~ ZHPDiag v2016.2.2.24 By Nicolas Coolman (2016/02/02) ~ Run by Sami (Administrator) (2016/02/03 08:22:57) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Sami\Desktop\ZHPDiag.txt ~ Report: C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Pro, 64-bit (Build 10586) ---\\ Internet Browsers (1) - 0s MSIE: Internet Explorer v11.20.10586.0 ---\\ Windows Product Information (3) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (2) - 4s Kaspersky Internet Security v16.0.0.614 Windows Defender (Deactivate) ---\\ Surveillance software (2) - 5s Adobe Flash Player 20 NPAPI Adobe Acrobat Reader DC - Français ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 4027.26 MB (44% free) System Restore: Activé (Enable) System drive C: has 55 GB () free of 99 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: LUJAIN ~ User Name: Sami ~ Logged in as Administrator ---\\ Enumeration of the disk units (2) - 0s ~ Drive C: has 55 GB free of 99 GB (System) ~ Drive D: has 122 GB free of 205 GB ---\\ State of the Windows Security Center (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (24) - 1s [MD5.4572EB3DDBD2DFA10DE7A037A6CC6D53] - 30/10/2015 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4502864] =>.Microsoft Windows® [MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation [MD5.CAD491DD9EC00BB841EA407D9C498C4A] - 30/10/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [290856] =>.Microsoft Windows Publisher® [MD5.AB4C1A9F37C0B8467AC923ED4AD727D6] - 22/11/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2647552] =>.Microsoft Corporation [MD5.46C8E60DEDBDA95C102D1B2E74676578] - 30/10/2015 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [584704] =>.Microsoft Corporation [MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation [MD5.E7B524818100B0FDE2B057C74B0C0DCD] - 30/10/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [686984] =>.Microsoft Windows® [MD5.2796C0957F6F05A528DD64B8591371B6] - 30/10/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535088] =>.Microsoft Windows® [MD5.70148EFA9A562E7185B75BBE7D376BF7] - 05/11/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows® [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows® [MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation [MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation [MD5.C9478D7DB7BE5D7ACE65CB1167F07320] - 30/10/2015 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation [MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation [MD5.61F9F27A8C3D7BCD287FE98A440421CE] - 30/10/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows® [MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - 30/10/2015 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279552] =>.Microsoft Corporation [MD5.EFEFC245B884B1BE0401931398DCD707] - 01/12/2015 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152800] =>.Microsoft Windows® [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation [MD5.381B8F2311A0375676B635EA5E7C8AB0] - 30/10/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 05/11/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows® [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (16) - 13s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe =>.ASUS Cloud Corporation O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab® O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014 - .) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.® O23 - Service: NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe =>.Nitro PDF Software® O23 - Service: NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe =>.Nitro PDF Software® O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\Windows\SysWOW64\NLSSRV32.EXE =>.Nitro PDF Software® O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealTimes Desktop Service.) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.® O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe =>.RealNetworks, Inc.® O23 - Service: RealTimes Desktop Service (RealTimes Desktop Service) . (.RealNetworks, Inc. - RealTimes Desktop Service.) - c:\program files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.® O23 - Service: Service KMSELDI (Service KMSELDI) . (.@ByELDI - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: SMART Helper Service (SMARTHelperService) . (.SMART Technologies - SMART Helper Service For Windows.) - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD® O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated® ---\\ Services not Microsoft (SR=Run, SS=Stop) (22) - 80s SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [20/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [31/05/2015] [ 71168] Asus WebStorage Windows Service (Asus WebStorage Windows Service) . (.ASUS Cloud Corporation.) - C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe =>.ASUS Cloud Corporation SR - Auto [02/02/2016] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab® SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® SS - Demand [26/01/2015] [ 1074480] FlexNet Licensing Service (FlexNet Licensing Service) . (.Flexera Software LLC.) - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe =>.Flexera Software LLC® SS - Demand [26/01/2015] [ 1484080] FlexNet Licensing Service 64 (FlexNet Licensing Service 64) . (.Flexera Software LLC.) - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe =>.Flexera Software LLC® SR - Auto [20/08/2014] [ 242256] Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014.) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.® SR - Auto [16/07/2014] [ 230920] NitroPDFDriverCreatorReadSpool9 (NitroDriverReadSpool9) . (.Nitro PDF Software.) - C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe =>.Nitro PDF Software® SR - Auto [16/07/2014] [ 417800] NitroUpdateService (NitroUpdateService) . (...) - C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe =>.Nitro PDF Software® SR - Auto [16/07/2014] [ 69640] Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\NLSSRV32.EXE =>.Nitro PDF Software® SS - Auto [21/09/2015] [ 1103656] RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc..) - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.® SR - Auto [16/09/2015] [ 33088] RealPlayer Update Service (RealPlayerUpdateSvc) . (...) - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe =>.RealNetworks, Inc.® SS - Auto [21/09/2015] [ 1103656] RealTimes Desktop Service (RealTimes Desktop Service) . (.RealNetworks, Inc..) - c:\program files (x86)\Real\realplayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.® SR - Auto [27/09/2015] [ 739520] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico SS - Demand [18/04/2013] [ 737616] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe =>.Nokia® SS - Auto [11/12/2014] [ 315496] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [09/12/2014] [ 695600] SMART Helper Service (SMARTHelperService) . (.SMART Technologies.) - C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies SR - Auto [21/05/2015] [ 743688] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe =>.DEVGURU CO LTD® SR - Auto [11/09/2015] [ 246472] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated® SS - Demand [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe =>.Kaspersky Lab® ---\\ Task Planned Automatically (28) - 6s [MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] =>.Adobe Systems, Incorporated® [MD5.295A5BFCE8D225D014DB4E6E69336279] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated® [MD5.582F07F389C28CE5A511269AF927F0A3] [APT] [AutoKMS] (.CODYQX4.) -- C:\Windows\AutoKMS\AutoKMS.exe [5196288] =>HackTool.AutoKMS [MD5.EBF9EE1FD3CAF93596208A4EF1A5B942] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [740032] =>HackTool.KMSpico [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core] (.Facebook Inc..) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] =>.Facebook, Inc.® [MD5.00000000000000000000000000000000] [APT] [IBUpd2] (...) -- C:\Users\Sami\AppData\Local\BrowserAir\47.0.0.3\updater.exe (.not file.) [0] =>PUP.Optional.BrowserAir [MD5.A6FB0D5DE6EA45EE92FE58987E038D5E] [APT] [RealDownloader Update Check] (.Copyright © RealNetworks, Inc. 1995-2012.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [598800] =>.RealNetworks, Inc.® [MD5.7FDBA5B219A14E4EF5A422A0E97E237A] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [342824] =>.RealNetworks, Inc.® [MD5.CC2B620248A8C8712ED2979E209959CC] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [143624] =>.RealNetworks, Inc.® [MD5.CC2B620248A8C8712ED2979E209959CC] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001] (.RealNetworks, Inc..) -- C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [143624] =>.RealNetworks, Inc.® [MD5.5D6E251C20366D498E0D6BCFB38A622E] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648] =>.Synaptics Incorporated® [MD5.00000000000000000000000000000000] [APT] [{77CE527D-EC62-44B1-98AE-4EF84420BF16}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{EBDD6B4D-1A4E-4C3B-8B74-C4D2781989E6}] (...) -- c:\program files (x86)\mozilla firefox\firefox.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] =>.Apple Inc.® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated O39 - APT: FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core.job [916] =>.Facebook Inc. O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job [264] =>.Synaptics Incorporated O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [3972] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3816] =>.Adobe Systems Incorporated O39 - APT: AutoKMS - (.CODYQX4.) -- C:\WINDOWS\System32\Tasks\AutoKMS [3808] =>HackTool.AutoKMS O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3456] =>HackTool.KMSpico O39 - APT: FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core - (.Facebook Inc..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3690107929-2776208281-3965692235-1001Core [3300] =>.Facebook Inc. O39 - APT: IBUpd2 - (...) -- C:\WINDOWS\System32\Tasks\IBUpd2 [3302] (.Orphean.) =>PUP.Optional.BrowserAir O39 - APT: RealDownloader Update Check - (.Copyright © RealNetworks, Inc. 1995-2012.) -- C:\WINDOWS\System32\Tasks\RealDownloader Update Check [2496] O39 - APT: RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [2676] =>.RealNetworks, Inc. O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [2528] =>.RealNetworks, Inc. O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 - (.RealNetworks, Inc..) -- C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3690107929-2776208281-3965692235-1001 [3602] =>.RealNetworks, Inc. O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements [2254] =>.Synaptics Incorporated ---\\ Process running (30) - 4s [MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1884] =>.Adobe Systems, Incorporated® [MD5.133F82B6391F3390BECFA429C23FB2BE] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) -- C:\Windows\System32\Crypserv.exe [122880] [PID.1952] [MD5.50C3C62FFE6337E6E4F2F01CB07DF63C] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000] [PID.1984] =>.Kaspersky Lab® [MD5.0E04ABFDF6A48FE6B2BFEF37B858FFE9] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.EXE [69640] [PID.1352] =>.Nitro PDF Software® [MD5.2EF9F9A28CA7E0B5601ACF3FC7B78965] - (...) -- C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [417800] [PID.1584] =>.Nitro PDF Software® [MD5.0FFFFF9ED9392A7A925B4EA70C43C874] - (.@ByELDI - Service_KMS.) -- C:\Program Files\KMSpico\Service_KMS.exe [739520] [PID.1748] =>HackTool.KMSpico [MD5.EA5EC8EA51F9214B3175BDA3B2724D96] - (...) -- C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088] [PID.1808] =>.RealNetworks, Inc.® [MD5.57BECA30181C7948B7D506EC81FD5EEC] - (.Nitro PDF Software - Nitro PDF Spool Service.) -- C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920] [PID.1844] =>.Nitro PDF Software® [MD5.AED1BB51CAB8A180DEAC27350DA4935F] - (.SMART Technologies - SMART Helper Service For Windows.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [695600] [PID.2056] {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies [MD5.E1415A51EFD0FB87649954C76BEE32D9] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.2152] =>.Synaptics Incorporated® [MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.2208] =>.DEVGURU CO LTD® [MD5.53D6A8E4BAA773E1E628EF3A68413CD2] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\AsusWSWinService.exe [71168] [PID.2260] =>.ASUS Cloud Corporation [MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.2284] =>.WIBU-SYSTEMS AG® [MD5.533AA4A69EE91B1C53910EF57E314DEF] - (.Copyright (C) 2014 - .) -- C:\ProgramData\MobileBrServ\mbbservice.exe [242256] [PID.2364] =>.Huawei Technologies Co., Ltd.® [MD5.932A21CF0DA4E951C7C4A62D27E6D8FB] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe [211712] [PID.4840] =>.Kaspersky Lab® [MD5.5D6E251C20366D498E0D6BCFB38A622E] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648] [PID.4956] =>.Synaptics Incorporated® [MD5.35E28307F14F9CFDF40376F344E79562] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [210120] [PID.3596] =>.Synaptics Incorporated® [MD5.904CA475F6ADD4080B0EA5144D23FDF1] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe [144384] [PID.4916] [MD5.CC436BB2A26391F3DEBE316F6FB0474F] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008] [PID.5340] =>.Microsoft Corporation® [MD5.BA4177E3E3E0B3296C1579135CCEBBB6] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\lsas.exe [557184] [PID.6252] =>.Superfluous.Guangxi [MD5.B262FD3ACE0042E4C71FE95379D82F1A] - (.RealNetworks, Inc. - RealTimes Service UI.) -- C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe [1217320] [PID.6472] =>.RealNetworks, Inc.® [MD5.4A9F609B4120F616D44D087EBC462A3B] - (.Joyent, Inc - Evented I/O for V8 JavaScript.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\SBWDKService.exe [5794304] [PID.6552] =>.Joyent, Inc [MD5.A6FB0D5DE6EA45EE92FE58987E038D5E] - (.Copyright © RealNetworks, Inc. 1995-2012 - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [598800] [PID.6604] =>.RealNetworks, Inc.® [MD5.4557929F118EBE411F22C7E6014596D5] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\auds.exe [208512] [PID.7052] =>.Superfluous.Guangxi [MD5.B074BCA3C38CD75CBB45D7B00018B55F] - (...) -- C:\Program Files (x86)\t_201601241301\201601241301\tslog.exe [193152] [PID.7064] =>.Superfluous.Guangxi [MD5.1A113EB5F555F55A031BFACF6A57DC6E] - (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe [2388336] [PID.6980] =>.Apple Inc.® [MD5.7FDBA5B219A14E4EF5A422A0E97E237A] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [342824] [PID.1552] =>.RealNetworks, Inc.® [MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.7264] =>.Apple Inc.® [MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.4280] =>.Apple Inc.® [MD5.13A8776C85A0B17F70AC4FAE92737641] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Sami\AppData\Local\Temp\mpwp7sde.tmp\ZHPDiag3.exe [2107392] [PID.3232] =>.Nicolas Coolman ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (11) - 1s M0 - MFSP: prefs.js [Sami - 0s20p23z.default] http://www.google.fr/ P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.FRA P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppl3260.xpt P2 - EXT FILE: (...) -- C:\Users\Sami\AppData\Roaming\Mozilla\Firefox\Profiles\0s20p23z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Users\Sami\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll =>.Skype Limited P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@nitropdf.com/NitroPDF] - (.Nitro PDF.) -- C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll P2 - FPN: [HKLM] [@nokia.com/EnablerPlugin] - (.Nokia.) -- C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll =>.Nokia P2 - FPN: [HKLM] [@real.com/nprpplugin;version=18.1.0.1236] - (.RealTimes.) -- c:\program files (x86)\Real\realplayer\Netscape6\nprpplugin.dll ---\\ Opera, Plugins,Start,Search (1) - 1s B0 - OCSP: Preferences [Sami][HomePage] http://www.sweet-page.com/?type=hp&ts=1441706776&z=c6329c5e29ab10f50cc5aa8g7z5z0gembebqam0mbq&from=cor&uid=TOSHIBAXMK3263GSXN_30Q7F60WSXX30Q7F60WS ---\\ Internet Explorer Extensions, Start, Search (16) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKEY_USERS\S-1-5-21-3690107929-2776208281-3965692235-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/ R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (7) - 0s O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer [64Bits] - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealDownloader - RealTimes Video Downloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll =>.RealNetworks, Inc.® O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll =>.Microsoft Corporation® O2 - BHO: (no name) [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} (Orphean) O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (.not file.) O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll =>.Kaspersky Lab® O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation® ---\\ Auto loading programs from Registry and folders (27) - 2s O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe =>.Facebook, Inc.® O4 - HKCU\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia® O4 - HKCU\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] . (.Adobe Systems Incorporated - Adobe Creative Cloud.) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] (Orphean) O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\program files (x86)\Real\realplayer\Update\realsched.exe =>.RealNetworks, Inc.® O4 - HKLM\..\Wow6432Node\Run: [SMARTNotification] . (.SMART Technologies - SMART Notification.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies O4 - HKLM\..\Wow6432Node\Run: [SMART Tray Tools] . (.SMART Technologies - SMART System Menu.) -- C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies O4 - HKLM\..\Wow6432Node\Run: [SMART Board Service] . (.SMART Technologies - SMART Board Service.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies O4 - HKLM\..\Wow6432Node\Run: [sbsdk-server] . (.SMART Technologies - Node Launcher.) -- C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies O4 - HKLM\..\Wow6432Node\Run: [SMART Floating Tools] . (.SMART Technologies ULC - SMART Board Tools.) -- C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies ULC O4 - HKLM\..\Wow6432Node\Run: [WebStorage] . (...) -- C:\Program Files (x86)\ASUS\WebStorage\2.2.2.524\ASUSWSLoader.exe =>.ASUS Cloud Corporation® O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [RealDownloader] . (.Copyright © RealNetworks, Inc. 1995-2012 - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe =>.RealNetworks, Inc.® O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics CO., LTD.® O4 - HKLM\..\Wow6432Node\Run: [setup] C:\Users\Sami\AppData\Local\Temp\setup.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [MTview] C:\Program Files (x86)\MTV20151125\MTView.exe (.not file.) O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Sami\AppData\Local\Facebook\Update\FacebookUpdate.exe =>.Facebook, Inc.® O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [NokiaSuite.exe] . (.Nokia - Nokia Suite.) -- C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia® O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [BingSvc] . (.© 2015 Microsoft Corporation - Microsoft Bing Service.) -- C:\Users\Sami\AppData\Local\Microsoft\BingSvc\BingSvc.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-3690107929-2776208281-3965692235-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® ---\\ Global shortcuts Startup (41) - 8s O4 - GS\Desktop [Administrator]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab® O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrator]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [Administrator]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [Administrator]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrator]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrator]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrator]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\Desktop [Guest]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab® O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Guest]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [Guest]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [Guest]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Guest]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Guest]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Guest]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\Desktop [Sami]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab® O4 - GS\Desktop [Sami]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Sami\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Sami]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [Sami]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [Sami]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Sami]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Sami]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Sami]: ÃÀͼä¯ÀÀ.lnk . (...) C:\Program Files (x86)\MTV20151125\MTView.exe O4 - GS\sendTo [Sami]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated® O4 - GS\CommonDesktop [Public]: Adobe Creative Cloud.lnk . (.Adobe Systems Incorporated - Adobe Creative Cloud.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe =>.Adobe Systems Incorporated® O4 - GS\CommonDesktop [Public]: Configure Kodu Game Lab.lnk . (.MSIT - BokuPreBoot.) C:\Program Files (x86)\Microsoft Research\Kodu Game Lab\BokuPreBoot.exe O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\CommonDesktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab® O4 - GS\CommonDesktop [Public]: Kodu Game Lab.lnk . (.Microsoft Research - Kodu Game Lab.) C:\Program Files (x86)\Microsoft Research\Kodu Game Lab\Boku.exe =>.Microsoft Research O4 - GS\CommonDesktop [Public]: Nitro Pro 9.lnk . (.Nitro PDF - .) C:\Program Files (x86)\Nitro\Pro 9\NitroPDF.exe O4 - GS\CommonDesktop [Public]: Nokia Suite.lnk . (.Nokia - Nokia Suite.) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe =>.Nokia® O4 - GS\CommonDesktop [Public]: RealPlayer (RealTimes).lnk . (.RealNetworks, Inc. - RealTimes.) C:\program files (x86)\real\realplayer\RealPlay.exe =>.RealNetworks, Inc.® O4 - GS\CommonDesktop [Public]: Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\CommonDesktop [Public]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\CommonDesktop [Public]: SMART Notebook 14.lnk . (.SMART Technologies ULC - SMART Notebook.) C:\Program Files (x86)\SMART Technologies\Education Software\Notebook.exe {527D6AFB843C2E8BE75BF8BBA4E8B734} =>.SMART Technologies ULC O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN® O4 - GS\Startup [Public]: RealTimes.lnk . (.RealNetworks, Inc. - RealTimes Service UI.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe =>.RealNetworks, Inc.® ---\\ Lop.com/Domain Hijackers (6) - 1s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5987cd7f-d36c-4056-9aee-eee6dd48609c}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74743d34-653e-4b29-b86a-d570a5904abd}: DhcpNameServer = 192.168.43.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ab7dba65-ca52-4359-86a5-612b60f14c65}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{e4668e03-9734-4409-a573-e1646eb7a73c}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ab7dba65-ca52-4359-86a5-612b60f14c65}: DhcpDomain = hi.link ---\\ Extra protocols (24) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: mso-minsb.16 [64Bits] - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL =>.Microsoft Corporation® O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation® O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (96) - 28s O42 - Logiciel: Adobe Acrobat Reader DC - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Photoshop CC 2014 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D7A4F897-B20A-42D0-862D-CB5F6DB7391D} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc. O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1 =>.Audacity Team O42 - Logiciel: BitLord 2.3 - (.House of Life.) [HKLM][64Bits] -- BitLord =>PUP.Optional.WhenUSave O42 - Logiciel: Canon Easy-PhotoPrint EX - (.Canon Inc..) [HKLM][64Bits] -- Easy-PhotoPrint EX =>.Canon Inc.® O42 - Logiciel: Canon MX350 series MP Drivers - (...) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX350_series =>.Canon Inc.® O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft O42 - Logiciel: EpsonNet Config V4 - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA} =>.SEIKO EPSON CORPORATION® O42 - Logiciel: EpsonNet SetupManager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {BB828C7B-44A6-4A83-A96E-EF80B8680B8D} =>.Seiko Epson Corporation O42 - Logiciel: EpsonNet SetupManager - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- InstallShield_{BB828C7B-44A6-4A83-A96E-EF80B8680B8D} =>.Seiko Epson Corporation O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} =>.Skype Limited O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 =>.Foxit Software Incorporated® O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B} =>.Microsoft Corporation O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc. O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico O42 - Logiciel: Kodu Game Lab - (.Microsoft Research.) [HKLM][64Bits] -- {4D172E50-1EF5-4B07-B408-A12DB50CC542} =>.Microsoft Research O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM][64Bits] -- LAME_is1 O42 - Logiciel: MEGA7 version 7.0.9 - (.iGEM.) [HKLM][64Bits] -- {0F8E7D37-27B9-4BFF-9AC7-96321D8467E5}_is1 O42 - Logiciel: Microsoft Access MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0015-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0117-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft DCF MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0090-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Excel MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0016-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Groove MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00BA-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft InfoPath MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0044-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft OneNote MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00A1-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Outlook MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001A-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft PowerPoint MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0018-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Publisher MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-0019-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Microsoft Skype for Business MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-012B-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Word MUI (English) 2016 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-001B-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Mobile Broadband HL Service =>.Huawei Technologies Co., Ltd.® O42 - Logiciel: MSVC80_x64_v2 - (.Nokia.) [HKLM][64Bits] -- {4D668D4F-FAA2-4726-834C-31F4614F312E} =>.Nokia O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM][64Bits] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} =>.Nokia O42 - Logiciel: MSVC90_x64 - (.Nokia.) [HKLM][64Bits] -- {AB071C8B-873C-459F-ACA9-9EBE03C3E89B} =>.Nokia O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM][64Bits] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} =>.Nokia O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {D66B7840-6A9B-11E4-8FED-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft O42 - Logiciel: Nitro Pro 9 - (.Nitro.) [HKLM][64Bits] -- {1325EE91-6AB4-4250-9780-8713FABBBD9A} =>.Nitro O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM][64Bits] -- {29373274-977E-413C-A4DE-DC0F8E80C429} =>.Nokia O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- {88B6F9DE-C80F-4A70-ACF6-BEE933679170} =>.Nokia O42 - Logiciel: Nokia Suite - (.Nokia.) [HKLM][64Bits] -- Nokia Suite =>.Nokia® O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM][64Bits] -- {6D01D1B1-17BD-4F10-BB11-F08F0C47D42B} =>.Nokia O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM][64Bits] -- {FB20AA56-F683-463A-8812-90A3507E96F9} =>.RealNetworks, Inc. O42 - Logiciel: RealDownloader - (.RealNetworks.) [HKLM][64Bits] -- {0415f03a-c9b1-4179-ad1c-b7511ae49c2a} =>.RealNetworks, Inc.® O42 - Logiciel: RealDownloader - (.RealNetworks.) [HKLM][64Bits] -- {E60834D5-24DD-4C76-A9A6-5A6766FB4448} =>.RealNetworks O42 - Logiciel: RealPlayer Cloud - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 17.0 =>.RealNetworks, Inc.® O42 - Logiciel: RealTimes (RealPlayer) - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 18.1 =>.RealNetworks, Inc.® O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.RealNetworks, Inc. O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} =>.Apple Inc. O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (...) [HKLM][64Bits] -- SAMSUNG Mobile Modem O42 - Logiciel: Samsung Mobile phone USB driver Drive Software - (...) [HKLM][64Bits] -- Samsung Mobile phone USB driver Drive O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem 1.0 =>.MCCI Corporation® O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (...) [HKLM][64Bits] -- SAMSUNG Mobile USB Modem =>.MCCI Corporation® O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {C4A4722E-79F9-417C-BD72-8D359A090C97} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {C79A37F3-C076-48BE-B290-F4C8676ABD74} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.® O42 - Logiciel: Settings Manager - (.Aztec Media Inc.) [HKLM][64Bits] -- Settings Manager =>PUP.Optional.SystemK O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation O42 - Logiciel: Skype™ 7.0 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A. O42 - Logiciel: SMART Arabic Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {CB886E2E-81D3-4995-BB75-C0D49E8DAFB1} =>.SMART Technologies ULC O42 - Logiciel: SMART Common Platform - (.SMART Technologies ULC.) [HKLM][64Bits] -- {0E5DD7A3-BE29-430C-970B-C553F4A58C39} =>.SMART Technologies ULC O42 - Logiciel: SMART English (United Kingdom) Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {D2EEF167-5418-4DD4-8370-E168D867E8E2} =>.SMART Technologies ULC O42 - Logiciel: SMART French Handwriting Resources - (.SMART Technologies ULC.) [HKLM][64Bits] -- {41CE2133-DAA6-4360-8C57-01AE7896DCAE} =>.SMART Technologies ULC O42 - Logiciel: SMART French Language Pack - (.SMART Technologies ULC.) [HKLM][64Bits] -- {3B86CEC2-94D4-4511-B4DD-13AA84A2B6A1} =>.SMART Technologies ULC O42 - Logiciel: SMART Notebook - (.SMART Technologies ULC.) [HKLM][64Bits] -- {18E53BBD-971F-4A77-9620-EB2C1539E308} =>.SMART Technologies ULC O42 - Logiciel: SMART Pilotes de produit - (.SMART Technologies ULC.) [HKLM][64Bits] -- {67F35E75-A186-4F80-B291-8283331D5550} =>.SMART Technologies ULC O42 - Logiciel: Software Version Updater - (...) [HKLM][64Bits] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation® O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation® O42 - Logiciel: Update for Skype for Business 2016 (KB3114516) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{10EF17AC-48F3-4FE4-B182-6E39EED858C1} =>.Microsoft Corporation® O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM][64Bits] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37} =>.RealNetworks, Inc. O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM][64Bits] -- Usbfix =>.El Desaparecido - www.usbfix.net - www.sosvirus.net O42 - Logiciel: Video Downloader - (.RealNetworks.) [HKLM][64Bits] -- {E60AFF01-6087-47BD-8272-61FA3CFC309D} =>.RealNetworks O42 - Logiciel: Visual Studio 2012 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {8C775E70-A791-4DA8-BCC3-6AB7136F4484} =>.AVG Technologies O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o. O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: WebStorage - (.ASUS Cloud Corporation.) [HKLM][64Bits] -- WebStorage =>.ASUS Cloud Corporation O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) - (.Nokia.) [HKLM][64Bits] -- 62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F =>.Microsoft Windows® O42 - Logiciel: WinRAR 5.10 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: XMedia Recode version 3.2.6.0 - (.XMedia Recode.) [HKLM][64Bits] -- {DDA3C325-47B2-4730-9672-BF3771C08799}_is1 ---\\ HKCU & HKLM Software Keys (163) - 28s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\Avg HKLM\SOFTWARE\Wow6432Node\Bigasoft HKLM\SOFTWARE\Wow6432Node\Canon HKLM\SOFTWARE\Wow6432Node\CDDB HKLM\SOFTWARE\Wow6432Node\Cisco HKLM\SOFTWARE\Wow6432Node\Client HKLM\SOFTWARE\Wow6432Node\ECAREME HKLM\SOFTWARE\Wow6432Node\EpsonNet HKLM\SOFTWARE\Wow6432Node\ESET HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\Foxit Software HKLM\SOFTWARE\Wow6432Node\Gentee HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\Huawei technologies HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Innovative Solutions HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart HKLM\SOFTWARE\Wow6432Node\iTinySoft HKLM\SOFTWARE\Wow6432Node\KasperskyLab HKLM\SOFTWARE\Wow6432Node\Lame For Audacity HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Macrovision HKLM\SOFTWARE\Wow6432Node\MarkAny HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nalpeiron HKLM\SOFTWARE\Wow6432Node\National Instruments HKLM\SOFTWARE\Wow6432Node\NewBlue HKLM\SOFTWARE\Wow6432Node\Nokia HKLM\SOFTWARE\Wow6432Node\Nokia Mobile Phones HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\PC Connectivity Solution HKLM\SOFTWARE\Wow6432Node\PCDataApp HKLM\SOFTWARE\Wow6432Node\PCSuite HKLM\SOFTWARE\Wow6432Node\PowerPivot HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Samsung HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION HKLM\SOFTWARE\Wow6432Node\SHARP HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SMART Technologies HKLM\SOFTWARE\Wow6432Node\SMART Technologies Inc. HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager HKLM\SOFTWARE\Wow6432Node\Sony Creative Software HKLM\SOFTWARE\Wow6432Node\SOSVirus HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery HKLM\SOFTWARE\Wow6432Node\Stellar information Systems ltd. HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage HKLM\SOFTWARE\Wow6432Node\SystemK =>PUP.Optional.SystemK HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WafCX HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\Wow6432Node HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp. HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Anvsoft HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\Audacity HKCU\SOFTWARE\Avg Secure Update HKCU\SOFTWARE\Bigasoft HKCU\SOFTWARE\BugSplat HKCU\SOFTWARE\Bytescout HKCU\SOFTWARE\Canon HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\Clubic HKCU\SOFTWARE\DirectShow HKCU\SOFTWARE\DriverToolkit =>.Superfluous.DriverToolkit HKCU\SOFTWARE\ECAREME HKCU\SOFTWARE\EpsonNet HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Facebook HKCU\SOFTWARE\Format Factory HKCU\SOFTWARE\Foxit Software HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Freeware HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GetData HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Innovative Solutions HKCU\SOFTWARE\InstallCore =>Adware.InstallCore HKCU\SOFTWARE\KasperskyLab HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Ligos HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Network Optix HKCU\SOFTWARE\NewBlue HKCU\SOFTWARE\Nitro HKCU\SOFTWARE\Nokia HKCU\SOFTWARE\O&O HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\PCDataApp HKCU\SOFTWARE\PCSuite HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Real HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Redemption HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\Samsung HKCU\SOFTWARE\SHARP HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SkypeRS HKCU\SOFTWARE\SMART Technologies HKCU\SOFTWARE\SMART Technologies Inc. HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager HKCU\SOFTWARE\Softonic =>.Superfluous.Softonic HKCU\SOFTWARE\Sony Creative Software HKCU\SOFTWARE\STA =>.Superfluous.ZhuWeiqin HKCU\SOFTWARE\Streaming Video Recorder HKCU\SOFTWARE\SWiSHzone.com HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\SystemK =>PUP.Optional.SystemK HKCU\SOFTWARE\TAdvCheckList HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\tvp HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\UpdateStar HKCU\SOFTWARE\Usbfix HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\VideoLAN HKCU\SOFTWARE\VirtualDub.org HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wintertree HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WsAudio_Device HKCU\SOFTWARE\WSVCUPlugin HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램 HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\MarkAny ---\\ Contents of the Common Files folders (274) - 45s O43 - CFD: 24/12/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 21/07/2014 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.® O43 - CFD: 01/10/2014 - [] D -- C:\Program Files (x86)\ASUS O43 - CFD: 27/07/2014 - [] AD -- C:\Program Files (x86)\Audacity O43 - CFD: 17/06/2015 - [] D -- C:\Program Files (x86)\AVG Web TuneUp =>Toolbar.AVGSafeGuard O43 - CFD: 12/09/2015 - [0] D -- C:\Program Files (x86)\Bitlord =>PUP.Optional.WhenUSave O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\BitLord 2 =>PUP.Optional.WhenUSave O43 - CFD: 13/12/2014 - [] D -- C:\Program Files (x86)\Canon O43 - CFD: 29/09/2015 - [] D -- C:\Program Files (x86)\CDRoller O43 - CFD: 28/09/2015 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG® O43 - CFD: 27/01/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 11/06/2015 - [] D -- C:\Program Files (x86)\Eduserv O43 - CFD: 20/04/2015 - [] D -- C:\Program Files (x86)\EpsonNet =>.SEIKO EPSON Corporation® O43 - CFD: 15/01/2015 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software Incorporated® O43 - CFD: 28/09/2015 - [0] D -- C:\Program Files (x86)\FreeTime O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 31/08/2014 - [] D -- C:\Program Files (x86)\GUMD13A.tmp =>.Google Inc® O43 - CFD: 24/10/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 30/12/2015 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Kaspersky Lab =>.Kaspersky Lab® O43 - CFD: 31/07/2014 - [] AD -- C:\Program Files (x86)\Lame For Audacity O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services =>.Microsoft Corporation® O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 28/10/2015 - [] D -- C:\Program Files (x86)\Microsoft Research O43 - CFD: 30/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Microsoft SQL Server O43 - CFD: 25/04/2015 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 02/02/2016 - [] AD -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 02/02/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 10/08/2014 - [] D -- C:\Program Files (x86)\Nitro O43 - CFD: 22/06/2014 - [] D -- C:\Program Files (x86)\Nokia O43 - CFD: 11/09/2015 - [] D -- C:\Program Files (x86)\Opera O43 - CFD: 22/06/2014 - [] AD -- C:\Program Files (x86)\PC Connectivity Solution =>.Microsoft Windows® O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Real =>.RealNetworks, Inc.® O43 - CFD: 21/09/2015 - [] AD -- C:\Program Files (x86)\RealNetworks =>.RealNetworks, Inc.® O43 - CFD: 06/03/2015 - [] AD -- C:\Program Files (x86)\Safari =>.Apple Inc.® O43 - CFD: 29/09/2015 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics CO., LTD.® O43 - CFD: 28/01/2016 - [0] D -- C:\Program Files (x86)\Settings Manager =>PUP.Optional.SettingsManager O43 - CFD: 28/09/2015 - [0] D -- C:\Program Files (x86)\SHARP O43 - CFD: 18/01/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 26/01/2015 - [] AD -- C:\Program Files (x86)\SMART Technologies {527D6AFB843C2E8BE75BF8BBA4E8B734} O43 - CFD: 28/09/2015 - [] D -- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery =>.Stellar Information Systems Limited® O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Total Video Converter O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\t_201601241301 =>.Superfluous.Guangxi O43 - CFD: 26/12/2015 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 02/07/2014 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 25/04/2015 - [] AD -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation® O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 14/07/2014 - [] AD -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH® O43 - CFD: 21/09/2015 - [] AD -- C:\Program Files (x86)\XMedia Recode O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS O43 - CFD: 21/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitlord =>PUP.Optional.WhenUSave O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX350 series O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet O43 - CFD: 30/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader O43 - CFD: 02/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGA7 O43 - CFD: 26/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Research O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks O43 - CFD: 24/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung PC Studio 3 O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies O43 - CFD: 25/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 30/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 30/10/2015 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode O43 - CFD: 24/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÃÀͼä¯ÀÀ O43 - CFD: 11/09/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ÎÏãÇÊ ãÏÑÓíøÉ O43 - CFD: 19/12/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\خدمات مدرسيّة O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 21/07/2014 - [] D -- C:\ProgramData\Apple O43 - CFD: 21/07/2014 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\ASUS WebStorage O43 - CFD: 06/12/2014 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 28/01/2016 - [0] D -- C:\ProgramData\Baidu O43 - CFD: 17/12/2014 - [] HD -- C:\ProgramData\CanonBJ O43 - CFD: 13/12/2014 - [0] HD -- C:\ProgramData\CanonEPP O43 - CFD: 13/12/2014 - [0] HD -- C:\ProgramData\CanonIJEPPEX2 O43 - CFD: 06/03/2015 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\DatacardService O43 - CFD: 08/12/2015 - [] D -- C:\ProgramData\Denyalive O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Dim@net O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\Downloaded Installations O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\FLEXnet O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\Foxit ContentPlatform O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\HP O43 - CFD: 12/07/2014 - [0] D -- C:\ProgramData\IDM O43 - CFD: 03/02/2016 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\LAT 2.0 - FR O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\MFAData O43 - CFD: 26/12/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 28/01/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 26/01/2016 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS O43 - CFD: 26/06/2015 - [] D -- C:\ProgramData\MobileBrServ O43 - CFD: 21/06/2014 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 10/08/2014 - [] D -- C:\ProgramData\Nitro O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Nokia O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\NokiaInstallerCache O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\OO Software O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 25/06/2014 - [] D -- C:\ProgramData\PC Suite O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\PRICache O43 - CFD: 21/12/2014 - [] D -- C:\ProgramData\Real O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\RealNetworks O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 26/01/2016 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Samsung O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\SAS O43 - CFD: 23/12/2014 - [] D -- C:\ProgramData\Skype O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\SMART Technologies O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\SysDev Laboratories O43 - CFD: 21/12/2014 - [0] D -- C:\ProgramData\systemk =>PUP.Optional.SystemK O43 - CFD: 28/09/2015 - [0] D -- C:\ProgramData\TEMP O43 - CFD: 26/12/2015 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 26/12/2015 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 10/07/2015 - [] D -- C:\ProgramData\USOShared O43 - CFD: 03/07/2015 - [] D -- C:\ProgramData\WebStorage O43 - CFD: 11/09/2015 - [] D -- C:\ProgramData\Wondershare O43 - CFD: 13/09/2015 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate O43 - CFD: 13/09/2015 - [0] D -- C:\ProgramData\xml_param O43 - CFD: 21/08/2015 - [] D -- C:\ProgramData\Yammer O43 - CFD: 24/12/2015 - [] AD -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 03/07/2015 - [] D -- C:\Program Files (x86)\Common Files\AWS O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Config O43 - CFD: 21/09/2015 - [] D -- C:\Program Files (x86)\Common Files\eSellerate O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 26/01/2015 - [] D -- C:\Program Files (x86)\Common Files\Macrovision Shared O43 - CFD: 26/01/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 10/08/2014 - [] AD -- C:\Program Files (x86)\Common Files\Nitro O43 - CFD: 02/08/2015 - [] AD -- C:\Program Files (x86)\Common Files\Nokia O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 16/12/2014 - [] AD -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 26/01/2015 - [] AD -- C:\Program Files (x86)\Common Files\SMART Technologies O43 - CFD: 26/01/2016 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 25/04/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 30/09/2014 - [] D -- C:\Program Files (x86)\Common Files\xing shared O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Adobe O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Anvsoft O43 - CFD: 21/12/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Apowersoft O43 - CFD: 20/08/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Apple Computer O43 - CFD: 07/03/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Audacity O43 - CFD: 23/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\avidemux O43 - CFD: 03/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\awsRun O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Bigasoft Total Video Converter 5 O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave O43 - CFD: 01/08/2014 - [0] D -- C:\Users\Sami\AppData\Roaming\DMCache O43 - CFD: 10/08/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Downloaded Installations O43 - CFD: 04/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\ESET O43 - CFD: 21/12/2014 - [] D -- C:\Users\Sami\AppData\Roaming\FirefoxToolbar O43 - CFD: 23/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Foxit Software O43 - CFD: 08/09/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Identities O43 - CFD: 23/04/2015 - [] D -- C:\Users\Sami\AppData\Roaming\InstallShield O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Macromedia O43 - CFD: 15/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\MediaInfo O43 - CFD: 11/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA6_6140226 O43 - CFD: 26/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64 O43 - CFD: 27/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\MEGA_Global O43 - CFD: 26/12/2015 - [] SD -- C:\Users\Sami\AppData\Roaming\Microsoft O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Mozilla O43 - CFD: 21/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Nitro O43 - CFD: 18/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Nitro PDF O43 - CFD: 30/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Nokia O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Nokia Suite O43 - CFD: 08/09/2015 - [0] D -- C:\Users\Sami\AppData\Roaming\notepad O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Opera Software O43 - CFD: 18/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\PC Suite O43 - CFD: 21/09/2015 - [0] D -- C:\Users\Sami\AppData\Roaming\Publish Providers O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\Python-Eggs O43 - CFD: 01/02/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Real O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\RealNetworks O43 - CFD: 24/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Samsung O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Shortcut O43 - CFD: 30/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Skype O43 - CFD: 26/01/2015 - [] D -- C:\Users\Sami\AppData\Roaming\SMART Technologies O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Roaming\SMART Technologies Inc O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Sony O43 - CFD: 27/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\SysDev Laboratories O43 - CFD: 25/01/2016 - [] D -- C:\Users\Sami\AppData\Roaming\Temp O43 - CFD: 06/03/2015 - [] D -- C:\Users\Sami\AppData\Roaming\TuneUp Software O43 - CFD: 02/02/2016 - [] D -- C:\Users\Sami\AppData\Roaming\vlc O43 - CFD: 30/07/2015 - [] D -- C:\Users\Sami\AppData\Roaming\WebStorage O43 - CFD: 21/06/2014 - [0] SHD -- C:\Users\Sami\AppData\Roaming\WindowsDebugger O43 - CFD: 14/07/2014 - [] D -- C:\Users\Sami\AppData\Roaming\WinRAR O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Wondershare Video Converter Ultimate O43 - CFD: 21/08/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Yammer O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Roaming\ZHP O43 - CFD: 26/12/2015 - [0] D -- C:\Users\Sami\AppData\Local\ActiveSync O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Adobe O43 - CFD: 21/07/2014 - [] D -- C:\Users\Sami\AppData\Local\Apple O43 - CFD: 01/08/2014 - [] D -- C:\Users\Sami\AppData\Local\Apple Computer O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\Application Data O43 - CFD: 21/08/2015 - [] D -- C:\Users\Sami\AppData\Local\Apps O43 - CFD: 21/05/2015 - [] D -- C:\Users\Sami\AppData\Local\Avg O43 - CFD: 07/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Avg2015 O43 - CFD: 07/01/2016 - [] D -- C:\Users\Sami\AppData\Local\CEF O43 - CFD: 27/12/2015 - [] D -- C:\Users\Sami\AppData\Local\Comms O43 - CFD: 27/01/2016 - [0] D -- C:\Users\Sami\AppData\Local\Diagnostics O43 - CFD: 03/02/2016 - [0] D -- C:\Users\Sami\AppData\Local\ElevatedDiagnostics O43 - CFD: 11/09/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\EmieSiteList O43 - CFD: 11/09/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\EmieUserList O43 - CFD: 17/06/2015 - [] D -- C:\Users\Sami\AppData\Local\ESET O43 - CFD: 31/07/2014 - [] D -- C:\Users\Sami\AppData\Local\Facebook O43 - CFD: 12/09/2015 - [] D -- C:\Users\Sami\AppData\Local\fontconfig O43 - CFD: 16/05/2015 - [] D -- C:\Users\Sami\AppData\Local\Foxit Reader O43 - CFD: 24/11/2015 - [] D -- C:\Users\Sami\AppData\Local\Google O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\History O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Macromedia O43 - CFD: 06/03/2015 - [] D -- C:\Users\Sami\AppData\Local\MFAData O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Local\Microsoft O43 - CFD: 29/01/2016 - [] D -- C:\Users\Sami\AppData\Local\Microsoft Help O43 - CFD: 18/09/2015 - [] D -- C:\Users\Sami\AppData\Local\MicrosoftEdge O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Mozilla O43 - CFD: 11/09/2015 - [0] D -- C:\Users\Sami\AppData\Local\NetworkTiles O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Nokia O43 - CFD: 22/06/2014 - [] D -- C:\Users\Sami\AppData\Local\NokiaAccount O43 - CFD: 02/07/2015 - [] D -- C:\Users\Sami\AppData\Local\Opera Software O43 - CFD: 01/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Packages O43 - CFD: 23/12/2014 - [0] D -- C:\Users\Sami\AppData\Local\PackageStaging O43 - CFD: 12/09/2015 - [0] D -- C:\Users\Sami\AppData\Local\PeerDistRepub O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Programs O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Publishers O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Real O43 - CFD: 21/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Samsung O43 - CFD: 15/07/2014 - [] D -- C:\Users\Sami\AppData\Local\SAS O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\Skype O43 - CFD: 26/01/2015 - [] D -- C:\Users\Sami\AppData\Local\SMART Technologies O43 - CFD: 21/06/2014 - [] D -- C:\Users\Sami\AppData\Local\SMART Technologies Inc O43 - CFD: 29/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Sony O43 - CFD: 23/10/2015 - [] D -- C:\Users\Sami\AppData\Local\speech O43 - CFD: 03/02/2016 - [] D -- C:\Users\Sami\AppData\Local\Temp O43 - CFD: 26/12/2015 - [0] SHD -- C:\Users\Sami\AppData\Local\Temporary Internet Files O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\TileDataLayer O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\VirtualStore O43 - CFD: 26/10/2015 - [] D -- C:\Users\Sami\AppData\Local\Windows Live O43 - CFD: 11/09/2015 - [] D -- C:\Users\Sami\AppData\Local\Wondershare O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 30/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave O43 - CFD: 30/10/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 30/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 26/12/2015 - [] RD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell O43 - CFD: 26/12/2015 - [] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 27/01/2016 - [0] D -- C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 ---\\ Latest files created in Prefetcher (3) - 12s O45 - LFCP:[MD5.F5DB5CF8162E39BA4B6156A75F8AE67C] 24/01/2016 A -- C:\WINDOWS\Prefetch\BROWSERAIR.EXE-BE55F020.pf =>PUP.Optional.BrowserAir O45 - LFCP:[MD5.3F5F3C2EE68A5C6B7CD7203B8850FAC0] 27/01/2016 A -- C:\WINDOWS\Prefetch\SH_INSTALLER.EXE-AF58EEE7.pf =>.Superfluous.SpyHunter O45 - LFCP:[MD5.188FF314060D600FD52F13C29267CE87] 27/01/2016 A -- C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-83704D5A.pf =>.Superfluous.SpyHunter ---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 1s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\Sami\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL =>.Microsoft Corporation® ---\\ System Drivers List (88) - 19s O58 - SDL:2015/10/30 08:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows® O58 - SDL:2011/11/28 14:51:44 A . (.AnvSoft Inc. - AnvSoft Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\anvsnddrv.sys [33872] =>.AnvSoft Co., Ltd.® O58 - SDL:2014/04/09 22:05:52 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [31920] =>.APOWERSOFT LIMITED® O58 - SDL:2015/10/30 08:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/10/30 08:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/10/30 08:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows® O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\WINDOWS\System32\drivers\cm_km.sys [389816] =>.Kaspersky Lab® O58 - SDL:2014/09/22 09:20:06 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\WINDOWS\System32\drivers\EpfwLWF.sys [44632] =>.ESET, spol. s r.o.® O58 - SDL:2015/01/04 12:48:48 A . (.ESET - ESET Cleaners Driver.) -- C:\WINDOWS\System32\drivers\ESETCleanersDriver.sys [170280] =>.ESET, spol. s r.o.® O58 - SDL:2016/01/27 00:07:25 A . (...) -- C:\WINDOWS\System32\drivers\EsgScanner.sys [22704] =>.Superfluous.SpyHunter O58 - SDL:2015/10/30 08:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows® O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\ew_hwusbdev.sys [117248] =>.Huawei Technologies Co., Ltd. O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\WINDOWS\System32\drivers\ew_jubusenum.sys [87040] =>.Huawei Technologies Co., Ltd. O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\WINDOWS\System32\drivers\ew_jucdcacm.sys [98304] =>.Huawei Technologies Co., Ltd. O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\WINDOWS\System32\drivers\ew_jucdcecm.sys [72192] =>.Huawei Technologies Co., Ltd. O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\WINDOWS\System32\drivers\ew_juextctrl.sys [28672] =>.Huawei Technologies Co., Ltd. O58 - SDL:2016/01/20 15:51:57 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [13952] =>.Huawei Technologies Co., Ltd. O58 - SDL:2015/10/30 08:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2015/10/30 08:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows® O58 - SDL:2012/03/23 18:13:28 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [10627744] =>.Intel Corporation O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] =>.Kaspersky Lab® O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [53432] =>.Kaspersky Lab® O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [70512] =>.Kaspersky Lab® O58 - SDL:2015/06/06 08:51:00 A . (.Kaspersky Lab ZAO - Virtual Disk [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kldisk.sys [68280] =>.Kaspersky Lab® O58 - SDL:2015/06/24 01:28:32 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [30328] =>.Microsoft Windows Early Launch Anti-malware Publisher® O58 - SDL:2016/02/03 02:42:00 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [181640] =>.Kaspersky Lab® O58 - SDL:2016/02/02 23:46:32 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [227512] =>.Kaspersky Lab® O58 - SDL:2016/02/03 02:42:01 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [934272] =>.Kaspersky Lab® O58 - SDL:2015/06/11 19:35:38 A . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [39608] =>.Kaspersky Lab® O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [41656] =>.Kaspersky Lab® O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [41656] =>.Kaspersky Lab® O58 - SDL:2016/02/03 02:42:02 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [41352] =>.Kaspersky Lab® O58 - SDL:2016/02/03 02:42:02 A . (.Kaspersky Lab ZAO - Network filtering component [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [87944] =>.Kaspersky Lab® O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [102584] =>.Kaspersky Lab® O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kneps.sys [187056] =>.Kaspersky Lab® O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows® O58 - SDL:2014/12/09 17:47:52 A . (.Copyright (C) 2009 - NWHIDFil.) -- C:\WINDOWS\System32\drivers\NWLowRider.sys [25456] {309768CB6AA9FEDD5F445CD83298E4E2} O58 - SDL:2014/12/09 17:47:52 A . (.Copyright (C) 2009 - Kernel.) -- C:\WINDOWS\System32\drivers\NWTransLibLR.sys [157552] {309768CB6AA9FEDD5F445CD83298E4E2} O58 - SDL:2012/10/17 14:53:46 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\System32\drivers\pccsmcfdx64.sys [26112] =>.Nokia O58 - SDL:2015/10/30 08:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [589824] =>.Realtek O58 - SDL:2015/10/30 08:17:18 A . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\WINDOWS\System32\drivers\rtl8192se.sys [1222656] =>.Realtek Semiconductor Corporation O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows® O58 - SDL:2014/12/09 17:47:36 A . (.SMART Technologies - Mouse Upper Filter Driver.) -- C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [10240] =>.SMART Technologies O58 - SDL:2014/12/09 17:47:50 A . (.SMART Technologies - Driver for SMART HID Device.) -- C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216] =>.SMART Technologies O58 - SDL:2014/12/09 17:47:32 A . (.SMART Technologies ULC - Driver for SMART Virtual TabletPC HID Devic.) -- C:\WINDOWS\System32\drivers\SMARTVTabletPCx64.sys [70656] =>.SMART Technologies ULC O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [42184] =>.Synaptics Incorporated® O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [42696] =>.Synaptics Incorporated® O58 - SDL:2015/09/11 15:01:24 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [42696] =>.Synaptics Incorporated® O58 - SDL:2015/05/21 07:02:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\ssm_cm.sys [15360] =>.MCCI Corporation® O58 - SDL:2015/05/21 07:02:38 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\ssm_wh.sys [15872] =>.MCCI Corporation® O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [110720] =>.DEVGURU CO LTD® O58 - SDL:2015/05/21 07:02:42 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD® O58 - SDL:2015/10/30 08:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows® O58 - SDL:2015/09/11 15:01:26 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [613576] =>.Synaptics Incorporated® O58 - SDL:2016/01/24 13:04:45 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [128312] =>.Superfluous.Tencent O58 - SDL:2010/06/14 09:32:54 A . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\WINDOWS\System32\drivers\TFsExDisk.sys [16448] =>.Teruten, Inc.® O58 - SDL:2013/08/19 12:32:10 A . (.Windows (R) Win 7 DDK provider - Toshiba Hotkey Driver.) -- C:\WINDOWS\System32\drivers\Thotkey.sys [32624] =>.TOSHIBA CORPORATION® O58 - SDL:2014/03/19 02:37:36 A . (.Seiko Epson Corporation - EPSON USB Device Driver for TM/BA/EU Printe.) -- C:\WINDOWS\System32\drivers\TMUSB64.sys [63096] =>.Seiko Epson Corporation O58 - SDL:2013/08/15 09:13:32 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\WINDOWS\System32\drivers\TVALZ_O.SYS [32832] =>.TOSHIBA CORPORATION® O58 - SDL:2015/10/30 08:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows® O58 - SDL:2015/10/30 08:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows® O58 - SDL:2008/03/17 18:12:26 A . (...) -- C:\WINDOWS\System32\Ckldrv.sys [28664] {07ECE39AB9F0557AA8FCED94B40D204F} ---\\ Last modified or created user files (16) - 113s O61 - LFC: 2016/01/26 12:41:08 A . (.iGEM.) -- C:\Users\Sami\Downloads\MEGA7.0.9_beta_win64_setup.exe [32440723] O61 - LFC: 2016/02/02 10:46:10 A . (..) -- C:\Users\Sami\AppData\Roaming\Microsoft\UProof\CMAdj.9.bin [68] O61 - LFC: 2016/01/28 11:43:52 A . (..) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\MUSCLE\muscle.exe [531968] O61 - LFC: 2016/01/28 11:43:52 A . (..) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\MUSCLE\muscleWin64.exe [531968] O61 - LFC: 2016/01/28 11:20:06 A . (.WPCubed GmbH - www.wpcubed.com.) -- C:\Users\Sami\AppData\Roaming\MEGA7_7151203-x86_64\Private\DLL\wPDF300W64.dll [1689544] {0D1A94960725EDF5AE85CF6F5D799B7B} O61 - LFC: 2016/01/28 15:16:00 A . (.Copyright © 2013.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Q42.WinRT.Portable\7631f412fc66d626094994fddc019311\Q42.WinRT.Portable.ni.dll [44032] O61 - LFC: 2016/01/28 15:16:07 A . (.Copyright © 2012.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Q42.WinRT\f78c7598742cc0647abb150639b190e3\Q42.WinRT.ni.dll [239616] O61 - LFC: 2016/01/28 15:15:59 A . (.Copyright © 2014.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\NRJ\c5bcc2d1182e25eb3abc8d75328bf6ba\NRJ.ni.exe [1869312] O61 - LFC: 2016/01/28 15:16:09 A . (.Copyright © 2011.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\cd3dbbce858ec74ff99988d686defac1\NotificationsExtensions.ni.dll [241664] O61 - LFC: 2016/01/28 15:16:08 A . (.Copyright © 2013.) -- C:\Users\Sami\AppData\Local\Packages\NRJ.ChrieFM_js6xree90qvwe\AC\Microsoft\CLR_v4.0_32\NativeImages\ATWinStoreLib\b96b5bb3e6a2577a01e4861d6ff73b08\ATWinStoreLib.ni.dll [161280] O61 - LFC: 2016/01/26 22:27:35 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [24616] O61 - LFC: 2016/02/02 10:34:31 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192] O61 - LFC: 2016/02/02 22:25:34 A . (..) -- C:\Users\Sami\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635900364982878667.bin [66472] O61 - LFC: 2016/02/03 07:29:54 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148] O61 - LFC: 2016/01/26 17:42:10 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [403885] O61 - LFC: 2016/01/26 22:11:21 A . (..) -- C:\Users\Sami\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635894136668762467.bin [58396] ---\\ File Associations Shell Spawning (10) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (8) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe http://www.istartsurf.com/ =>.Apple Inc.® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. ---\\ Search Browser Infection (5) - 14s O69 - SBI: prefs.js [Sami - 0s20p23z.default] user_pref("browser.newtab.url", "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=G1Ozamobl10924,f8a9f8bd-b356-4332-ab6e[...] =>PUP.Optional.SearchingCom O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {CF739809-1C6C-47C0-85B9-569DBB141420} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Search Svchost Services (42) - 2s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1338368] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [958464] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [1012224] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2058240] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [203776] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [457728] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2280448] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [360448] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [360960] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1130496] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948224] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [200192] =>.Microsoft Corporation ---\\ Firewall Active Exception List (54) - 9s O87 - FAEL: "UDP Query User{D64279E8-62DD-43BC-A5E6-4E7B49E17E82}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave O87 - FAEL: "TCP Query User{F9B6B75D-C1AB-43B0-BB81-A4C28CB9207F}C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave O87 - FAEL: "{AEF68EEC-8911-4522-9059-55D160BD8CA2}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe (.not file.) O87 - FAEL: "{67644433-D2E4-495D-BC6C-C701A29CB601}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Common Files\nokia\service layer\a\nsl_host_process.exe (.not file.) O87 - FAEL: "{4B54A765-5D85-406D-9162-D4BA0973A2D7}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe (.not file.) O87 - FAEL: "{6DFD9D5E-F7DB-4688-B2B0-797FD618D08A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe (.not file.) O87 - FAEL: "{85D097BD-2630-47A3-B6F6-CD1E3DD76549}" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe =>PUP.Optional.WhenUSave O87 - FAEL: "{CF550519-2E91-40B2-A98E-1008354D5AAD}" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe =>PUP.Optional.WhenUSave O87 - FAEL: "{DCE17A55-CB63-4A48-9D87-5245180F76CD}" [In-None-P17-TRUE] .(...) -- C:\Program Files\PCDApp\dgen.exe (.not file.) O87 - FAEL: "{8EA85A7E-C9F2-411F-B3F4-3A558C11BAC1}" [In-None-P6-TRUE] .(...) -- C:\Program Files\PCDApp\dgen.exe (.not file.) O87 - FAEL: "{8443A095-3B45-4ECB-92AD-FBA8769CDDE3}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS O87 - FAEL: "{2999EC54-5FE2-4649-B9F2-79403EFE41C4}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS O87 - FAEL: "{65274C97-19E5-4237-B5E1-02F77A2E2B7B}" [In-None-P6-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS O87 - FAEL: "{ACC0AD74-8595-4C26-BE54-E0BE56AA2653}" [In-None-P17-TRUE] .(...) -- C:\Program Files\KMSnano\qemu-system-i386.exe (.not file.) =>HackTool.AutoKMS O87 - FAEL: "{87DE2CEB-18CD-4E8E-B332-B1439FC76499}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (.not file.) O87 - FAEL: "{A770D764-F829-482E-B1D9-15DF3F44FDAB}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (.not file.) O87 - FAEL: "{5EB1F344-6692-47BC-9476-5BB80DE2688A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (.not file.) O87 - FAEL: "{62ED000E-EEAF-45F7-9394-7FEA9E114EB4}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (.not file.) O87 - FAEL: "TCP Query User{B70E271F-5FC9-4BF5-A053-453E635E25FF}C:\program files (x86)\smart technologies\education software\ucgui.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucgui.exe (.not file.) O87 - FAEL: "UDP Query User{8794C1D3-9454-49AA-A713-72A4BC6D22F9}C:\program files (x86)\smart technologies\education software\ucgui.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucgui.exe (.not file.) O87 - FAEL: "TCP Query User{2D6BB53C-2B92-45FB-97FD-9F1B2F718438}C:\program files (x86)\smart technologies\education software\ucservice.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucservice.exe (.not file.) O87 - FAEL: "UDP Query User{B572551C-425D-4BA9-91B9-38AF859D1006}C:\program files (x86)\smart technologies\education software\ucservice.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\smart technologies\education software\ucservice.exe (.not file.) O87 - FAEL: "{E6C90F6E-2A12-4103-AB96-CBEE91771093}" [In-None-P6-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico O87 - FAEL: "{4E4C49DA-3E90-49E8-85BA-1C26F23E39E0}" [In-None-P17-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico O87 - FAEL: "{6EB8B37D-BAD0-46CE-82B5-FD060FA6BF19}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (.not file.) O87 - FAEL: "{363D11BE-C954-4B01-9208-A0674F916E31}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe (.not file.) O87 - FAEL: "{88D3A529-EC5A-4BB5-872B-DBE5ED26CA55}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (.not file.) O87 - FAEL: "{7FBB0029-C448-470E-933D-033D95F9DE48}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe (.not file.) O87 - FAEL: "{66267072-E6A2-4997-901F-603E8AA43A8C}" [Out-None-P6-TRUE] .(...) -- C:\Users\Sami\AppData\Local\Temp\nsj2C79.tmp\CnetInstaller-75586860.exe (.not file.) O87 - FAEL: "{B291913D-191F-462C-8AA8-C6AE94C4F517}" [In-None-P6-TRUE] .(...) -- C:\Users\Sami\AppData\Local\Temp\nsj2C79.tmp\CnetInstaller-75586860.exe (.not file.) O87 - FAEL: "{AD891D20-77DE-429F-A39B-3AE2A084EBE4}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (.not file.) O87 - FAEL: "{35116F7F-7E81-4B4E-94D3-233D46666D8F}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe (.not file.) O87 - FAEL: "{31728723-3987-4378-AAA9-5A48B8CAAFB0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (.not file.) O87 - FAEL: "{538F46DB-9902-4421-9A5F-D0E082C2A941}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll (.not file.) O87 - FAEL: "{E784ADC4-4BBF-427E-9C0A-0F0D471DAF8A}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (.not file.) O87 - FAEL: "{AD5457FA-D8EC-483B-9E24-513BCFCF8EA3}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll (.not file.) O87 - FAEL: "{B8EF95C7-7B69-486A-A5FE-348158FEB840}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (.not file.) O87 - FAEL: "{2D64FD10-BD69-4E31-9DE4-A330A344B13D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll (.not file.) O87 - FAEL: "{60C8B623-66B8-46B1-90A7-94D948C206D0}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (.not file.) O87 - FAEL: "{FC4EF9AF-3172-4FBB-B7AC-EE766CF2AB5D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll (.not file.) O87 - FAEL: "{3AC2F41B-669A-4A01-A488-0067A0A27B60}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (.not file.) O87 - FAEL: "{D5C59EDD-B660-4012-83BB-B1530B7DB8C0}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll (.not file.) O87 - FAEL: "{58406AF2-A788-4F3B-9EAB-ABDA8276B9AA}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (.not file.) O87 - FAEL: "{2FC9A6FC-A799-4A6D-96EE-7C72111C3D1D}" [Out-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll (.not file.) O87 - FAEL: "TCP Query User{DA85B204-B309-41DA-ADAF-ABD8F979E450}C:\program files (x86)\mozilla firefox\firefox.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\mozilla firefox\firefox.exe (.not file.) O87 - FAEL: "UDP Query User{CC917D9A-3389-486C-96D3-5EB63B124B30}C:\program files (x86)\mozilla firefox\firefox.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\mozilla firefox\firefox.exe (.not file.) O87 - FAEL: "{603F2A84-2F87-42D6-B242-21D11B237AD7}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (.not file.) O87 - FAEL: "{55CBC8D7-2D63-4611-BE02-65928CE46B8F}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe (.not file.) O87 - FAEL: "{2A9D63EC-5FD2-4784-A6AA-0C11FBDF309F}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe (.not file.) O87 - FAEL: "{A733CDCB-B921-4C2A-AD8B-6788046E57FA}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe (.not file.) O87 - FAEL: "{B91D2D3F-C320-480F-AA29-2E94D3F74480}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe (.not file.) O87 - FAEL: "{D2F9C968-A0E0-4887-8F81-32BC450ACE62}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe (.not file.) O87 - FAEL: "{303E3010-0F13-4D26-8C99-F6E9982EA303}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (.not file.) O87 - FAEL: "{FB09B914-400D-48AD-9028-515461ADB04B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\AVG\AVG2015\avgemca.exe (.not file.) ---\\ Additional Scan (O88) (46) - 0s HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico C:\WINDOWS\System32\Tasks\AutoKMS =>HackTool.AutoKMS C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico C:\WINDOWS\System32\Tasks\IBUpd2 =>PUP.Optional.BrowserAir HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager =>PUP.Optional.SystemK HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager =>PUP.Optional.SystemK HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} =>PUP.Optional.SoftwareUpdater HKLM\SOFTWARE\Wow6432Node\FFPluginHp =>PUP.Optional.SweetSearch HKLM\SOFTWARE\Wow6432Node\istartsurfSoftware =>PUP.Optional.IsStart HKLM\SOFTWARE\Wow6432Node\SmdmF =>PUP.Optional.SettingsManager HKLM\SOFTWARE\Wow6432Node\sweet-pageSoftware =>PUP.Optional.SweetPage HKLM\SOFTWARE\Wow6432Node\SystemK =>PUP.Optional.SystemK HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Wow6432Node\WdsManPro =>PUP.Optional.WdsManPro HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit HKCU\SOFTWARE\DriverToolkit =>.Superfluous.DriverToolkit HKCU\SOFTWARE\InstallCore =>Adware.InstallCore HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore HKCU\SOFTWARE\SmdmF =>PUP.Optional.SettingsManager HKCU\SOFTWARE\Softonic =>.Superfluous.Softonic HKCU\SOFTWARE\STA =>.Superfluous.ZhuWeiqin HKCU\SOFTWARE\SystemK =>PUP.Optional.SystemK HKCU\SOFTWARE\TeleCharger =>.Superfluous.Downloader HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\undefined =>.Superfluous.Downloader C:\Program Files (x86)\AVG Web TuneUp =>Toolbar.AVGSafeGuard C:\Program Files (x86)\Bitlord =>PUP.Optional.WhenUSave C:\Program Files (x86)\BitLord 2 =>PUP.Optional.WhenUSave C:\Program Files (x86)\Settings Manager =>PUP.Optional.SettingsManager C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitlord =>PUP.Optional.WhenUSave C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS C:\ProgramData\systemk =>PUP.Optional.SystemK C:\Users\Sami\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave C:\Users\Sami\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave C:\WINDOWS\Prefetch\BROWSERAIR.EXE-BE55F020.pf =>PUP.Optional.BrowserAir C:\WINDOWS\Prefetch\SH_INSTALLER.EXE-AF58EEE7.pf =>.Superfluous.SpyHunter C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-83704D5A.pf =>.Superfluous.SpyHunter C:\program files (x86)\bitlord 2\bitlord files\bitlord.exe =>PUP.Optional.WhenUSave ---\\ Summary of the elements found (21) - 0s http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS http://www.nicolascoolman.fr/pup-optional-browserair/ =>PUP.Optional.BrowserAir http://www.nicolascoolman.fr/?p=596 =>PUP.Optional.SweetPage http://www.nicolascoolman.fr/?p=880 =>PUP.Optional.WhenUSave http://www.nicolascoolman.fr/?p=56 =>PUP.Optional.SystemK http://www.nicolascoolman.fr/?p=641 =>PUP.Optional.SoftwareUpdater http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SweetSearch http://www.nicolascoolman.fr/pup-isstart/ =>PUP.Optional.IsStart http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SettingsManager http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.WdsManPro http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.DriverToolkit http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Softonic http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.ZhuWeiqin http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader http://www.nicolascoolman.fr/?p=5143 =>Toolbar.AVGSafeGuard http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.SpyHunter http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SearchingCom ~ End of the scan, 46441 items in 00h07mn38s (1160)(0)