (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {1F72FDD5-A069-45B4-928F-D0F16492DC69} © O42 - Logiciel: ETABS 2015 64-bit - (.Computers and Structures.) [HKLM][64Bits] -- {355734A4-B038-4C89-B3E1-7E6A482081F6} O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} © O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} © O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {58627BBE-4831-C766-4365-285795E8905A} © O42 - Logiciel: Intel(R) WiDi - (.Intel Corporation.) [HKLM][64Bits] -- {6097158B-0184-4140-BEC3-7885794D2571} © O42 - Logiciel: HP Deskjet 2540 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {6A79CD11-0C1C-4E24-A8C6-46A02F680346} © O42 - Logiciel: Intel(R) Turbo Boost Technology Monitor 2.6 - (.Intel.) [HKLM][64Bits] -- {6C9365EB-1F9E-4893-9196-3EC77C88D0C5} © O42 - Logiciel: Quickset64 - (.Dell Inc..) [HKLM][64Bits] -- {87CF757E-C1F1-4D22-865C-00C6950B5258} © O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {96984DE8-1DB8-425C-AC8C-3098BC696F04} © O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {B9C542F2-31A8-8EC1-B349-28C74D2A865C} © O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {D61F48DA-627B-404E-9315-32A651B18B64} © O42 - Logiciel: Product Improvement Study for HP Deskjet 2540 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {DF34643B-A745-430C-B27B-A48F853C81E4} © O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} © O42 - Logiciel: Product Improvement Study for HP Deskjet 1510 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {EC27E742-EB04-4A2C-BA64-20271929528A} © O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054} © O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} © O42 - Logiciel: DSC/AA Factory Installer - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {F7A70D00-F283-45C8-B163-49EC365D7E27} © O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {FD244E19-6EFE-4A2D-948A-0D45D4C168BE} © O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI © O42 - Logiciel: Adobe Flash Player 19 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI © O42 - Logiciel: FairStars Audio Converter 1.81 - (.FairStars Soft.) [HKLM][64Bits] -- FairStars Audio Converter_is1 O42 - Logiciel: Golden Al-Wafi Translator 1.12 - (.<>.) [HKLM][64Bits] -- Golden Al-Wafi Translator (By DR.Ahmed Saker)_is1 O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player O42 - Logiciel: Hard Disk Sentinel PRO - (.HDS.) [HKLM][64Bits] -- Hard Disk Sentinel_is1 O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM][64Bits] -- HP Photo Creations © O42 - Logiciel: CyberLink Media Suite Essentials - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7} © O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} © O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager © O42 - Logiciel: K-Lite Codec Pack 11.2.8 Full - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 © O42 - Logiciel: Mozilla Firefox 41.0.2 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 41.0.2 (x86 en-US) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService © O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (...) [HKLM][64Bits] -- MSTTS O42 - Logiciel: KMPlayer (remove only) - (.PandoraTV.) [HKLM][64Bits] -- The KMPlayer O42 - Logiciel: iTools 3 - (.Shenzhen Thinksky Technology Co., Ltd..) [HKLM][64Bits] -- ThinkSky O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM][64Bits] -- USB Disk Security_is1 O42 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM][64Bits] -- Usbfix © O42 - Logiciel: Nero 9 - (.Nero AG.) [HKLM][64Bits] -- {0d2d0eb2-e24f-4411-a28e-7d9fd4161189} © O42 - Logiciel: Dell Backup and Recovery - (.Dell Inc..) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04} © O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} © O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} © O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} © O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {446CC8CE-0E90-44F7-ADD0-774B243EF090} © O42 - Logiciel: HP Deskjet 2540 series Help - (.Hewlett Packard.) [HKLM][64Bits] -- {4539575D-C09D-4E71-B207-0F2D6BD74DA2} © O42 - Logiciel: Dell Digital Delivery - (.Dell Products, LP.) [HKLM][64Bits] -- {4B3230C5-F069-416B-9169-1B84A216ED6A} © O42 - Logiciel: معرض الصور - (.Microsoft Corporation.) [HKLM][64Bits] -- {5006FD66-7E9B-4F92-BD36-275AD7712348} © O42 - Logiciel: PowerXpressHybrid - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {51FDC2DE-0917-46B7-EAEC-5377504701DE} © O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595a3116-40bb-4e0f-a2e8-d7951da56270} © O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} © O42 - Logiciel: Snagit 11 - (.TechSmith Corporation.) [HKLM][64Bits] -- {68723B04-57EC-11E1-A6A8-9E2D4824019B} © O42 - Logiciel: Dell Update - (.Dell Inc..) [HKLM][64Bits] -- {713A4123-9417-4FF7-AC14-F000D6C0C7AD} © O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} © O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} © O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} © O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2} © O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} © O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {A50679D9-6CBD-4FCD-BACB-62EF3894F6F3} © O42 - Logiciel: Dell Backup and Recovery - Support Software - (.Dell Inc..) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49} © O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824157129} © O42 - Logiciel: Adobe Reader XI (11.0.13) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} © O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32} © O42 - Logiciel: DolbyFiles - (.Nero AG.) [HKLM][64Bits] -- {b1adf008-e898-4fe2-8a1f-690d9a06acaf} © O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d} © O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a} © O42 - Logiciel: CyberLink LabelPrint 2.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} © O42 - Logiciel: Intel® PROSet/Wireless Software - (.Intel Corporation.) [HKLM][64Bits] -- {c9967fbd-e3c3-4ed0-992a-5b33260f2944} © O42 - Logiciel: NeroBurningROM - (.Nero AG.) [HKLM][64Bits] -- {d025a639-b9c9-417d-8531-208859000af8} © O42 - Logiciel: Fotoğraf Galerisi - (.Microsoft Corporation.) [HKLM][64Bits] -- {DB7B6508-2AAB-4F26-99D4-74559A2F5E42} © O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B} © O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} © O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff} © O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM][64Bits] -- {F351B64A-0B7B-41B3-9621-C81AB8FD42EB} © O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139} © O42 - Logiciel: 12.0.0.0 - (.Adobe Photoshop CS5 ME by Magic-M.) [HKLM][64Bits] -- {FECB3E96-76A8-45A9-B73C-D7304DE02190}_is1 O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF} © O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] -- 73f463568823ebbe © O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome © O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent ---\\ HKCU & HKLM Software Keys (109) - 5s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\Audible HKLM\SOFTWARE\Wow6432Node\CyberLink HKLM\SOFTWARE\Wow6432Node\Dell HKLM\SOFTWARE\Wow6432Node\Dell Inc. HKLM\SOFTWARE\Wow6432Node\DellBackupandRecovery HKLM\SOFTWARE\Wow6432Node\Golden Al-Wafi Translator HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\GRETECH HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\HD Sentinel HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\Icaros HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Insyde HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\KasperskyLab HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\KMPlayer HKLM\SOFTWARE\Wow6432Node\Lake HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\LogMeInRescueCallingCard HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\mtApService HKLM\SOFTWARE\Wow6432Node\mtSpanplus HKLM\SOFTWARE\Wow6432Node\Nero HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\PC-Doctor HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Reg HKLM\SOFTWARE\Wow6432Node\RocketLife HKLM\SOFTWARE\Wow6432Node\Rtp HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SoftThinks HKLM\SOFTWARE\Wow6432Node\TechSmith HKLM\SOFTWARE\Wow6432Node\Visan HKLM\SOFTWARE\Wow6432Node\Voice HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Wow6432Node HKLM\SOFTWARE\Wow6432Node\zbshareware HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\2aOHlaja HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ATI HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\CyberLink HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\Google HKCU\SOFTWARE\GRETECH HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\HP HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InstallPath HKCU\SOFTWARE\Intel HKCU\SOFTWARE\KasperskyLab HKCU\SOFTWARE\KMPlayer HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\LogMeInRescueCallingCard HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\Nero HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\redsn0w HKCU\SOFTWARE\Reg HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\Rtp HKCU\SOFTWARE\setting HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\ThinkSky HKCU\SOFTWARE\USB Disk Security HKCU\SOFTWARE\Usbfix HKCU\SOFTWARE\Visan HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WTjNtlo HKCU\SOFTWARE\Ye7qrQDxd6tcqgch9P4 HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\ZprUG609 HKCU\SOFTWARE\AppDataLow\Software ---\\ Contents of the Common Files folders (216) - 6s O43 - CFD: 2015/10/15 02:13:19 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2015/10/15 01:39:39 - [] D -- C:\Program Files (x86)\AMD APP O43 - CFD: 2015/08/26 09:49:58 - [] D -- C:\Program Files (x86)\AMD AVT O43 - CFD: 2015/09/18 04:32:19 - [] D -- C:\Program Files (x86)\Apple Software Update O43 - CFD: 2015/08/26 09:52:34 - [] D -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 2015/09/18 04:32:40 - [] D -- C:\Program Files (x86)\Bonjour O43 - CFD: 2015/08/26 01:17:21 - [0] D -- C:\Program Files (x86)\Cisco O43 - CFD: 2015/10/15 01:53:13 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2013/06/05 03:31:37 - [] D -- C:\Program Files (x86)\CyberLink O43 - CFD: 2015/08/26 09:52:34 - [] D -- C:\Program Files (x86)\Dell Backup and Recovery O43 - CFD: 2013/06/05 03:25:07 - [] D -- C:\Program Files (x86)\Dell Digital Delivery O43 - CFD: 2015/09/05 13:34:08 - [] D -- C:\Program Files (x86)\Dell Update O43 - CFD: 2015/08/26 11:34:15 - [] D -- C:\Program Files (x86)\FairStars Audio Converter O43 - CFD: 2015/08/26 12:14:12 - [] D -- C:\Program Files (x86)\Golden Al-Wafi Translator O43 - CFD: 2015/08/26 12:47:01 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2015/08/26 12:04:01 - [] D -- C:\Program Files (x86)\GRETECH O43 - CFD: 2015/10/16 13:19:55 - [] D -- C:\Program Files (x86)\Hard Disk Sentinel O43 - CFD: 2015/09/18 14:49:49 - [] D -- C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 2015/10/22 20:32:11 - [] D -- C:\Program Files (x86)\HP O43 - CFD: 2015/09/18 14:49:44 - [] D -- C:\Program Files (x86)\HP Photo Creations O43 - CFD: 2013/06/05 03:36:51 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2015/08/26 09:49:59 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 2015/10/15 15:46:51 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 2015/09/05 13:34:30 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2015/09/28 11:37:45 - [] D -- C:\Program Files (x86)\iTunes O43 - CFD: 2015/08/26 12:09:00 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 2015/09/05 00:39:13 - [] D -- C:\Program Files (x86)\Kaspersky Lab O43 - CFD: 2015/10/18 19:42:04 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 2015/08/26 11:50:17 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 2015/08/26 11:54:38 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2015/08/26 11:54:34 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 2015/08/26 11:54:34 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 2015/08/26 11:55:31 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 2015/08/26 11:51:15 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 2015/08/26 11:54:34 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/10/17 19:51:11 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/10/17 19:51:11 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2015/08/26 11:33:46 - [] D -- C:\Program Files (x86)\MP3 Cut O43 - CFD: 2015/08/26 11:56:30 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2015/08/26 11:43:04 - [] D -- C:\Program Files (x86)\Nero O43 - CFD: 2015/10/15 02:14:30 - [] D -- C:\Program Files (x86)\Opera O43 - CFD: 2015/08/26 11:45:49 - [] D -- C:\Program Files (x86)\PhotoshopMe O43 - CFD: 2013/06/05 03:17:32 - [] D -- C:\Program Files (x86)\Realtek O43 - CFD: 2015/08/26 21:36:29 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2015/09/28 17:39:31 - [] D -- C:\Program Files (x86)\ReiBoot O43 - CFD: 2015/08/26 11:33:51 - [] D -- C:\Program Files (x86)\Sound Rec O43 - CFD: 2015/09/04 17:46:57 - [] D -- C:\Program Files (x86)\TechSmith O43 - CFD: 2015/09/28 14:05:51 - [] D -- C:\Program Files (x86)\ThinkSky O43 - CFD: 2015/08/26 17:08:05 - [] D -- C:\Program Files (x86)\USB Disk Security O43 - CFD: 2015/07/10 16:13:28 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 2013/06/05 03:39:35 - [] D -- C:\Program Files (x86)\Windows Live O43 - CFD: 2015/07/10 16:13:28 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2015/07/10 16:13:28 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2015/07/10 14:04:26 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 2015/07/10 14:04:22 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2015/07/10 16:13:28 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2015/07/10 14:04:26 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2015/07/10 14:04:22 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2015/07/10 14:04:22 - [] SD -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 2015/10/15 18:31:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2015/07/10 16:16:05 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/07/10 14:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/08/26 11:45:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 ME O43 - CFD: 2015/10/15 01:01:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Computers and Structures O43 - CFD: 2015/08/26 09:52:34 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite O43 - CFD: 2015/09/05 13:34:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 2013/06/05 03:37:29 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Backup and Recovery O43 - CFD: 2015/08/26 09:50:02 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Support Center O43 - CFD: 2015/08/26 11:34:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairStars Audio Converter O43 - CFD: 2015/08/26 12:14:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Golden Al-Wafi Translator O43 - CFD: 2015/08/26 12:04:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player O43 - CFD: 2015/08/26 12:25:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel O43 - CFD: 2015/10/22 20:32:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 2015/08/26 09:52:34 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 2013/06/05 03:23:06 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation O43 - CFD: 2015/09/01 10:36:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2015/09/28 14:05:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTools 3 O43 - CFD: 2015/09/28 11:38:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 2015/08/26 12:09:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 2015/09/05 00:40:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security O43 - CFD: 2015/07/10 14:04:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/10/18 19:42:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 2015/08/26 11:57:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 2015/08/26 11:43:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero O43 - CFD: 2015/08/26 11:57:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 2015/09/04 17:47:07 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 2015/07/10 14:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2015/07/10 16:16:04 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2015/09/04 17:47:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith O43 - CFD: 2015/08/26 12:26:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Security O43 - CFD: 2015/08/26 12:17:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 2015/08/26 12:11:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2015/08/26 12:32:09 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2013/06/05 03:24:59 - [] D -- C:\ProgramData\AMD O43 - CFD: 2015/08/26 12:07:53 - [] D -- C:\ProgramData\Apple O43 - CFD: 2015/09/04 03:59:49 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 2015/07/10 15:21:38 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2015/10/15 20:44:32 - [0] D -- C:\ProgramData\ApplicationHosting O43 - CFD: 2013/06/05 03:26:46 - [] D -- C:\ProgramData\CLSK O43 - CFD: 2015/07/10 14:04:22 - [0] D -- C:\ProgramData\Comms O43 - CFD: 2013/06/05 03:30:53 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 2015/08/26 18:12:41 - [] D -- C:\ProgramData\Dell O43 - CFD: 2015/07/10 15:21:38 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2015/07/10 15:21:38 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2015/08/26 12:04:25 - [] D -- C:\ProgramData\GRETECH O43 - CFD: 2015/10/22 20:23:16 - [] D -- C:\ProgramData\HP O43 - CFD: 2015/09/18 14:49:44 - [] D -- C:\ProgramData\HP Photo Creations O43 - CFD: 2015/09/01 10:36:19 - [0] D -- C:\ProgramData\IDM O43 - CFD: 2013/06/05 03:31:03 - [] D -- C:\ProgramData\install_clap O43 - CFD: 2015/08/26 09:50:00 - [] D -- C:\ProgramData\Intel O43 - CFD: 2015/08/26 01:17:17 - [] D -- C:\ProgramData\Intel.sav O43 - CFD: 2015/10/22 20:32:00 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 2015/10/18 19:42:02 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 2015/09/05 17:06:21 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2015/10/15 17:22:23 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2015/08/26 20:14:19 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 2015/08/26 12:02:40 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2015/08/26 11:41:59 - [] D -- C:\ProgramData\Nero O43 - CFD: 2015/08/26 01:16:16 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2013/06/05 03:25:15 - [] D -- C:\ProgramData\PC-Doctor for Windows O43 - CFD: 2015/08/25 21:12:59 - [] D -- C:\ProgramData\PCDr O43 - CFD: 2015/08/26 09:50:02 - [] D -- C:\ProgramData\PRICache O43 - CFD: 2015/07/10 16:16:04 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 2013/06/05 03:18:58 - [] D -- C:\ProgramData\Roaming O43 - CFD: 2015/10/15 01:03:39 - [] D -- C:\ProgramData\SafeNet Sentinel O43 - CFD: 2015/10/10 22:48:01 - [] D -- C:\ProgramData\Skype O43 - CFD: 2015/09/05 13:37:20 - [] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 2015/07/10 15:21:38 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2015/09/04 17:47:00 - [] D -- C:\ProgramData\TechSmith O43 - CFD: 2013/06/05 03:31:37 - [] D -- C:\ProgramData\Temp O43 - CFD: 2015/07/10 15:21:38 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2015/09/28 14:05:59 - [] D -- C:\ProgramData\ThinkSky O43 - CFD: 2015/07/10 15:22:45 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 2015/07/10 15:22:45 - [] D -- C:\ProgramData\USOShared O43 - CFD: 2015/09/18 14:49:44 - [] D -- C:\ProgramData\Visan O43 - CFD: 2015/10/15 01:00:04 - [] D -- C:\ProgramData\{E025057D-AA5C-4FA1-BD39-C59AF6AD52AB} O43 - CFD: 2015/08/31 15:41:10 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2015/09/28 11:20:26 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 2013/06/05 03:24:58 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 2013/06/05 03:28:12 - [] D -- C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 2015/09/04 03:08:52 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2015/08/26 10:37:37 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 2013/06/05 03:25:06 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 2015/09/04 03:01:18 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 2015/08/26 11:43:19 - [] D -- C:\Program Files (x86)\Common Files\Nero O43 - CFD: 2013/06/05 03:17:05 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 2015/07/10 14:04:26 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2015/10/15 02:11:58 - [] D -- C:\Program Files (x86)\Common Files\SingleRemplus O43 - CFD: 2015/09/01 00:58:13 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2013/06/05 03:38:43 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 2015/08/30 09:05:18 - [] D -- C:\Users\DELL\AppData\Roaming\Adobe O43 - CFD: 2015/09/12 00:53:38 - [] D -- C:\Users\DELL\AppData\Roaming\Apple Computer O43 - CFD: 2015/08/25 20:02:18 - [] D -- C:\Users\DELL\AppData\Roaming\ATI O43 - CFD: 2015/10/22 18:33:41 - [] D -- C:\Users\DELL\AppData\Roaming\DMCache O43 - CFD: 2015/08/26 12:04:16 - [] D -- C:\Users\DELL\AppData\Roaming\GRETECH O43 - CFD: 2015/08/29 17:18:08 - [] D -- C:\Users\DELL\AppData\Roaming\Hard Disk Sentinel O43 - CFD: 2015/09/26 12:48:04 - [] D -- C:\Users\DELL\AppData\Roaming\HpUpdate O43 - CFD: 2015/10/15 14:54:55 - [] D -- C:\Users\DELL\AppData\Roaming\IDM O43 - CFD: 2015/08/25 20:00:33 - [] D -- C:\Users\DELL\AppData\Roaming\Intel O43 - CFD: 2015/08/25 20:03:15 - [] D -- C:\Users\DELL\AppData\Roaming\Intel Corporation O43 - CFD: 2015/08/29 19:36:58 - [] D -- C:\Users\DELL\AppData\Roaming\Macromedia O43 - CFD: 2015/10/04 19:48:26 - [] SD -- C:\Users\DELL\AppData\Roaming\Microsoft O43 - CFD: 2015/08/29 19:30:12 - [] D -- C:\Users\DELL\AppData\Roaming\Mozilla O43 - CFD: 2015/09/01 11:20:00 - [] D -- C:\Users\DELL\AppData\Roaming\MPC-HC O43 - CFD: 2015/10/15 02:14:25 - [0] D -- C:\Users\DELL\AppData\Roaming\Opera Software O43 - CFD: 2015/09/28 14:29:30 - [] D -- C:\Users\DELL\AppData\Roaming\redsn0w O43 - CFD: 2015/10/10 22:47:45 - [] D -- C:\Users\DELL\AppData\Roaming\Skype O43 - CFD: 2015/10/15 05:18:25 - [] D -- C:\Users\DELL\AppData\Roaming\uTorrent O43 - CFD: 2015/09/04 04:09:09 - [] D -- C:\Users\DELL\AppData\Roaming\vlc O43 - CFD: 2015/08/30 10:31:00 - [] D -- C:\Users\DELL\AppData\Roaming\WinRAR O43 - CFD: 2015/08/26 12:32:15 - [] D -- C:\Users\DELL\AppData\Roaming\Zbshareware Lab O43 - CFD: 2015/10/22 20:34:29 - [] D -- C:\Users\DELL\AppData\Roaming\ZHP O43 - CFD: 2015/08/30 09:05:18 - [] D -- C:\Users\DELL\AppData\Local\Adobe O43 - CFD: 2015/08/26 12:08:00 - [] D -- C:\Users\DELL\AppData\Local\Apple O43 - CFD: 2015/08/26 12:11:18 - [] D -- C:\Users\DELL\AppData\Local\Apple Computer O43 - CFD: 2015/08/26 09:48:59 - [0] SHD -- C:\Users\DELL\AppData\Local\Application Data O43 - CFD: 2015/08/26 17:14:25 - [] D -- C:\Users\DELL\AppData\Local\Apps O43 - CFD: 2015/09/04 17:49:29 - [] D -- C:\Users\DELL\AppData\Local\assembly O43 - CFD: 2015/08/25 20:02:18 - [] D -- C:\Users\DELL\AppData\Local\ATI O43 - CFD: 2015/09/11 23:47:57 - [] D -- C:\Users\DELL\AppData\Local\Comms O43 - CFD: 2015/10/15 01:05:50 - [] D -- C:\Users\DELL\AppData\Local\Computers and Structures O43 - CFD: 2015/09/28 11:21:27 - [] D -- C:\Users\DELL\AppData\Local\CrashDumps O43 - CFD: 2015/08/26 17:22:51 - [0] D -- C:\Users\DELL\AppData\Local\Deployment O43 - CFD: 2015/10/01 12:09:10 - [] D -- C:\Users\DELL\AppData\Local\Google O43 - CFD: 2015/08/26 09:48:59 - [0] SHD -- C:\Users\DELL\AppData\Local\History O43 - CFD: 2015/10/22 20:23:30 - [] D -- C:\Users\DELL\AppData\Local\HP O43 - CFD: 2015/08/31 14:33:51 - [] D -- C:\Users\DELL\AppData\Local\Macromedia O43 - CFD: 2015/10/21 14:06:37 - [] D -- C:\Users\DELL\AppData\Local\Microsoft O43 - CFD: 2015/10/04 19:48:25 - [] D -- C:\Users\DELL\AppData\Local\Microsoft Help O43 - CFD: 2015/08/29 19:36:51 - [] D -- C:\Users\DELL\AppData\Local\MicrosoftEdge O43 - CFD: 2015/08/29 19:36:13 - [] D -- C:\Users\DELL\AppData\Local\Mozilla O43 - CFD: 2015/08/26 17:51:52 - [0] D -- C:\Users\DELL\AppData\Local\NetworkTiles O43 - CFD: 2015/10/15 02:14:25 - [0] D -- C:\Users\DELL\AppData\Local\Opera Software O43 - CFD: 2015/09/18 00:27:43 - [] D -- C:\Users\DELL\AppData\Local\Packages O43 - CFD: 2015/08/25 20:01:35 - [] D -- C:\Users\DELL\AppData\Local\Power2Go8 O43 - CFD: 2015/08/26 12:04:12 - [] D -- C:\Users\DELL\AppData\Local\Programs O43 - CFD: 2015/08/26 20:12:34 - [] D -- C:\Users\DELL\AppData\Local\Publishers O43 - CFD: 2015/08/26 12:15:08 - [] D -- C:\Users\DELL\AppData\Local\Skype O43 - CFD: 2015/08/25 20:07:42 - [] D -- C:\Users\DELL\AppData\Local\softthinks O43 - CFD: 2015/09/04 17:46:57 - [] D -- C:\Users\DELL\AppData\Local\TechSmith O43 - CFD: 2015/10/22 20:34:15 - [] D -- C:\Users\DELL\AppData\Local\Temp O43 - CFD: 2015/08/26 09:48:59 - [0] SHD -- C:\Users\DELL\AppData\Local\Temporary Internet Files O43 - CFD: 2015/08/26 20:11:13 - [] D -- C:\Users\DELL\AppData\Local\TileDataLayer O43 - CFD: 2015/08/25 20:00:47 - [0] D -- C:\Users\DELL\AppData\Local\VirtualStore O43 - CFD: 2015/07/10 14:04:26 - [] RD -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2015/08/26 20:11:11 - [] RD -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/10/15 18:36:01 - [] RD -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/08/26 17:14:57 - [] D -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 2015/08/26 12:13:49 - [] D -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2015/09/01 10:36:16 - [] D -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2015/07/10 14:04:26 - [] D -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/10/22 20:32:02 - [] RD -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2015/07/10 14:04:26 - [] RD -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2015/09/04 04:08:06 - [] D -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer O43 - CFD: 2015/07/10 14:04:45 - [] RSD -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell O43 - CFD: 2015/08/26 12:11:12 - [] D -- C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Latest files created in Prefetcher (1) - 8s O45 - LFCP:[MD5.15B59636676825AEC3701FB071CE9294] 2015/10/15 01:33:31 A -- C:\WINDOWS\Prefetch\GLOBALUPDATE.EXE-C50783D1.pf =>PUP.Optional.GlobalUpdate ---\\ ShellIconOverlayIdentifiers (SIOI) (10) - 1s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\DELL\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll © O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\DELL\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll © O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\DELL\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll © O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\DELL\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll © O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\DELL\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll © O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL © O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL © O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL © O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL © O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL © ---\\ System Drivers List (81) - 6s O58 - SDL:2015/07/10 13:59:38 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] © O58 - SDL:2015/07/10 13:59:38 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] © O58 - SDL:2015/08/26 10:31:59 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\WINDOWS\System32\drivers\amdkmpfd.sys [82696] © O58 - SDL:2015/07/10 13:59:38 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] © O58 - SDL:2015/07/10 13:59:38 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] © O58 - SDL:2015/07/10 13:59:38 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] © O58 - SDL:2012/11/13 18:22:16 A . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® + High.) -- C:\WINDOWS\System32\drivers\amppal.sys [156160] © O58 - SDL:2015/07/10 13:59:38 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] © O58 - SDL:2015/08/26 10:32:09 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [21629472] © O58 - SDL:2015/08/26 10:32:09 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [680992] © O58 - SDL:2015/07/10 13:59:38 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624] © O58 - SDL:2013/10/15 10:42:24 A . (.Motorola Solutions, Inc. - Bluetooth Filter Driver.) -- C:\WINDOWS\System32\drivers\btmhsf.sys [1390904] © O58 - SDL:2015/07/10 13:59:38 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] © O58 - SDL:2012/06/25 20:24:50 A . (.CyberLink - It is a virtual device driver which could c.) -- C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [92536] © O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\WINDOWS\System32\drivers\cm_km.sys [389816] © O58 - SDL:2015/07/10 13:59:38 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] © O58 - SDL:2012/07/03 02:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] © O58 - SDL:2015/07/10 13:59:38 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] © O58 - SDL:2015/07/10 13:59:36 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] © O58 - SDL:2015/07/10 13:59:36 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608] © O58 - SDL:2012/12/05 02:50:56 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [652344] © O58 - SDL:2015/07/10 13:59:38 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] © O58 - SDL:2015/07/10 13:59:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] © O58 - SDL:2015/07/10 13:59:39 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] © O58 - SDL:2013/10/15 10:42:10 A . (.Intel Corporation - Intel(R) Centrino(R) Wireless (Bluetooth Ad.) -- C:\WINDOWS\System32\drivers\iBtFltCoex.sys [69088] © O58 - SDL:2015/06/12 05:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [197616] © O58 - SDL:2015/10/14 18:11:15 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3797424] © O58 - SDL:2015/08/21 11:50:48 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] © O58 - SDL:2015/07/20 22:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50240] © O58 - SDL:2015/07/20 22:45:04 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38976] © O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] © O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [53432] © O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [70512] © O58 - SDL:2015/06/06 08:51:00 A . (.Kaspersky Lab ZAO - Virtual Disk [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kldisk.sys [68280] © O58 - SDL:2015/06/24 01:28:32 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [30328] © O58 - SDL:2015/10/20 19:17:34 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [181640] O58 - SDL:2015/10/20 19:15:57 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [227512] O58 - SDL:2015/10/20 19:17:35 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [925064] O58 - SDL:2015/06/11 19:35:38 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [39608] © O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [41656] © O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [41656] © O58 - SDL:2015/09/26 13:43:27 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [41352] O58 - SDL:2015/10/20 19:17:36 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [87944] © O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [102584] © O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kneps.sys [187056] © O58 - SDL:2015/07/10 13:59:38 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] © O58 - SDL:2015/07/10 13:59:38 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] © O58 - SDL:2015/07/10 13:59:38 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] © O58 - SDL:2015/07/10 13:59:38 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] © O58 - SDL:2015/10/05 09:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [25816] © O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [109272] © O58 - SDL:2015/10/18 21:06:12 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216] © O58 - SDL:2015/07/10 13:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] © O58 - SDL:2015/07/10 13:59:39 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] © O58 - SDL:2015/07/10 13:59:39 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] © O58 - SDL:2015/07/10 13:59:39 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] © O58 - SDL:2015/10/05 09:50:22 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [64216] © O58 - SDL:2015/07/10 13:59:39 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] © O58 - SDL:2015/07/10 13:59:36 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\System32\drivers\NETwew01.sys [3354384] © O58 - SDL:2015/07/10 13:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] © O58 - SDL:2015/07/10 13:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] © O58 - SDL:2015/07/10 13:59:39 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] © O58 - SDL:2015/07/10 13:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] © O58 - SDL:2015/07/10 13:59:39 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [587264] © O58 - SDL:2012/11/28 08:52:20 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4222096] © O58 - SDL:2012/06/15 11:50:46 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\WINDOWS\System32\drivers\RtsUVStor.sys [315536] © O58 - SDL:2015/07/10 13:59:39 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] © O58 - SDL:2015/07/10 13:59:39 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] © O58 - SDL:2012/12/21 10:24:00 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28040] © O58 - SDL:2012/12/21 10:24:02 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [32136] © O58 - SDL:2015/07/10 13:59:39 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] © O58 - SDL:2012/12/21 10:24:02 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [466824] © O58 - SDL:2012/05/30 23:10:50 A . (.Intel(R) Corporation - TurboB Device Driver.) -- C:\WINDOWS\System32\drivers\TurboB.sys [16168] © O58 - SDL:2015/07/10 13:59:48 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032] O58 - SDL:2012/10/10 04:48:48 A . (.Windows (R) Win 7 DDK provider - usb3hub.sys.) -- C:\WINDOWS\System32\drivers\usb3Hub.sys [47072] © O58 - SDL:2015/06/10 22:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] © O58 - SDL:2015/07/10 13:59:39 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] © O58 - SDL:2015/07/10 13:59:39 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] © O58 - SDL:2015/07/10 13:59:39 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] © O58 - SDL:2015/07/10 13:59:39 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] © O58 - SDL:2012/10/10 04:48:48 A . (.Windows (R) Win 7 DDK provider - xHCIport.sys.) -- C:\WINDOWS\System32\drivers\xHCIPort.sys [188896] © ---\\ Last modified or created user files (27) - 19s O61 - LFC: 2015/10/15 16:18:21 A . (..) -- C:\Users\DELL\Downloads\Programs\avira_internet_security_en.exe [210983800] O61 - LFC: 2015/10/22 20:22:01 A . (..) -- C:\Users\DELL\Downloads\Programs\DJ2540_188.exe [106859936] O61 - LFC: 2015/10/22 18:33:41 A . (..) -- C:\Users\DELL\AppData\Local\TechSmith\Snagit\Tray.bin [3768] O61 - LFC: 2015/10/18 21:04:06 A . (..) -- C:\Users\DELL\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [14632] O61 - LFC: 2015/10/17 19:56:24 A . (..) -- C:\Users\DELL\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635806931140836907.bin [39420] O61 - LFC: 2015/10/15 01:51:04 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\LVZJJ2E6\Bundle_CPUminer[1].exe [116616] O61 - LFC: 2015/10/15 01:34:44 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\LVZJJ2E6\installer[1].exe [1957976] O61 - LFC: 2015/10/15 01:49:58 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\LVZJJ2E6\setup[2].exe [1998408] O61 - LFC: 2015/10/15 01:39:54 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\LVZJJ2E6\VOPackage[1].exe [869555] =>PUP.Optional.Downware O61 - LFC: 2015/10/15 01:51:45 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\LVZJJ2E6\VuuPC_VO2_8907[1].exe [228627] =>PUP.Optional.VuuPC O61 - LFC: 2015/10/15 01:41:09 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\IY050298\runasu[1].exe [180736] O61 - LFC: 2015/10/15 01:55:56 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\IY050298\SearchUpdater[1].exe [225499] O61 - LFC: 2015/10/15 01:51:21 A . (.Cinema PlusV14.10.) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\IY050298\setup[1].exe [14334520] =>PUP.Optional.CrossRider O61 - LFC: 2015/10/15 01:56:12 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\EUDGXO99\4bbda52393b575e64d530bd478a6717b[1].exe [61849] O61 - LFC: 2015/10/15 01:55:47 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\EUDGXO99\cmmdWriter[2].exe [41138] O61 - LFC: 2015/10/15 01:40:46 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\EUDGXO99\jFw3w[1].exe [845312] O61 - LFC: 2015/10/15 01:52:07 A . (.systweak.com.) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\EUDGXO99\rcpsetup_17970[1].exe [4445480] O61 - LFC: 2015/10/15 01:50:20 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\BCUS1CD8\installer[1].exe [1965128] O61 - LFC: 2015/10/15 01:40:38 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\BCUS1CD8\JOSrv[1].exe [227328] O61 - LFC: 2015/10/15 01:51:31 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\BCUS1CD8\policyname[1].exe [56529] O61 - LFC: 2015/10/15 01:51:28 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\BCUS1CD8\setup[1].exe [430256] O61 - LFC: 2015/10/15 01:56:18 A . (..) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\BCUS1CD8\setup_362[1].exe [254464] O61 - LFC: 2015/10/15 01:55:45 A . (.Copyright 2013.) -- C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\BCUS1CD8\Validate[1].exe [61981] O61 - LFC: 2015/10/16 12:32:24 A . (..) -- C:\Users\DELL\AppData\Local\Google\Update\Install\{D2FA853B-82D4-4033-A602-86DEEDE03C4C}\46.0.2490.71_45.0.2454.101_chrome_updater.exe [9064016] O61 - LFC: 2015/10/16 12:32:24 A . (..) -- C:\Users\DELL\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\46.0.2490.71\46.0.2490.71_45.0.2454.101_chrome_updater.exe [9064016] O61 - LFC: 2015/10/15 05:15:18 A . (..) -- C:\Users\DELL\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082] O61 - LFC: 2015/10/15 05:20:40 A . (..) -- C:\Users\DELL\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [106625] ---\\ File Associations Shell Spawning (11) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © ---\\ Start Menu Internet (8) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © ---\\ Search Browser Infection (2) - 3s O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com/ O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ ---\\ Search Svchost Services (41) - 0s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1335296] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [954368] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [954880] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [93696] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [106496] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [1008640] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [226304] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [133120] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324608] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [371200] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [95744] © O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2093056] © O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [196096] © O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167424] © O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [187392] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [679936] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [497152] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [72192] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [452608] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2236416] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1168896] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [593920] © O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [63488] © O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1149440] © O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1019392] © O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [343040] © O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [717312] © O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] © O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [267776] © O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [918016] © O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1010176] © O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [359936] © O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [237568] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [58368] © ---\\ Firewall Active Exception List (8) - 1s O87 - FAEL: "{A59D28BD-D81B-42D3-B512-52A214AA8812}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (.not file.) O87 - FAEL: "{9D0E8097-C566-456D-8814-C4F4FE046092}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.) O87 - FAEL: "{36083B94-D3B3-443A-8BF4-F0063825C392}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.) O87 - FAEL: "{EB667F66-2C29-4587-960A-E199FB3B757D}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe (.not file.) O87 - FAEL: "{12ACC0D9-FAF3-43E3-9524-68271CEEC0DB}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe (.not file.) =>PUP.Optional.StartSearch O87 - FAEL: "{22C9D884-F7C1-4912-B647-B5BF28E5E3CA}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe (.not file.) =>PUP.Optional.StartSearch O87 - FAEL: "TCP Query User{306BD9EB-7C2F-4FE9-BE5D-288C68DB25E9}C:\users\dell\appdata\roaming\utorrent\utorrent.exe" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\users\dell\appdata\roaming\utorrent\utorrent.exe O87 - FAEL: "UDP Query User{8A975D37-277F-4BA6-BE1C-6F894D42C136}C:\users\dell\appdata\roaming\utorrent\utorrent.exe" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\users\dell\appdata\roaming\utorrent\utorrent.exe ---\\ Services not Microsoft (SR=Run, SS=Stop) (23) - 13s SR - Auto [2015/09/14 09:25:38] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © SS - Demand [2015/10/20 16:28:44] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe © SR - Auto [2009/11/18 05:14:26] [ 98208] Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe © SR - Auto [2015/08/26 10:32:08] [ 263200] (AMD External Events Utility) . (.AMD.) - C:\WINDOWS\system32\atiesrxx.exe © SR - Auto [2015/09/02 17:10:18] [ 77104] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe © SR - Auto [2015/09/05 11:29:02] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe © SR - Auto [2015/08/12 16:03:42] [ 462096] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe © SS - Demand [2015/10/14 18:11:18] [ 291744] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe © SS - Auto [2013/03/14 00:33:30] [ 187912] Dell Digital Delivery Service (DellDigitalDelivery) . (.Dell Products, LP..) - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe © SR - Auto [2012/11/19 22:15:20] [ 14904] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe © SR - Auto [2015/10/14 18:11:16] [ 330136] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\WINDOWS\system32\igfxCUIService.exe © SR - Auto [2012/04/21 00:16:12] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe © SR - Demand [2015/09/23 20:54:04] [ 644880] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe © SR - Auto [2012/07/18 04:10:16] [ 165760] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe © SR - Auto [2012/07/18 04:10:30] [ 276864] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe © SS - Auto [2015/10/05 09:48:46] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe © SS - Demand [2015/10/16 10:21:08] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe © SR - Auto [2012/04/25 05:43:48] [ 254512] Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Copyright 2004.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe SR - Auto [2012/11/24 00:49:18] [ 201872] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe © SS - Demand [2012/05/30 23:11:34] [ 149544] Intel(R) Turbo Boost Technology Monitor 2.6 (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe © SR - Auto [2012/07/18 04:10:32] [ 364416] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe © SS - Demand [2015/07/09 00:02:50] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe ---\\ Additional Scan (O88) (17) - 0s HKLM\SYSTEM\CurrentControlSet\Services\KMService =>PUP.Optional.Office HKCU\SOFTWARE\2aOHlaja =>PUP.Optional.CrossRider HKCU\SOFTWARE\WTjNtlo =>PUP.Optional.CrossRider HKCU\SOFTWARE\Ye7qrQDxd6tcqgch9P4 =>PUP.Optional.CrossRider HKCU\SOFTWARE\ZprUG609 =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\2aOHlaja.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\WTjNtlo.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\Ye7qrQDxd6tcqgch9P4.job =>PUP.Optional.CrossRider C:\WINDOWS\Tasks\ZprUG609.job =>PUP.Optional.CrossRider C:\WINDOWS\System32\Tasks\2aOHlaja =>PUP.Optional.CrossRider C:\WINDOWS\System32\Tasks\WTjNtlo =>PUP.Optional.CrossRider C:\WINDOWS\System32\Tasks\Ye7qrQDxd6tcqgch9P4 =>PUP.Optional.CrossRider C:\WINDOWS\System32\Tasks\ZprUG609 =>PUP.Optional.CrossRider C:\WINDOWS\Prefetch\GLOBALUPDATE.EXE-C50783D1.pf =>PUP.Optional.GlobalUpdate C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\LVZJJ2E6\VOPackage[1].exe =>PUP.Optional.Downware C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\LVZJJ2E6\VuuPC_VO2_8907[1].exe =>PUP.Optional.VuuPC C:\Users\DELL\AppData\Local\Microsoft\Windows\INetCache\IE\IY050298\setup[1].exe =>PUP.Optional.CrossRider ---\\ Summary of the elements found (7) - 0s http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser http://www.nicolascoolman.fr/hijacker-office/ =>PUP.Optional.Office http://www.nicolascoolman.fr/pup-crossrider/ =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/pup-globalupdate/ =>PUP.Optional.GlobalUpdate http://www.nicolascoolman.fr/adware-downware/ =>PUP.Optional.Downware http://www.nicolascoolman.fr/pup-vuupc/ =>PUP.Optional.VuuPC http://www.nicolascoolman.fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch ~ End of the scan, 43028 items in 149 seconds (952)(0)()