~ ZHPDiag v2016.1.31.23 By Nicolas Coolman (2016/01/30) ~ Run by Marc Oued (Administrator) (2017/05/11 00:29:10) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: No network file ~ Mode: Scan ~ Report: C:\Users\user\Desktop\ZHPDiag.txt ~ Report: C:\Users\user\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Pro, 64-bit (Build 14393) ---\\ Internet Browsers (1) - 0s MSIE: Internet Explorer v11.1066.14393.0 ---\\ Windows Product Information (3) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (3) - 3s avast! SecureLine v1.0.24.0 Kaspersky Internet Security v16.0.0.614 Windows Defender (Activate) ---\\ Surveillance software (1) - 4s Adobe Flash Player 25 NPAPI ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8284.524 MB (59% free) System Restore: Activé (Enable) System drive C: has 36 GB () free of 342 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: MYLAP ~ User Name: Marc Oued ~ Logged in as Administrator ---\\ Enumeration of the disk units (2) - 0s ~ Drive C: has 36 GB free of 342 GB (System) ~ Drive D: has 65 GB free of 318 GB ---\\ State of the Windows Security Center (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (25) - 0s [MD5.F2D58A2E27C2CD486F8F0A123A3F34C3] - 04/03/2017 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4674360] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.C7645D43451C6D94D87F4D07BDE59C89] - 16/07/2016 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [69632] =>.Microsoft Corporation [MD5.99A19C9A74E2F9820E501DCE77F84F70] - 16/07/2016 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [304240] {33000000D0ED4ADB049E69E8710000000000D0} =>.Microsoft Corporation [MD5.C9028EFC81B0AD00D2E5037AAF377FB5] - 28/03/2017 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [2895872] =>.Microsoft Corporation [MD5.917F081E2AB667C44F7D96DE1D16DFAE] - 14/12/2016 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [673792] =>.Microsoft Corporation [MD5.9600B7F2F89DE60A80D13DE42F672834] - 16/07/2016 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [402432] =>.Microsoft Corporation [MD5.2813C62F5BE7FAF0A1C5CC37E5C2F25D] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [646688] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.AA86DC342B4ED1C1F839C3BC8AEA64B1] - 04/03/2017 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [497416] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.7ABD5430F75A7FDDE5323B354C77514F] - 16/07/2016 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\WINDOWS\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation [MD5.323AA1953ED9C01E23F740FA891FE064] - 15/10/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [584032] =>.Microsoft Windows® [MD5.A10F989A812B57B9695F6C305907C9C6] - 16/07/2016 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows® [MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - 16/07/2016 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.613D0137C269187FA298A157E3D14A18] - 16/07/2016 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173056] =>.Microsoft Corporation [MD5.4BC21E937E9F9F408672D2C2CBE4A153] - 04/03/2017 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [145408] =>.Microsoft Corporation [MD5.10E3515FE5DBA6656FA62C29342EC4A1] - 16/07/2016 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [83456] =>.Microsoft Corporation [MD5.B54B30992620C97230013A74461C8517] - 16/07/2016 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114176] =>.Microsoft Corporation [MD5.F1DAECC3B3D6399875D4F10529D6A77C] - 16/07/2016 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [212480] =>.Microsoft Corporation [MD5.D559FF28B1AD9B1E15A4186E785E61F6] - 04/03/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [450400] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - 16/07/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [279040] =>.Microsoft Corporation [MD5.98BBD81DC481E9D58EEB31C81EBDEFF5] - 04/03/2017 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2255712] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - 16/07/2016 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation [MD5.17E565710172ED71B8531D8822E1C5D1] - 16/07/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation [MD5.7135785C21CA79D270D11037C43D3F19] - 16/07/2016 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [177152] =>.Microsoft Corporation [MD5.0B237F8A96952BF95A14865030E131F2] - 04/03/2017 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] {33000001066EC325C431C9180E000000000106} =>.Microsoft Corporation [MD5.BF2546583BB75F01DDA60A7921DFB230] - 16/07/2016 - (.Microsoft Corporation - Volume Shadow Copy driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [391520] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (16) - 3s O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab® O23 - Service: Droid4XService (Droid4XService) . (...) - C:\Program Files (x86)\Droid4X\Droid4XService.exe O23 - Service: F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation - F-Secure Freedome Service.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: HTCMonitorService (HTCMonitorService) . (.Nero AG - NService Application.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe =>.Nero AG® O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation - pGFX® O23 - Service: Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012 - PassThruSvr Application.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe =>.AVAST Software a.s.® O23 - Service: Baidu Spark Service (SparkSvc) . (.Baidu Inc. - spark.) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe {5FAEE9E83F32948F3B2040AC6DF0145C} O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.® O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\SysWOW64\vmnetdhcp.exe =>.VMware, Inc.® O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe =>.VMware, Inc.® O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\SysWOW64\vmnat.exe =>.VMware, Inc.® O23 - Service: VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.® O23 - Service: Wondershare Application Framework Service (WsAppService) . (.Wondershare - Wondershare Passport.) - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare O23 - Service: Wondershare Driver Install Service (WsDrvInst) . (.Wondershare - MobileGo Driver Installer.) - C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare ---\\ Services not Microsoft (SR=Run, SS=Stop) (34) - 124s SS - Disabl [16/04/2017] [ 271448] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SS - Disabl [28/07/2011] [ 262144] Arp Intelligent Protection Service (AIPS) . (.Arcai.com.) - C:\Program Files (x86)\netcut\services\aips.exe =>.arcai.com SS - Auto [14/10/2016] [ 194000] Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe =>.Kaspersky Lab® SS - Demand [18/01/2013] [ 577536] BlackBerry Device Manager (Blackberry Device Manager) . (.Research In Motion Limited.) - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe =>.Research In Motion Limited SS - Disabl [12/08/2015] [ 462096] Service Bonjour (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SS - Demand [12/05/2016] [ 280696] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX® SR - Auto [13/06/2016] [ 279552] Droid4XService (Droid4XService) . (...) - C:\Program Files (x86)\Droid4X\Droid4XService.exe SR - Auto [27/04/2017] [ 563168] F-Secure Freedome Service (Freedome Service) . (.F-Secure Corporation.) - C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation SS - Auto [07/02/2017] [ 153752] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [07/02/2017] [ 153752] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Disabl [24/09/2012] [ 31040] @oem14.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company SR - Auto [20/09/2016] [ 87368] HTCMonitorService (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe =>.Nero AG® SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation® SR - Auto [12/05/2016] [ 319096] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation SR - Auto [07/12/2012] [ 167424] Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe SS - Disabl [02/11/2006] [ 174656] ProtexisLicensing (ProtexisLicensing) . (.© 2000-2005 Protexis Inc..) - C:\Windows\SysWOW64\PSIService.exe SS - Disabl [25/06/2010] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe =>.CACE Technologies, Inc.® SS - Auto [30/05/2014] [ 395912] avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe =>.AVAST Software a.s.® SS - Disabl [27/09/2015] [ 739520] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico SS - Disabl [01/03/2013] [ 161384] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Technologies SA® SR - Auto [02/03/2017] [ 97080] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe {5FAEE9E83F32948F3B2040AC6DF0145C} SS - Demand [17/12/2015] [ 1372472] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files (x86)\baidu\SparkUpdate\Sparkupdate.exe {5FAEE9E83F32948F3B2040AC6DF0145C} SS - Disabl [27/06/2016] [ 253960] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated® SR - Auto [14/04/2016] [ 97864] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe =>.VMware, Inc.® SR - Auto [14/04/2016] [ 358080] VMware DHCP Service (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\SysWOW64\vmnetdhcp.exe =>.VMware, Inc.® SR - Auto [10/03/2016] [ 907968] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe =>.VMware, Inc.® SR - Auto [14/04/2016] [ 392896] VMware NAT Service (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\SysWOW64\vmnat.exe =>.VMware, Inc.® SR - Auto [14/04/2016] [12471368] VMware Workstation Server (VMwareHostd) . (...) - C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe =>.VMware, Inc.® SS - Disabl [09/07/2015] [ 144640] vssbrigde64 (vssbrigde64) . (.AO Kaspersky Lab.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe =>.Kaspersky Lab® SS - Demand [01/07/2016] [ 29696] wampapache64 (wampapache64) . (.Apache Software Foundation.) - c:\wamp64\bin\apache\apache2.4.23\bin\httpd.exe =>.Apache Software Foundation SS - Demand [12/07/2016] [39885824] wampmysqld64 (wampmysqld64) . (...) - c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe SR - Auto [20/03/2017] [ 473312] Wondershare Application Framework Service (WsAppService) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare SR - Auto [20/04/2017] [ 119008] Wondershare Driver Install Service (WsDrvInst) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare ---\\ Task Planned Automatically (29) - 7s [MD5.BE62B286791F715E430FB022C1707BBA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448] =>.Adobe Systems Incorporated® [MD5.EBF9EE1FD3CAF93596208A4EF1A5B942] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [740032] =>HackTool.KMSpico [MD5.70B2F403924958B8BD9BCACE8E097A59] [APT] [azskdtfaddfUpdate] (.VideoLAN.) -- C:\Program Files (x86)\azskdtfaddf\yuto.exe [137152] =>.VideoLAN® [MD5.5BCE955CF12AF3417F055DADC0212920] [APT] [Browser Updater Task(Core)] (.Tencent.) -- C:\Program Files (x86)\TXQQBrowser\Update\3B878D788DA34B0EA09AC0543ABB3821\Update\BrowserUpdate.exe [690144] =>.Superfluous.Tencent [MD5.00000000000000000000000000000000] [APT] [Ghipshplokaty Module] (...) -- C:\Program Files (x86)\Pluratherprivasy\ghpmoduleHujishprerwaied.exe (.not file.) [0] [MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc® [MD5.2D8BBF6C7241AAD9EDE7708EBB7B43A4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752] =>.Google Inc® [MD5.00000000000000000000000000000000] [APT] [Launch HTC Sync Loader] (...) -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.) [0] [MD5.7F014D20314F4902FF7AB2BD459C4430] [APT] [Milimili] (...) -- C:\Program Files (x86)\MIO\MIO.exe [282168] =>.Superfluous.Tencent [MD5.00000000000000000000000000000000] [APT] [Pramase Debuger] (...) -- C:\Program Files (x86)\Pramase\pramaseDbgTsk.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [smadav] (...) -- C:\Program Files (x86)\Smadav\SM?RTP.exe (.not file.) [0] [MD5.13E901EEC0347A024450962C48385120] [APT] [SparkUpdater] (.Baidu.com, Inc..) -- C:\Program Files (x86)\baidu\Baidu Browser\SparkUpdate.exe [1372472] {5FAEE9E83F32948F3B2040AC6DF0145C} [MD5.00000000000000000000000000000000] [APT] [UCBrowserUpdater] (...) -- C:\Program Files (x86)\UCBrowser\Application\update_task.exe (.not file.) [0] =>PUP.Optional.CertifiedToolbar [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] =>.Apple Inc.® [MD5.E3238CA9101C670556B636C8F4FCE358] [APT] [Lenovo\Lenovo Customer Feedback Program 64 35] (.Lenovo.) -- C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184] =>.LENOVO® O39 - APT: UCBrowserUpdater - (...) -- C:\WINDOWS\Tasks\UCBrowserUpdater.job [476] (.Orphean.) =>PUP.Optional.CertifiedToolbar O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [4558] =>.Adobe Systems Incorporated O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3464] =>HackTool.KMSpico O39 - APT: azskdtfaddfUpdate - (.VideoLAN.) -- C:\WINDOWS\System32\Tasks\azskdtfaddfUpdate [2274] =>.VideoLAN O39 - APT: Browser Updater Task(Core) - (.Tencent.) -- C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) [7926] =>.Superfluous.Tencent O39 - APT: Ghipshplokaty Module - (...) -- C:\WINDOWS\System32\Tasks\Ghipshplokaty Module [7486] (.Orphean.) O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3462] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3586] =>.Google Inc. O39 - APT: Launch HTC Sync Loader - (...) -- C:\WINDOWS\System32\Tasks\Launch HTC Sync Loader [3696] (.Orphean.) O39 - APT: Milimili - (...) -- C:\WINDOWS\System32\Tasks\Milimili [3676] O39 - APT: Pramase Debuger - (...) -- C:\WINDOWS\System32\Tasks\Pramase Debuger [7478] (.Orphean.) O39 - APT: smadav - (...) -- C:\WINDOWS\System32\Tasks\smadav [2426] (.Orphean.) O39 - APT: SparkUpdater - (.Baidu.com, Inc..) -- C:\WINDOWS\System32\Tasks\SparkUpdater [4190] O39 - APT: UCBrowserUpdater - (...) -- C:\WINDOWS\System32\Tasks\UCBrowserUpdater [3140] (.Orphean.) =>PUP.Optional.CertifiedToolbar ---\\ Process running (34) - 2s [MD5.58F30D9E0A2FC51B95042577BFF5F62E] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [319096] [PID.1608] =>.Intel Corporation - pGFX® [MD5.E0A69AAB9D8F6EFDAD11AE261E3FE986] - (.Wondershare - Wondershare Passport.) -- C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312] [PID.2560] {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare [MD5.5C8BC8A28798FD010E7ABC4E0D588CAA] - (.Nero AG - NService Application.) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368] [PID.2576] =>.Nero AG® [MD5.6F2D3D1DC9C5C55D195D3836616E7EA0] - (.Wondershare - MobileGo Driver Installer.) -- C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Library\DriverInstaller\DriverInstall.exe [119008] [PID.2584] {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare [MD5.D01950732DC7829124C9E3CC247F21A1] - (...) -- C:\Program Files (x86)\Droid4X\Droid4XService.exe [279552] [PID.2592] [MD5.75DEC843BDA054C9D3ACFC006E41A380] - (.F-Secure Corporation - F-Secure Freedome Service.) -- C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\FreedomeService.exe [563168] [PID.2644] {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation [MD5.6A881210DB2753D610EF045BF27BC022] - (.Baidu Inc. - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\sparkservice.exe [97080] [PID.2816] {5FAEE9E83F32948F3B2040AC6DF0145C} [MD5.D845AD2EF17354B85A9C2564EFCBE692] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\SysWOW64\vmnetdhcp.exe [358080] [PID.2824] =>.VMware, Inc.® [MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Copyright (C) 2012 - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2832] [MD5.21189E3D6E45A0537D326E2A41A31936] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\SysWOW64\vmnat.exe [392896] [PID.2888] =>.VMware, Inc.® [MD5.688911427532BCD0FB6E840CD75BE77A] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [97864] [PID.3208] =>.VMware, Inc.® [MD5.4AD6167F85CF70754D18222D33DB2F75] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [907968] [PID.3216] =>.VMware, Inc.® [MD5.4007A33A82C6E289A7694184628DC189] - (...) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12471368] [PID.3644] =>.VMware, Inc.® [MD5.4E50F3A1299C1274612F801CB2BEAADF] - (.Intel Corporation - igfxEM Module.) -- C:\Windows\System32\igfxEM.exe [530552] [PID.6136] =>.Intel Corporation - pGFX® [MD5.EA0F427B322F9861AE5A80E95DEA4AB1] - (.Intel Corporation - igfxHK Module.) -- C:\Windows\System32\igfxHK.exe [247416] [PID.872] =>.Intel Corporation - pGFX® [MD5.59DCEF50755E5FBB54EC882FC7BE6D00] - (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe [821240] [PID.7008] =>.Nero AG® [MD5.58D0F2A12C419A527AE1B45458BAC4F2] - (.Wondershare - BackupRemind.) -- C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Addins\AndroidBackupRestore\BackupRemind.exe [40080] [PID.9380] {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.860] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.7940] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.1440] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.11440] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.15868] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.11400] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.16388] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.9500] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.9260] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.7100] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.13520] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.13748] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.FF9CE0FC9E3B4BC22001764A9EFE4741] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\user\Downloads\Programs\ZHPDiag3.exe [2105344] [PID.10772] =>.Nicolas Coolman [MD5.38372AA4CC9FBD0EB7A26FC7B5F24562] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Bangcar\Application\chrome.exe [945496] [PID.10788] {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. [MD5.D0278FA8947ED54A112893F71917F46A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe [2133504] [PID.4868] {59123D60D39E60127D6B456A62C9DEAC} [MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.10944] [MD5.D7B59C5C8C22101B50502AFB482A86FE] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\user\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe [387072] [PID.3696] ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 1s P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@RIM.com/WebSLLauncher,version=1.0] - (.Research In Motion.) -- C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll =>.Research In Motion ---\\ Internet Explorer Extensions, Start, Search (18) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.startpageing123.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.startpageing123.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.startpageing123.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.startpageing123.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.startpageing123.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (6) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit= F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (16) ---\\ Browser Helper Object (BHO) (5) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll {7828C7315808BC8717710E13FA3C0B24} =>.Internet Download Manager, Tonec Inc. O2 - BHO: Lync Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O2 - BHO: ScriptInjectionPluginBrowserHelperObject [64Bits] - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab O2 - BHO: Microsoft OneDrive for Business Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} (Orphean) ---\\ Auto loading programs from Registry and folders (20) - 1s O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- C:\Program Files\Zune\ZuneLauncher.exe =>.Microsoft Corporation® O4 - HKLM\..\Run: [WindowsDefender] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe (.not file.) O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O4 - HKCU\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (.not file.) O4 - HKCU\..\Run: [PC Remote Server] . (.PC Remote - PC Remote Server.) -- C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48} O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc. O4 - HKCU\..\Run: [IDM trial reset] . (...) -- C:\Users\user\Downloads\IDM\Trial Reset IDM Auto.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.® O4 - HKLM\..\Wow6432Node\Run: [vmware-tray.exe] . (.VMware, Inc. - VMware Tray Process.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe =>.VMware, Inc.® O4 - HKLM\..\Wow6432Node\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe =>.Research In Motion® O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (.not file.) O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [PC Remote Server] . (.PC Remote - PC Remote Server.) -- C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48} O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc. O4 - HKUS\S-1-5-21-4059555930-3725772092-1550307721-1001\..\Run: [IDM trial reset] . (...) -- C:\Users\user\Downloads\IDM\Trial Reset IDM Auto.exe ---\\ Global shortcuts Startup (123) - 8s O4 - GS\Desktop [Administrateur]: Advanced Grammar in Use.lnk . (.Cambridge University Press - Advanced Grammar in Use.) C:\Cambridge\AGU\AGU.exe =>.Cambridge University Press O4 - GS\Desktop [Administrateur]: ASIO4ALL v2 Instruction Manual.lnk . (...) C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf O4 - GS\Desktop [Administrateur]: Car Mechanic Simulator 2015.lnk . (...) C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe O4 - GS\Desktop [Administrateur]: Cisco Packet Tracer.lnk . (...) C:\Program Files (x86)\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe O4 - GS\Desktop [Administrateur]: DoulCI Activator v3.0 Private Build.lnk . (.DoulCI Team® - DoulCI Activator v3.0.) C:\Program Files (x86)\DoulCI Team\DoulCI Activator v3.0 Private Build\DoulCI Activator v3.0.exe O4 - GS\Desktop [Administrateur]: doulCi™ Activator v2.0.14.lnk . (.Copyright © 2015 - Doulci iCloud.) C:\Program Files (x86)\Doulci iCloud\doulCi™ Activator tool\doulCi™ Activator v2.0.14.exe O4 - GS\Desktop [Administrateur]: eclipse.exe - Raccourci.lnk . (...) C:\Users\user\Documents\Mes cours\Isig international\Semestre 5\Infographie\Info\eclipse-standard-kepler-SR1-win32-x86_64\eclipse\eclipse.exe O4 - GS\Desktop [Administrateur]: English Grammar in Use.lnk . (.Cambridge University Press - English Grammar in Use.) C:\Cambridge\EGU\EGU.exe =>.Cambridge University Press O4 - GS\Desktop [Administrateur]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press O4 - GS\Desktop [Administrateur]: FL Studio 12 (64bit).lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O4 - GS\Desktop [Administrateur]: FL.exe - Shortcut.lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O4 - GS\Desktop [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\Desktop [Administrateur]: Grand Dictionnaire Hachette Oxford.lnk . (.Oxford University Press - Oxford-Hachette French Dictionary.) C:\Program Files (x86)\GDHO\gdho.exe O4 - GS\Desktop [Administrateur]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc. O4 - GS\Desktop [Administrateur]: KB Piano 2.lnk . (.G.F. Software - .) C:\Program Files (x86)\KB Piano 2\KBPiano2.exe O4 - GS\Desktop [Administrateur]: LGMobile Support Tool.lnk . (.LG Electronics - LGMLauncher LGMobile Application.) C:\ProgramData\LGMOBILEAX\LGMLauncher.exe {4BAD88265909F29EB7827157954A75A5} =>.LG Electronics O4 - GS\Desktop [Administrateur]: Messenger.exe - Raccourci.lnk . (...) C:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exe O4 - GS\Desktop [Administrateur]: NFS13.exe - Raccourci.lnk . (.Electronic Arts - Need for Speed™ Most Wanted.) D:\Logistics\Games\Race\Need for Speed Most Wanted\NFS13.exe =>.Electronic Arts O4 - GS\Desktop [Administrateur]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE O4 - GS\Desktop [Administrateur]: PC Remote Server.lnk . (.PC Remote - PC Remote Server.) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48} O4 - GS\Desktop [Administrateur]: PianoFX STUDIO 4.0.lnk . (.Tanseon Systems - PianoFX STUDIO 4.0.) C:\Program Files (x86)\PianoFX\PianoFX.exe O4 - GS\Desktop [Administrateur]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group® O4 - GS\Desktop [Administrateur]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab® O4 - GS\Desktop [Administrateur]: Speed - Raccourci.lnk . (...) D:\Logistics\Games\Race\Need for Speed Most Wanted\Speed.exe O4 - GS\Desktop [Administrateur]: sublime_text.exe - Raccourci.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Sublime Text Build 3047\sublime_text.exe {7F74C210CC0D477C7F54A8D4822D6A} O4 - GS\Desktop [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe O4 - GS\Desktop [Administrateur]: Test Simulator.lnk . (...) C:\Program Files (x86)\Test Simulator\T_Simulator.exe O4 - GS\Desktop [Administrateur]: traducteur.exe - Shortcut.lnk . (...) D:\Logistics\TRADUCTION ANG FRANC\traducteur.exe O4 - GS\Desktop [Administrateur]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe O4 - GS\Desktop [Administrateur]: Universal Advance Unlocker.lnk . (.Josedavido & Dawood1208 - Universal Advance Unlocker.) C:\Program Files (x86)\Universal Advance Unlocker\Universal Advance Unlocker.exe O4 - GS\Desktop [Administrateur]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe {03E439D641B50EB561802D9A7F57D494} O4 - GS\Desktop [Administrateur]: Usenet.nl.lnk . (.Copyright © 2009 - Usenet.nl.) C:\Program Files (x86)\Usenet.nl\Usenet.nl.exe O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O4 - GS\Quicklaunch [Administrateur]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [Administrateur]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files (x86)\netcut\netcut.exe =>.arcai.com O4 - GS\Quicklaunch [Administrateur]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe O4 - GS\Quicklaunch [Administrateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\sendTo [Administrateur]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies SA® O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O4 - GS\Startup [Administrateur]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe O4 - GS\Desktop [Marc Oued]: Advanced Grammar in Use.lnk . (.Cambridge University Press - Advanced Grammar in Use.) C:\Cambridge\AGU\AGU.exe =>.Cambridge University Press O4 - GS\Desktop [Marc Oued]: ASIO4ALL v2 Instruction Manual.lnk . (...) C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual.pdf O4 - GS\Desktop [Marc Oued]: Car Mechanic Simulator 2015.lnk . (...) C:\Games\Car Mechanic Simulator 2015\cms2015_Loader.exe O4 - GS\Desktop [Marc Oued]: Cisco Packet Tracer.lnk . (...) C:\Program Files (x86)\Cisco Packet Tracer 6.0.1\bin\PacketTracer6.exe O4 - GS\Desktop [Marc Oued]: DoulCI Activator v3.0 Private Build.lnk . (.DoulCI Team® - DoulCI Activator v3.0.) C:\Program Files (x86)\DoulCI Team\DoulCI Activator v3.0 Private Build\DoulCI Activator v3.0.exe O4 - GS\Desktop [Marc Oued]: doulCi™ Activator v2.0.14.lnk . (.Copyright © 2015 - Doulci iCloud.) C:\Program Files (x86)\Doulci iCloud\doulCi™ Activator tool\doulCi™ Activator v2.0.14.exe O4 - GS\Desktop [Marc Oued]: eclipse.exe - Raccourci.lnk . (...) C:\Users\user\Documents\Mes cours\Isig international\Semestre 5\Infographie\Info\eclipse-standard-kepler-SR1-win32-x86_64\eclipse\eclipse.exe O4 - GS\Desktop [Marc Oued]: English Grammar in Use.lnk . (.Cambridge University Press - English Grammar in Use.) C:\Cambridge\EGU\EGU.exe =>.Cambridge University Press O4 - GS\Desktop [Marc Oued]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press O4 - GS\Desktop [Marc Oued]: FL Studio 12 (64bit).lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL64.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O4 - GS\Desktop [Marc Oued]: FL.exe - Shortcut.lnk . (.Image-Line - FL Studio.) C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O4 - GS\Desktop [Marc Oued]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\Desktop [Marc Oued]: Grand Dictionnaire Hachette Oxford.lnk . (.Oxford University Press - Oxford-Hachette French Dictionary.) C:\Program Files (x86)\GDHO\gdho.exe O4 - GS\Desktop [Marc Oued]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc. O4 - GS\Desktop [Marc Oued]: KB Piano 2.lnk . (.G.F. Software - .) C:\Program Files (x86)\KB Piano 2\KBPiano2.exe O4 - GS\Desktop [Marc Oued]: LGMobile Support Tool.lnk . (.LG Electronics - LGMLauncher LGMobile Application.) C:\ProgramData\LGMOBILEAX\LGMLauncher.exe {4BAD88265909F29EB7827157954A75A5} =>.LG Electronics O4 - GS\Desktop [Marc Oued]: Messenger.exe - Raccourci.lnk . (...) C:\Program Files (x86)\Softros Systems\Softros Messenger\Messenger.exe O4 - GS\Desktop [Marc Oued]: NFS13.exe - Raccourci.lnk . (.Electronic Arts - Need for Speed™ Most Wanted.) D:\Logistics\Games\Race\Need for Speed Most Wanted\NFS13.exe =>.Electronic Arts O4 - GS\Desktop [Marc Oued]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE O4 - GS\Desktop [Marc Oued]: PC Remote Server.lnk . (.PC Remote - PC Remote Server.) C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe {2B2F2DCBBD5B48} O4 - GS\Desktop [Marc Oued]: PianoFX STUDIO 4.0.lnk . (.Tanseon Systems - PianoFX STUDIO 4.0.) C:\Program Files (x86)\PianoFX\PianoFX.exe O4 - GS\Desktop [Marc Oued]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe =>.VS Revo Group® O4 - GS\Desktop [Marc Oued]: Safe Money.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab® O4 - GS\Desktop [Marc Oued]: Speed - Raccourci.lnk . (...) D:\Logistics\Games\Race\Need for Speed Most Wanted\Speed.exe O4 - GS\Desktop [Marc Oued]: sublime_text.exe - Raccourci.lnk . (.Copyright (C) 2006 - 2016 Sublime HQ Pty Ltd - Sublime Text.) C:\Sublime Text Build 3047\sublime_text.exe {7F74C210CC0D477C7F54A8D4822D6A} O4 - GS\Desktop [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe O4 - GS\Desktop [Marc Oued]: Test Simulator.lnk . (...) C:\Program Files (x86)\Test Simulator\T_Simulator.exe O4 - GS\Desktop [Marc Oued]: traducteur.exe - Shortcut.lnk . (...) D:\Logistics\TRADUCTION ANG FRANC\traducteur.exe O4 - GS\Desktop [Marc Oued]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe O4 - GS\Desktop [Marc Oued]: Universal Advance Unlocker.lnk . (.Josedavido & Dawood1208 - Universal Advance Unlocker.) C:\Program Files (x86)\Universal Advance Unlocker\Universal Advance Unlocker.exe O4 - GS\Desktop [Marc Oued]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe {03E439D641B50EB561802D9A7F57D494} O4 - GS\Desktop [Marc Oued]: Usenet.nl.lnk . (.Copyright © 2009 - Usenet.nl.) C:\Program Files (x86)\Usenet.nl\Usenet.nl.exe O4 - GS\Desktop [Marc Oued]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\user\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Marc Oued]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O4 - GS\Quicklaunch [Marc Oued]: Apple Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [Marc Oued]: Arcai.com's NetCut.lnk . (.Arcai.com - NetCut Arp Spoof Application.) C:\Program Files (x86)\netcut\netcut.exe =>.arcai.com O4 - GS\Quicklaunch [Marc Oued]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare O4 - GS\Quicklaunch [Marc Oued]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe O4 - GS\Quicklaunch [Marc Oued]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O4 - GS\sendTo [Marc Oued]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\sendTo [Marc Oued]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies SA® O4 - GS\TaskBar [Marc Oued]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O4 - GS\Startup [Marc Oued]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe O4 - GS\CommonDesktop [Public]: AIMP.lnk . (.AIMP DevTeam - AIMP.) C:\Program Files (x86)\AIMP\AIMP.exe {2E5136402087ADFCCD8977967B2F00B7} =>.AIMP DevTeam O4 - GS\CommonDesktop [Public]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C} O4 - GS\CommonDesktop [Public]: BlackBerry Desktop Software.lnk . (.Research In Motion - BlackBerry Desktop Software.) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe =>.Research In Motion® O4 - GS\CommonDesktop [Public]: Download IDM 6.26 build...lnk . (...) C:\Users\user\Downloads\Programs\IDM 6.exe O4 - GS\CommonDesktop [Public]: dr.fone toolkit pour Android.lnk . (.Wondershare - dr.fone toolkit loader.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\DrFoneLoader.exe {5CCAA82369A26AEE30D017616B1CEB69} =>.Wondershare O4 - GS\CommonDesktop [Public]: Droid4X Multi Manager.lnk . (...) C:\Program Files (x86)\Droid4X\MultiMgr.exe {141EC0B6DE6EE09A2165B9E3CEAE9C05} O4 - GS\CommonDesktop [Public]: Droid4X.lnk . (...) C:\Program Files (x86)\Droid4X\Droid4X.exe {141EC0B6DE6EE09A2165B9E3CEAE9C05} O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.0, Best Reader for Everyday.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\CommonDesktop [Public]: Freedome.lnk . (.F-Secure Corporation - F-Secure Freedome UI.) C:\Program Files (x86)\F-Secure\Freedome\Freedome\1.1\Freedome.exe {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Bangcar\Application\chrome.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O4 - GS\CommonDesktop [Public]: Google Earth.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google O4 - GS\CommonDesktop [Public]: Google.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C} O4 - GS\CommonDesktop [Public]: Harrap's Unabridged Pro Français - Anglais.lnk . (.Copyright (C) 2002 - Application MFC Multilingual.) C:\Program Files (x86)\Harrap\Harrap's Unabridged Pro\Bin\MultiLingual.exe O4 - GS\CommonDesktop [Public]: HTC Sync Manager.lnk . (...) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe =>.Nero AG® O4 - GS\CommonDesktop [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\WINDOWS\system32\GfxUIEx.exe =>.Intel Corporation - pGFX® O4 - GS\CommonDesktop [Public]: iReport-5.6.0.lnk . (...) C:\Program Files (x86)\Jaspersoft\iReport-5.6.0\bin\ireport.exe O4 - GS\CommonDesktop [Public]: Jurassic UniAndroid.lnk . (.Jurassic GSM Tools - Jurassic Universal Android Tool.) C:\Program Files (x86)\JURASSIC Universal Android Tool v.5.0.2\Jurassic UniAndroid.exe O4 - GS\CommonDesktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe =>.Kaspersky Lab® O4 - GS\CommonDesktop [Public]: MiniTool Partition Wizard Free.lnk . (...) C:\Program Files\MiniTool Partition Wizard Free 9.1\loader.exe {1121FE616769A8C3C0A0EDC5507542AE320D} O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Firefox\Firefox.exe {57FCDAB4B0C6202BC89A0DDD4A742960} =>.Mozilla Corporation O4 - GS\CommonDesktop [Public]: NetBeans IDE 8.0.2.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\NetBeans 8.0.2\bin\netbeans64.exe =>.Oracle Corporation O4 - GS\CommonDesktop [Public]: Petit Larousse 2010.lnk . (.Larousse - Le Petit Larousse 2010.) C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\PLViewer.exe O4 - GS\CommonDesktop [Public]: Recuva.lnk . (.Piriform Ltd - Recuva.) C:\Program Files\Recuva\recuva64.exe =>.Piriform Ltd® O4 - GS\CommonDesktop [Public]: Safari.lnk . (...) C:\WINDOWS\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\CommonDesktop [Public]: SecureLine.lnk . (.AVAST Software - SecureLine.) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe =>.AVAST Software a.s.® O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\WINDOWS\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN O4 - GS\CommonDesktop [Public]: Wampserver64.lnk . (.Aestan Software - Aestan Tray Menu.) C:\wamp64\wampmanager.exe =>.Aestan Software O4 - GS\Startup [Public]: avast! SecureLine.lnk . (.AVAST Software - SecureLine.) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe =>.AVAST Software a.s.® O4 - GS\Startup [Public]: BackupRemind.lnk . (.Wondershare - BackupRemind.) C:\Program Files (x86)\Wondershare\Wondershare Dr.Fone for Android (CPC)\Addins\AndroidBackupRestore\BackupRemind.exe {1F8663313222FF9957A7D5EDD27A3346} =>.Wondershare O4 - GS\Startup [Public]: Hyperappel du Petit Larousse 2010.lnk . (.Copyright (C) 2000 - Application MFC hyperappel.) C:\Program Files (x86)\Larousse\Petit Larousse 2010\bin\Hyperappel.exe O4 - GS\Programs [Public]: Essential Grammar in Use.lnk . (.Cambridge University Press - Essential Grammar In Use.) C:\Program Files (x86)\Cambridge\EssentialGrammarInUse\EssGram.exe =>.Cambridge University Press O4 - GS\Programs [Public]: NoteWorthy Composer.lnk . (...) C:\Program Files (x86)\NoteWorthy Composer\NWC32.EXE O4 - GS\Programs [Public]: Survey Remover 4.1.0.0.lnk . (.Survey Remover Online - Survey Remover 4.1.0.0.) C:\Program Files (x86)\Survey Remover Trial\Survey Remover Trial 4.1.0.0.exe O4 - GS\Programs [Public]: UniFlash V2.lnk . (...) C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_E4A40A3216341D7F72DB1C.exe ---\\ Lop.com/Domain Hijackers (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{124991fe-45c5-4718-a553-9220dee06f91}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0d511c1c-9df9-4f03-bf4a-aa7be1a7d953}: DhcpNameServer = 198.18.6.145 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c1a485f3-dd50-415a-a57c-872e1a132a28}: DhcpNameServer = 192.168.0.1 ---\\ Extra protocols (31) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (.not file.) O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (...) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll (.not file.) O18 - Handler: mso-minsb-roaming.16 [64Bits] - {83C25742-A9F7-49FB-9138-434302C88D07} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O18 - Handler: mso-minsb.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O18 - Handler: osf-roaming.16 [64Bits] - {42089D2D-912D-4018-9087-2B87803E93FB} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O18 - Handler: osf.16 [64Bits] - {5504BE45-A83B-4808-900A-3A5C36E7F77A} . (.Microsoft Corporation - Microsoft Office 2016 component.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll =>.Skype Technologies SA® O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation® O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation® O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation ---\\ List of key exploring StartupApproved (38) - 1s [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Bitdefender Wallet Agent [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SpeedConnectStartUp [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:pdiface [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Chromium [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDM trial reset [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:X-Lite [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:apphide2 [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SuperCopier3 [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OfficeSyncProcess [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:PC Remote Server [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:background_fault [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:e.lnk [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MyPC Backup.lnk =>PUP.Optional.MyPCBackup [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:PdaNet Desktop.lnk [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Survey Remover 4.1.0.0.lnk [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:uTorrent [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Bitdefender Wallet Agent [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDMan [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OneDrive [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SpeedConnectStartUp [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:pdiface [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Chromium [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:IDM trial reset [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:X-Lite [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:apphide2 [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:SuperCopier3 [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:Viber [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:OfficeSyncProcess [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:PC Remote Server [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]:background_fault [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:e.lnk [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:MyPC Backup.lnk =>PUP.Optional.MyPCBackup [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:PdaNet Desktop.lnk [HKEY_USERS\S-1-5-21-4059555930-3725772092-1550307721-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder]:Survey Remover 4.1.0.0.lnk ---\\ Software installed (142) - 22s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent {59123D60D39E60127D6B456A62C9DEAC} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0A5B39D2-7ED6-4779-BCC9-37F381139DB3} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 25 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Shockwave Player + Authorware Web Player - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player + Authorware Web Player =>.Adobe Systems, Inc. O42 - Logiciel: AIMP - (.AIMP DevTeam.) [HKLM][64Bits] -- AIMP {2E5136402087ADFCCD8977967B2F00B7} =>.AIMP DevTeam O42 - Logiciel: AlphaGo - (.AlphaGo.) [HKLM][64Bits] -- {E1AF73C7-0C82-4D66-829E-16B29FBBF384} O42 - Logiciel: amuleC - (.amuleC.) [HKLM][64Bits] -- {19539992-061C-4E8B-9053-07B175303AF4} O42 - Logiciel: Analyseur et SDK MSXML 4.0 SP2 - (.Microsoft Corporation.) [HKLM][64Bits] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC} =>.Microsoft Corporation O42 - Logiciel: Android Studio - (.Google Inc..) [HKLM][64Bits] -- Android Studio {2A9C21ACAAA63A3C58A7B9322BEE948D} =>.Google Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc. O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL =>.Michael Tippach O42 - Logiciel: avast! SecureLine v1.0.24.0 - (.AVAST Software.) [HKLM][64Bits] -- {2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1 =>.AVAST Software a.s.® O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM][64Bits] -- Spark {5FAEE9E83F32948F3B2040AC6DF0145C} O42 - Logiciel: Barre de recherche Encarta (64 bits) - (.Microsoft.) [HKLM][64Bits] -- {08184040-959A-4B0D-8825-2C533F0DDB19} =>.Microsoft O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- {BE5B0450-DCCB-4FE9-93E2-3B38D88A745B} =>.Research In Motion Ltd. O42 - Logiciel: BlackBerry Desktop Software 7.1 - (.Research In Motion Ltd..) [HKLM][64Bits] -- BlackBerry_Desktop =>.Research In Motion® O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc. O42 - Logiciel: Cambridge- Advanced Grammar in Use - (.Clarity Language Consultants Ltd.) [HKLM][64Bits] -- Cambridge- Advanced Grammar in Use O42 - Logiciel: Cambridge- English Grammar in Use - (.Clarity Language Consultants Ltd.) [HKLM][64Bits] -- Cambridge- English Grammar in Use O42 - Logiciel: Car Mechanic Simulator 2015 v.1.0.6.2 - (...) [HKLM][64Bits] -- Car Mechanic Simulator 2015_is1 O42 - Logiciel: Cisco Networking Academy curriculum 4.0(1) - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco Networking Academy curriculum_is1 =>.Cisco Systems, Inc. O42 - Logiciel: Cisco Packet Tracer 6.0.1 - (.Cisco Systems, Inc..) [HKLM][64Bits] -- Cisco Packet Tracer 6.0.1_is1 =>.Cisco Systems, Inc. O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft O42 - Logiciel: DoulCI Activator v3.0 Private Build - (.DoulCI Team.) [HKLM][64Bits] -- DoulCI Activator v3.0 Private Build O42 - Logiciel: doulCi™ Activator tool 2.0.14 - (.Doulci iCloud.) [HKLM][64Bits] -- doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator O42 - Logiciel: dr.fone toolkit pour Android (Version 8.2.1) - (.Wondershare Technology Co.,Ltd..) [HKLM][64Bits] -- {7B08A1E1-3644-4237-B39D-762B5F5564D0}_is1 {5CCAA82369A26AEE30D017616B1CEB69} O42 - Logiciel: Droid4X - (.Haiyu Dongxiang Co.,Ltd..) [HKLM][64Bits] -- Droid4X O42 - Logiciel: Essential Grammar in Use - (.Cambridge.) [HKLM][64Bits] -- {253C884B-3E62-4FA3-88AF-4861F1A1BCC3} =>.Cambridge O42 - Logiciel: FL Studio 12 - (.Image-Line.) [HKLM][64Bits] -- FL Studio 12 {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O42 - Logiciel: FL Studio ASIO - (.Image-Line.) [HKLM][64Bits] -- FL Studio ASIO {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O42 - Logiciel: FormatFactory 3.3.1.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory =>.Format Factory O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1 =>.Foxit Software Incorporated® O42 - Logiciel: Free Bible 0.92 - (.BibleGratuite.org.) [HKLM][64Bits] -- BibleGratuite_is1 O42 - Logiciel: Freedome - (.F-Secure Corporation.) [HKLM][64Bits] -- F-Secure Freedome {041BB945D9BF4EFB0CA0FD633751DB8A} =>.F-Secure Corporation O42 - Logiciel: GlassFish Server Open Source Edition 4.1 - (...) [HKLM][64Bits] -- nbi-glassfish-mod-4.1.0.13.0 O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {F6430171-B86B-4639-839E-374913E7911D} =>.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Grand Dictionnaire Hachette-Oxford - (...) [HKLM][64Bits] -- Grand Dictionnaire Hachette-Oxford O42 - Logiciel: Harrap's Unabridged Pro - (...) [HKLM][64Bits] -- Harrap's Unabridged Pro O42 - Logiciel: Harrap's Unabridged Pro Français - Anglais - (...) [HKLM][64Bits] -- {1F73C81A-E441-4957-BF0C-9CFAB635E69B} O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM][64Bits] -- {4CEEE5D0-F905-4688-B9F9-ECC710507796} =>.HTC Corporation O42 - Logiciel: HTC Sync Manager - (.HTC.) [HKLM][64Bits] -- {231D0C79-98A6-4693-A366-36DE7D7346EC} =>.HTC O42 - Logiciel: IL Download Manager - (.Image-Line.) [HKLM][64Bits] -- IL Download Manager {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O42 - Logiciel: IL Shared Libraries - (.Image-Line.) [HKLM][64Bits] -- IL Shared Libraries {675CD761D5E622BE396492313ABC0E9A} =>.Image-Line O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {1CEAC85D-2590-4760-800F-8DE5E91F3700} =>.Intel Corporation O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {9ECA1744-4800-4AE2-AC52-9109E24854AA} =>.Intel Corporation O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {335F9123-9306-4DB0-AF07-9C636317EE9D} =>.Intel Corporation O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - pGFX® O42 - Logiciel: Intel® RealSense™ SDK 2014 Runtime (x64): Core - (.Intel Corporation.) [HKLM][64Bits] -- {37D41A97-6B02-4C30-8753-85107BE1D674} =>.Intel Corporation O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc. O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM][64Bits] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC O42 - Logiciel: iReport 5.6.0 - (.Jaspersoft Corp..) [HKLM][64Bits] -- iReport-5.6.0.exe O42 - Logiciel: Java 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418051F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Java SE Development Kit 8 Update 51 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180510} =>.Oracle Corporation O42 - Logiciel: Java(TM) 7 Update 2 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417002FF} =>.Oracle O42 - Logiciel: Java(TM) SE Development Kit 7 Update 2 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0170020} =>.Oracle O42 - Logiciel: JavaFX 2.0.2 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-202648764D10} =>.Oracle Corporation O42 - Logiciel: JavaFX 2.0.2 SDK (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {2222706F-666A-4037-7777-202648764D10} =>.Oracle Corporation O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} =>.Microsoft Corporation O42 - Logiciel: JURASSIC Universal Android Tool v.5.0.2 - (...) [HKLM][64Bits] -- JURASSIC Universal Android Tool v.5.0.2 O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab O42 - Logiciel: Kaspersky Internet Security - (.Kaspersky Lab.) [HKLM][64Bits] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26} =>.Kaspersky Lab O42 - Logiciel: KB Piano 2.5.1 Shareware version - (...) [HKLM][64Bits] -- KB Piano_is1 O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico O42 - Logiciel: LG United Mobile Driver - (.LG Electronics.) [HKLM][64Bits] -- {2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA} =>.LG Electronics O42 - Logiciel: LG USB WML Modem Driver - (.LG Electronics.) [HKLM][64Bits] -- {FBA0CA60-8BF2-4381-B819-74F020E165A9} =>.LG Electronics O42 - Logiciel: LG VZW United Drivers - (.LG Electronics.) [HKLM][64Bits] -- {E86DE69E-A94E-41B6-8661-7372FCA1A83C} =>.LG Electronics O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196} =>.Lenovo Group Limited O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Encarta 2009 - Collection - (.Microsoft Corporation.) [HKLM][64Bits] -- {09180081-2C94-4A67-8E55-8483C019C7D2} =>.Microsoft Corporation O42 - Logiciel: MiniTool Partition Wizard Free 9.1 - (.MiniTool Solution Ltd..) [HKLM][64Bits] -- {05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1 {1121FE616769A8C3C0A0EDC5507542AE320D} =>.MiniTool Solution Ltd. O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.Microsoft O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94} =>.Microsoft Corporation O42 - Logiciel: MusicLab Virtual MIDI Driver - (.MusicLab, Inc..) [HKLM][64Bits] -- {A30B7FD7-04A1-46e1-ABDF-FD592C113253} O42 - Logiciel: NetBeans IDE 8.0.2 - (.NetBeans.org.) [HKLM][64Bits] -- nbi-nb-base-8.0.2.0.201411181905 =>.NetBeans.org O42 - Logiciel: NetCut 2.1.4 - (.arcai.com.) [HKLM][64Bits] -- NetCut_is1 =>.arcai.com O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team O42 - Logiciel: NoteWorthy Composer - (...) [HKLM][64Bits] -- NoteWorthy Composer O42 - Logiciel: Office 16 Click-to-Run Extensibility Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Extensibility Component 64-bit Registration - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-00DD-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Licensing Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-007E-0000-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Office 16 Click-to-Run Localization Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {90160000-008C-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Oracle VM VirtualBox 4.3.12_ZZZZ - (.Oracle Corporation.) [HKLM][64Bits] -- {B5121457-0126-4E62-BCBF-6DC7C73D9E4A} =>.Oracle Corporation O42 - Logiciel: PC Remote - (.PC Remote.) [HKLM][64Bits] -- {C934DF74-D0D9-445C-90AA-34012A04E11D} O42 - Logiciel: Petit Larousse 2010 - (...) [HKLM][64Bits] -- {422FADA9-FED2-41D7-B5FA-472BB98B7784} O42 - Logiciel: PianoFX STUDIO 4.0 - (.Tanseon Systems.) [HKLM][64Bits] -- PianoFX STUDIO 4.0_is1 O42 - Logiciel: PotPlayer v1.6.55391 Stable x86 - (.Daum Corp..) [HKLM][64Bits] -- PotPlayer O42 - Logiciel: Recuva - (.Piriform.) [HKLM][64Bits] -- Recuva =>.Piriform Ltd® O42 - Logiciel: reFX Nexus VSTi RTAS v2.2.0 - (...) [HKLM][64Bits] -- reFX Nexus_is1 O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller =>.VS Revo Group O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} =>.Apple Inc. O42 - Logiciel: SAM CoDeC Pack - (.www.SamLab.ws.) [HKLM][64Bits] -- SAM CoDeC Pack O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D} =>.Skype Technologies S.A. O42 - Logiciel: Survey Remover Trial - (.Survey Remover Online.) [HKLM][64Bits] -- Survey Remover Trial4.1.0.0 O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated O42 - Logiciel: Terela - (.Terela.) [HKLM][64Bits] -- {E2F7C535-0785-4C2D-B56F-016BFD02B010} O42 - Logiciel: Test Simulator - (...) [HKLM][64Bits] -- Test Simulator O42 - Logiciel: Try Corel Snapfire muvee autoProducer add on - (.Nom de votre société.) [HKLM][64Bits] -- {12665B01-3F3A-4433-B179-9D8E352D7547} O42 - Logiciel: UAUBEN DEL SOFTWARE BUNDLE - (.UAUBEN.) [HKLM][64Bits] -- {6238D800-71CD-44F2-BED6-707CE8FEDFBE} O42 - Logiciel: UniFlash - (.Mikhail Prokofiev.) [HKLM][64Bits] -- {76C39E3D-0A9D-453C-80E3-D4FA454BE16B} O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {D9C4202E-6D51-4B06-A8F1-22316E654BCA} =>.ClockworkMod O42 - Logiciel: Universal Advance Unlocker - (...) [HKLM][64Bits] -- Universal Advance Unlocker O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM][64Bits] -- Usbfix =>.El Desaparecido - www.usbfix.net - www.sosvirus.net O42 - Logiciel: Usenet.nl - (...) [HKLM][64Bits] -- Usenet.nl_is1 =>.TangySoft Ltd.® O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: VMware Workstation - (.VMware, Inc..) [HKLM][64Bits] -- {F4C0A853-FA3B-4404-954B-799299EB5A98} =>.VMware, Inc. O42 - Logiciel: Wampserver64 3.0.6 - (.Dominique Ottello aka Otomatic.) [HKLM][64Bits] -- {wampserver64}_is1 O42 - Logiciel: Windows Mobile Device Updater Component - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2CB8C3C-9C9E-4FAB-9067-655601C5F748} =>.Microsoft Corporation O42 - Logiciel: Windows Phone app for desktop - (.Microsoft Corporation.) [HKLM][64Bits] -- {5F71448B-88EB-4357-9A98-8658D4C49C48} =>.Microsoft Corporation O42 - Logiciel: Windows Phone Device Manager - (.Julien Schapman.) [HKLM][64Bits] -- {3959E064-5785-4DA1-9799-5A841F6B9DA5} O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst =>.CACE Technologies O42 - Logiciel: WinRAR 5.01 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: WinSnare - (.WinSnare.) [HKLM][64Bits] -- {BD101EEA-592F-453A-A5BD-11BB4B6EC9A0} O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- {9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5} =>.Microsoft Corporation O42 - Logiciel: Zune - (.Microsoft Corporation.) [HKLM][64Bits] -- Zune =>.Microsoft Corporation® O42 - Logiciel: Zune Language Pack (CHS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2A9DFFD8-4E09-4B91-B957-454805B0D7C4} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (CHT) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A5A53EA8-A11E-49F0-BDF5-AE536426A31A} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (CSY) - (.Microsoft Corporation.) [HKLM][64Bits] -- {A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (DAN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8B112338-2B08-4851-AF84-E7CAD74CEB32} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (DEU) - (.Microsoft Corporation.) [HKLM][64Bits] -- {BE236D9A-52EC-4A17-82DA-84B5EAD31E3E} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (ELL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {3589A659-F732-4E65-A89A-5438C332E59D} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (ESP) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6B33492E-FBBC-4EC3-8738-09E16E395A10} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (FIN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {B4870774-5F3A-46D9-9DFE-06FB5599E26B} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (FRA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C68D33B1-0204-4EBE-BC45-A6E432B1D13A} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (HUN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C6BE19C6-B102-4038-B2A6-1C313872DBB4} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (IND) - (.Microsoft Corporation.) [HKLM][64Bits] -- {92ECE3F9-591E-4C12-8A62-B9FCE38BF646} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (ITA) - (.Microsoft Corporation.) [HKLM][64Bits] -- {C5D37FFA-7483-410B-982B-91E93FD3B7DA} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (JPN) - (.Microsoft Corporation.) [HKLM][64Bits] -- {D8A781C9-3892-4E2E-9320-480CF896CFBB} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (KOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (MSL) - (.Microsoft Corporation.) [HKLM][64Bits] -- {76BA306B-2AA0-47C0-AB6B-F313AB56C136} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (NLD) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6740BCB0-5863-47F4-80F4-44F394DE4FE2} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (NOR) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DEFD397-4012-46C3-B6DA-E8013E660772} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (PLK) - (.Microsoft Corporation.) [HKLM][64Bits] -- {8960A0A1-BB5A-479E-92CF-65AB9D684B43} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (PTB) - (.Microsoft Corporation.) [HKLM][64Bits] -- {07EEE598-5F21-4B57-B40B-46592625B3D9} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (PTG) - (.Microsoft Corporation.) [HKLM][64Bits] -- {5C93E291-A1CC-4E51-85C6-E194209FCDB4} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (RUS) - (.Microsoft Corporation.) [HKLM][64Bits] -- {57C51D56-B287-4C11-9192-EC3C46EF76A4} =>.Microsoft Corporation O42 - Logiciel: Zune Language Pack (SVE) - (.Microsoft Corporation.) [HKLM][64Bits] -- {6EB931CD-A7DA-4A44-B74A-89C8EB50086F} =>.Microsoft Corporation ---\\ HKCU & HKLM Software Keys (215) - 22s HKLM\SOFTWARE\Wow6432Node\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\AMD HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\Arcai HKLM\SOFTWARE\Wow6432Node\ASIO HKLM\SOFTWARE\Wow6432Node\ASIO4ALL HKLM\SOFTWARE\Wow6432Node\Auslogics HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\AviSynth HKLM\SOFTWARE\Wow6432Node\Baidu HKLM\SOFTWARE\Wow6432Node\Bangcar HKLM\SOFTWARE\Wow6432Node\Bavrykatok HKLM\SOFTWARE\Wow6432Node\Caphyon HKLM\SOFTWARE\Wow6432Node\Chromium HKLM\SOFTWARE\Wow6432Node\Clarity HKLM\SOFTWARE\Wow6432Node\Clickteam HKLM\SOFTWARE\Wow6432Node\CloudOPTInfo HKLM\SOFTWARE\Wow6432Node\co.ao.aio HKLM\SOFTWARE\Wow6432Node\Corel HKLM\SOFTWARE\Wow6432Node\CounterPath HKLM\SOFTWARE\Wow6432Node\Couvutionkocty HKLM\SOFTWARE\Wow6432Node\Cyanide HKLM\SOFTWARE\Wow6432Node\Cygwin HKLM\SOFTWARE\Wow6432Node\drpsu HKLM\SOFTWARE\Wow6432Node\DSPRobotics HKLM\SOFTWARE\Wow6432Node\Extended Systems HKLM\SOFTWARE\Wow6432Node\F-Secure HKLM\SOFTWARE\Wow6432Node\fdqoge HKLM\SOFTWARE\Wow6432Node\Firefox HKLM\SOFTWARE\Wow6432Node\fjffffadf HKLM\SOFTWARE\Wow6432Node\Foxit Software HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\GuidGuid13 HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Harrap HKLM\SOFTWARE\Wow6432Node\Havas Interactive HKLM\SOFTWARE\Wow6432Node\hohosearchSoftware HKLM\SOFTWARE\Wow6432Node\HTC HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Image-Line HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\KasperskyLab HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\Larousse HKLM\SOFTWARE\Wow6432Node\Lenovo HKLM\SOFTWARE\Wow6432Node\LG Electronics HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\McAfee HKLM\SOFTWARE\Wow6432Node\Microleaves HKLM\SOFTWARE\Wow6432Node\MimarSinan HKLM\SOFTWARE\Wow6432Node\MOVAVI HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nero HKLM\SOFTWARE\Wow6432Node\NMDVPN-GUI HKLM\SOFTWARE\Wow6432Node\Notepad++ HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OldTimer Tools HKLM\SOFTWARE\Wow6432Node\Propellerhead Software HKLM\SOFTWARE\Wow6432Node\PTE Patch 2016 HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\REALTEK Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Research In Motion HKLM\SOFTWARE\Wow6432Node\RtWLan HKLM\SOFTWARE\Wow6432Node\ScreenShot HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Softros Systems HKLM\SOFTWARE\Wow6432Node\SoftVoice HKLM\SOFTWARE\Wow6432Node\SOSVirus HKLM\SOFTWARE\Wow6432Node\SprgFiles HKLM\SOFTWARE\Wow6432Node\startpageing123Software HKLM\SOFTWARE\Wow6432Node\Stellar Data Recovery HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Wow6432Node\ThinPrint HKLM\SOFTWARE\Wow6432Node\UAUBEN HKLM\SOFTWARE\Wow6432Node\UCBrowserPID HKLM\SOFTWARE\Wow6432Node\UniFlash HKLM\SOFTWARE\Wow6432Node\VMware, Inc. HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\WafCX HKLM\SOFTWARE\Wow6432Node\WinArcher HKLM\SOFTWARE\Wow6432Node\WinPcap HKLM\SOFTWARE\Wow6432Node\WinSaberSvc HKLM\SOFTWARE\Wow6432Node\Wise Solutions HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\WOW6432Node HKLM\SOFTWARE\Wow6432Node\wvc HKLM\SOFTWARE\Wow6432Node\xvb`lj HKLM\SOFTWARE\Wow6432Node\youndooSoftware HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider HKCU\SOFTWARE\AC3Filter HKCU\SOFTWARE\AlphaGo HKCU\SOFTWARE\Andy HKCU\SOFTWARE\AOMEI HKCU\SOFTWARE\Apowersoft HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\Arcai.com HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\Bangcar HKCU\SOFTWARE\BibleGratuite HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Bytescout HKCU\SOFTWARE\CamStudioOpenSource for Nick HKCU\SOFTWARE\CBS Software HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Clickteam HKCU\SOFTWARE\CounterPath HKCU\SOFTWARE\csastats HKCU\SOFTWARE\Cyanide HKCU\SOFTWARE\Cygwin HKCU\SOFTWARE\DAUM HKCU\SOFTWARE\deskapp HKCU\SOFTWARE\DownloadAstro HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\Dropbox HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\DRPSu Updater HKCU\SOFTWARE\DSS HKCU\SOFTWARE\DVG HKCU\SOFTWARE\Emjysoft HKCU\SOFTWARE\Extended Systems HKCU\SOFTWARE\F-Secure HKCU\SOFTWARE\Foxit Software HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\heheelibom HKCU\SOFTWARE\HTC HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Image-Line HKCU\SOFTWARE\ImTOO HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\JEDI-VCL HKCU\SOFTWARE\KasperskyLab HKCU\SOFTWARE\KC Softwares HKCU\SOFTWARE\L&H Language Technology HKCU\SOFTWARE\Learn Spanish - Level 7 - Intermediate Audio Course HKCU\SOFTWARE\Lenovo HKCU\SOFTWARE\LG Electronics HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\LowRegistry HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Micro Application HKCU\SOFTWARE\Mikhail Prokofiev HKCU\SOFTWARE\Mine HKCU\SOFTWARE\MiniTool Solution Ltd. HKCU\SOFTWARE\Mirage HKCU\SOFTWARE\MOVAVI HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-BE HKCU\SOFTWARE\Native Instruments HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\PC Remote HKCU\SOFTWARE\PdaNetAndroid HKCU\SOFTWARE\PEiD HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Red Dot Games HKCU\SOFTWARE\reFX HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\Research In Motion HKCU\SOFTWARE\SamLab.ws HKCU\SOFTWARE\Screen Recorder Studio HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SMADΔV HKCU\SOFTWARE\SoftVoice HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\Terela HKCU\SOFTWARE\Torrentex Inc. HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\UCBrowser HKCU\SOFTWARE\UCBrowserPID HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\Unity HKCU\SOFTWARE\UsbFix HKCU\SOFTWARE\usr HKCU\SOFTWARE\Valve HKCU\SOFTWARE\vanBasco HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\VMware, Inc. HKCU\SOFTWARE\VSRevoGroup HKCU\SOFTWARE\Webcam Simulator HKCU\SOFTWARE\Windows Live Writer HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\WinSnare HKCU\SOFTWARE\Wintertree HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\wvc HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\PasswordBox ---\\ Contents of the Common Files folders (336) - 18s O43 - CFD: 14/03/2017 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 14/11/2016 - [] D -- C:\Program Files (x86)\AIMP {2E5136402087ADFCCD8977967B2F00B7} O43 - CFD: 07/02/2017 - [] AD -- C:\Program Files (x86)\amuleC1 O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\AndroidControl_v1.3.1 O43 - CFD: 14/04/2017 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.® O43 - CFD: 10/12/2016 - [] D -- C:\Program Files (x86)\ASIO4ALL v2 O43 - CFD: 09/07/2016 - [] D -- C:\Program Files (x86)\azskdtfaddf =>.VideoLAN® O43 - CFD: 02/03/2017 - [] D -- C:\Program Files (x86)\baidu {5FAEE9E83F32948F3B2040AC6DF0145C} O43 - CFD: 27/02/2017 - [] D -- C:\Program Files (x86)\Bangcar {2A9C21ACAAA63A3C58A7B9322BEE948D} O43 - CFD: 06/03/2017 - [] AD -- C:\Program Files (x86)\BibleGratuite O43 - CFD: 03/03/2016 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.® O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Cambridge O43 - CFD: 21/04/2016 - [] AD -- C:\Program Files (x86)\Cisco Packet Tracer 6.0.1 O43 - CFD: 21/04/2016 - [] D -- C:\Program Files (x86)\Cisco Packet Tracer 6.1.1sv O43 - CFD: 23/03/2017 - [] D -- C:\Program Files (x86)\ClockworkMod O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 13/08/2016 - [] D -- C:\Program Files (x86)\Daum =>.Daum Kakao Corp.® O43 - CFD: 10/08/2016 - [] D -- C:\Program Files (x86)\DaumBack O43 - CFD: 05/05/2017 - [] D -- C:\Program Files (x86)\Doulci iCloud O43 - CFD: 05/05/2017 - [] D -- C:\Program Files (x86)\DoulCI Team O43 - CFD: 19/04/2017 - [] HD -- C:\Program Files (x86)\DrFoneAndroid_Temp O43 - CFD: 09/05/2017 - [] D -- C:\Program Files (x86)\Droid4X O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\F-Secure {041BB945D9BF4EFB0CA0FD633751DB8A} O43 - CFD: 06/05/2017 - [] AD -- C:\Program Files (x86)\Firefox {57FCDAB4B0C6202BC89A0DDD4A742960} O43 - CFD: 26/06/2016 - [] D -- C:\Program Files (x86)\Foxit Software =>.Foxit Software Incorporated® O43 - CFD: 23/04/2017 - [] D -- C:\Program Files (x86)\FreeTime O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\GDHO O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Harrap O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\HTC O43 - CFD: 16/02/2017 - [] D -- C:\Program Files (x86)\Image-Line {675CD761D5E622BE396492313ABC0E9A} O43 - CFD: 21/04/2017 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software Corporation® O43 - CFD: 03/04/2017 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX® O43 - CFD: 19/04/2017 - [] D -- C:\Program Files (x86)\Internet Download Manager {7828C7315808BC8717710E13FA3C0B24} O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Jaspersoft O43 - CFD: 27/05/2016 - [] AD -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 04/04/2017 - [] D -- C:\Program Files (x86)\JURASSIC Universal Android Tool v.5.0.2 O43 - CFD: 14/10/2016 - [] D -- C:\Program Files (x86)\Kaspersky Lab =>.Kaspersky Lab® O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\KB Piano 2 O43 - CFD: 13/03/2016 - [] D -- C:\Program Files (x86)\Larousse O43 - CFD: 11/05/2016 - [] D -- C:\Program Files (x86)\Lenovo =>.LENOVO® O43 - CFD: 21/04/2017 - [] D -- C:\Program Files (x86)\LG Electronics O43 - CFD: 22/02/2017 - [] D -- C:\Program Files (x86)\Microleaves O43 - CFD: 21/12/2016 - [] D -- C:\Program Files (x86)\Microsoft Chart Controls O43 - CFD: 02/07/2016 - [] AD -- C:\Program Files (x86)\Microsoft Encarta =>.Microsoft Corporation® O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 01/03/2017 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Mikhail Prokofiev O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\MIO =>.Superfluous.Tencent O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 22/10/2016 - [] AD -- C:\Program Files (x86)\netcut O43 - CFD: 11/09/2016 - [] D -- C:\Program Files (x86)\Notepad++ {055F937A9DF73DFD90BA9889E4C50A11} O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\NoteWorthy Composer O43 - CFD: 15/03/2017 - [] D -- C:\Program Files (x86)\PC Remote {2B2F2DCBBD5B48} O43 - CFD: 13/04/2017 - [] AD -- C:\Program Files (x86)\PdaNet for Android {01000000000129AAA07E1C} O43 - CFD: 17/01/2017 - [] AD -- C:\Program Files (x86)\PianoFX O43 - CFD: 10/02/2017 - [] D -- C:\Program Files (x86)\Pluratherprivasy O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 11/05/2017 - [] D -- C:\Program Files (x86)\reports O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Research In Motion =>.Research In Motion® O43 - CFD: 14/04/2017 - [] AD -- C:\Program Files (x86)\Safari =>.Apple Inc.® O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\SAM CoDeC Pack O43 - CFD: 24/12/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Technologies SA® O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Spirent Communications O43 - CFD: 05/05/2017 - [] AD -- C:\Program Files (x86)\Survey Remover Trial O43 - CFD: 18/04/2016 - [] D -- C:\Program Files (x86)\Test Simulator O43 - CFD: 12/07/2016 - [] D -- C:\Program Files (x86)\TXQQBrowser =>.Superfluous.Tencent O43 - CFD: 24/04/2017 - [] D -- C:\Program Files (x86)\Universal Advance Unlocker O43 - CFD: 10/05/2017 - [] AD -- C:\Program Files (x86)\Usenet.nl =>.TangySoft Ltd.® O43 - CFD: 24/04/2017 - [] D -- C:\Program Files (x86)\usr O43 - CFD: 08/04/2017 - [] AD -- C:\Program Files (x86)\VMware =>.VMware, Inc.® O43 - CFD: 24/04/2016 - [] D -- C:\Program Files (x86)\VS Revo Group =>.VS Revo Group® O43 - CFD: 10/12/2016 - [] D -- C:\Program Files (x86)\VstPlugins O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Webcam Video Capture 7.0 O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation® O43 - CFD: 23/03/2017 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\Windows Phone =>.Microsoft Corporation® O43 - CFD: 14/04/2017 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\WinPcap =>.CACE Technologies, Inc.® O43 - CFD: 13/04/2017 - [] D -- C:\Program Files (x86)\Winphone O43 - CFD: 14/10/2016 - [] D -- C:\Program Files (x86)\WinSaber O43 - CFD: 02/03/2017 - [] AD -- C:\Program Files (x86)\WinSnare(4.0.9) O43 - CFD: 02/03/2017 - [] AD -- C:\Program Files (x86)\WinSnare(4.2.1) O43 - CFD: 22/04/2017 - [] D -- C:\Program Files (x86)\Wondershare =>.BugSplat LLC® O43 - CFD: 23/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 14/04/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 23/03/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 14/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP O43 - CFD: 05/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio O43 - CFD: 08/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\arcai.com O43 - CFD: 07/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software O43 - CFD: 02/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser O43 - CFD: 20/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlackBerry O43 - CFD: 05/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Networking Academy O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Packet Tracer O43 - CFD: 12/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid4X O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader O43 - CFD: 27/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freedome O43 - CFD: 28/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Harrap O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jaspersoft O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JURASSIC Universal Android Tool v.5.0.2 O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KB Piano 2 O43 - CFD: 25/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Larousse O43 - CFD: 05/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool O43 - CFD: 16/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Encarta O43 - CFD: 01/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016 Tools O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1 O43 - CFD: 20/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicLab O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans O43 - CFD: 16/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PianoFX STUDIO O43 - CFD: 11/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\reFX O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAM CoDeC Pack O43 - CFD: 24/12/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 06/05/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 16/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 10/05/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Usenet.nl O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 08/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware O43 - CFD: 11/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wampserver64 O43 - CFD: 24/12/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 14/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 19/04/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare O43 - CFD: 15/03/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\4f596ec3-77fb-4fc3-82cb-691c42c71d77 O43 - CFD: 20/02/2016 - [] D -- C:\ProgramData\AomeiBR O43 - CFD: 27/02/2017 - [] D -- C:\ProgramData\Apple O43 - CFD: 03/03/2016 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 26/10/2016 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 14/03/2017 - [] D -- C:\ProgramData\Applications O43 - CFD: 07/03/2017 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\Baidu O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\BDLogging O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Bureau O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\ByteFence =>.Superfluous.ByteTechnologies O43 - CFD: 26/10/2016 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 19/10/2016 - [] D -- C:\ProgramData\DwinpD O43 - CFD: 23/04/2017 - [] D -- C:\ProgramData\F-Secure O43 - CFD: 16/04/2016 - [] D -- C:\ProgramData\HP O43 - CFD: 06/05/2017 - [] D -- C:\ProgramData\HTC O43 - CFD: 06/05/2017 - [0] D -- C:\ProgramData\IDM O43 - CFD: 03/04/2017 - [] D -- C:\ProgramData\Intel O43 - CFD: 11/05/2017 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 17/01/2017 - [] D -- C:\ProgramData\KB Piano O43 - CFD: 22/04/2017 - [] D -- C:\ProgramData\LGMOBILEAX O43 - CFD: 14/10/2016 - [] D -- C:\ProgramData\McAfee O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Menu Démarrer O43 - CFD: 14/12/2016 - [] D -- C:\ProgramData\Microleaves O43 - CFD: 06/05/2017 - [] ASD -- C:\ProgramData\Microsoft O43 - CFD: 15/02/2017 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 08/02/2016 - [0] SHD -- C:\ProgramData\Modèles O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Oracle O43 - CFD: 03/04/2017 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 28/04/2017 - [] AD -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 20/04/2017 - [] D -- C:\ProgramData\Research In Motion O43 - CFD: 24/12/2016 - [] D -- C:\ProgramData\Skype O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Sun O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Synaptics O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Thunder Network O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 26/10/2016 - [] D -- C:\ProgramData\USOShared O43 - CFD: 11/05/2017 - [] AD -- C:\ProgramData\VMware O43 - CFD: 18/02/2016 - [] D -- C:\ProgramData\VS Revo Group O43 - CFD: 04/04/2017 - [] D -- C:\ProgramData\Wondershare O43 - CFD: 21/06/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 14/03/2017 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 21/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Corel O43 - CFD: 11/02/2017 - [] D -- C:\Program Files (x86)\Common Files\Digidesign O43 - CFD: 21/04/2017 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 26/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 26/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 22/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 06/05/2017 - [] D -- C:\Program Files (x86)\Common Files\Nero O43 - CFD: 03/10/2016 - [] D -- C:\Program Files (x86)\Common Files\Propellerhead Software O43 - CFD: 05/05/2016 - [] D -- C:\Program Files (x86)\Common Files\Qualcomm Atheros O43 - CFD: 20/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\Research In Motion O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 24/12/2016 - [] AD -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 08/04/2017 - [] AD -- C:\Program Files (x86)\Common Files\ThinPrint O43 - CFD: 08/04/2017 - [] D -- C:\Program Files (x86)\Common Files\VMware O43 - CFD: 24/12/2016 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 20/04/2017 - [] D -- C:\Program Files (x86)\Common Files\XCPCSync.OEM O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Roaming\AC3Filter O43 - CFD: 24/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Adobe O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\AIMP O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Andy O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Apple Computer O43 - CFD: 02/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Baidu O43 - CFD: 04/05/2017 - [0] D -- C:\Users\user\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave O43 - CFD: 22/05/2016 - [] D -- C:\Users\user\AppData\Roaming\Cambridge O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Corel O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\DMCache O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\DRPSu O43 - CFD: 08/06/2016 - [] D -- C:\Users\user\AppData\Roaming\dvdcss O43 - CFD: 20/04/2016 - [] D -- C:\Users\user\AppData\Roaming\Edulang O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Emjysoft O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\EssentialGrammarInUse O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Roaming\Firefox O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Foxit Software O43 - CFD: 04/04/2017 - [] D -- C:\Users\user\AppData\Roaming\HaiYuInst O43 - CFD: 07/05/2016 - [] D -- C:\Users\user\AppData\Roaming\hpqLog O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\HTC O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\IDM O43 - CFD: 03/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Image-Line O43 - CFD: 03/03/2016 - [] D -- C:\Users\user\AppData\Roaming\ImTOO O43 - CFD: 22/05/2016 - [] D -- C:\Users\user\AppData\Roaming\InterchangeFourthEditionSelfstudyLevel1 O43 - CFD: 05/04/2017 - [] D -- C:\Users\user\AppData\Roaming\JetBrains O43 - CFD: 15/11/2016 - [] D -- C:\Users\user\AppData\Roaming\Keolab O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Macromedia O43 - CFD: 06/05/2017 - [] SD -- C:\Users\user\AppData\Roaming\Microsoft O43 - CFD: 04/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Mozilla O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Roaming\NetBeans O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Notepad++ O43 - CFD: 15/03/2017 - [] D -- C:\Users\user\AppData\Roaming\PC Remote O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Roaming\PotPlayerMini O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Roaming\Profiles O43 - CFD: 04/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Python-Eggs O43 - CFD: 25/03/2016 - [] D -- C:\Users\user\AppData\Roaming\reaper O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Research In Motion O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Skype O43 - CFD: 25/02/2016 - [] D -- C:\Users\user\AppData\Roaming\SpringFiles O43 - CFD: 01/04/2016 - [] D -- C:\Users\user\AppData\Roaming\Steam O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Roaming\SynciOS Data Transfer O43 - CFD: 24/12/2016 - [] D -- C:\Users\user\AppData\Roaming\Tenorshare O43 - CFD: 23/02/2016 - [] D -- C:\Users\user\AppData\Roaming\Thinstall O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Usenet.nl O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Roaming\uTorrent O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Roaming\vlc O43 - CFD: 17/03/2016 - [] D -- C:\Users\user\AppData\Roaming\Webcam Simulator O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Roaming\WinRAR O43 - CFD: 04/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Wondershare O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Roaming\ZHP O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 O43 - CFD: 16/04/2017 - [] D -- C:\Users\user\AppData\Local\Adobe O43 - CFD: 05/04/2017 - [] D -- C:\Users\user\AppData\Local\Android O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\app =>PUP.Optional.CrossRider O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Local\Apple O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Apple Computer O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Application Data O43 - CFD: 07/05/2017 - [] D -- C:\Users\user\AppData\Local\background_fault O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Local\Bangcar O43 - CFD: 10/04/2016 - [] D -- C:\Users\user\AppData\Local\Bluestacks O43 - CFD: 05/05/2017 - [] D -- C:\Users\user\AppData\Local\CEF O43 - CFD: 09/05/2017 - [] D -- C:\Users\user\AppData\Local\Comms O43 - CFD: 29/10/2016 - [] D -- C:\Users\user\AppData\Local\ConnectedDevicesPlatform O43 - CFD: 07/05/2016 - [] D -- C:\Users\user\AppData\Local\CounterPath O43 - CFD: 03/03/2016 - [] D -- C:\Users\user\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 28/04/2017 - [] D -- C:\Users\user\AppData\Local\Diagnostics O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Downloaded Installations O43 - CFD: 09/05/2017 - [] D -- C:\Users\user\AppData\Local\Droid4X O43 - CFD: 13/02/2017 - [] D -- C:\Users\user\AppData\Local\Edraw O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Local\ElevatedDiagnostics O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\Emjysoft O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Local\F-Secure O43 - CFD: 27/02/2017 - [] D -- C:\Users\user\AppData\Local\Firefox O43 - CFD: 16/12/2016 - [] D -- C:\Users\user\AppData\Local\Foxit Reader O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Google O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Historique O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Local\HTC MediaHub O43 - CFD: 16/03/2017 - [] D -- C:\Users\user\AppData\Local\IIIQF O43 - CFD: 11/05/2016 - [] D -- C:\Users\user\AppData\Local\Lenovo O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Microsoft O43 - CFD: 30/11/2016 - [] D -- C:\Users\user\AppData\Local\Microsoft Help O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\MicrosoftEdge O43 - CFD: 22/04/2017 - [] D -- C:\Users\user\AppData\Local\Movavi O43 - CFD: 01/03/2017 - [] D -- C:\Users\user\AppData\Local\MSfree Inc O43 - CFD: 10/02/2016 - [] D -- C:\Users\user\AppData\Local\NetBeans O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\niughfujuiedghergadom O43 - CFD: 10/05/2017 - [] D -- C:\Users\user\AppData\Local\Packages O43 - CFD: 06/05/2017 - [0] D -- C:\Users\user\AppData\Local\PeerDistRepub O43 - CFD: 09/07/2016 - [] D -- C:\Users\user\AppData\Local\Profiles O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Programs O43 - CFD: 21/06/2016 - [] D -- C:\Users\user\AppData\Local\PTE_Patch O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Local\Publishers O43 - CFD: 20/04/2017 - [] D -- C:\Users\user\AppData\Local\Research In Motion O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\ScreenCapture O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\ScreenCaptureStudio O43 - CFD: 03/05/2017 - [] D -- C:\Users\user\AppData\Local\SNAREA O43 - CFD: 15/11/2016 - [] D -- C:\Users\user\AppData\Local\speech O43 - CFD: 03/11/2016 - [] D -- C:\Users\user\AppData\Local\SquirrelTemp O43 - CFD: 11/05/2017 - [] D -- C:\Users\user\AppData\Local\Temp O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Local\TempOfficeC2R3B4A8167-42E0-41D9-80E9-B6BBE6284DF1 O43 - CFD: 30/08/2016 - [] D -- C:\Users\user\AppData\Local\TempOfficeC2R8FA960D3-3AFC-437B-8F04-CFEF69CAAACB O43 - CFD: 26/10/2016 - [0] SHD -- C:\Users\user\AppData\Local\Temporary Internet Files O43 - CFD: 09/02/2016 - [] D -- C:\Users\user\AppData\Local\TileDataLayer O43 - CFD: 27/05/2016 - [] D -- C:\Users\user\AppData\Local\VideoEditor O43 - CFD: 12/04/2016 - [] D -- C:\Users\user\AppData\Local\VirtualStore O43 - CFD: 18/02/2016 - [] D -- C:\Users\user\AppData\Local\VS Revo Group O43 - CFD: 06/05/2017 - [] D -- C:\Users\user\AppData\Local\Windows Live O43 - CFD: 25/12/2016 - [] D -- C:\Users\user\AppData\Local\Windows Live Writer O43 - CFD: 10/03/2017 - [] D -- C:\Users\user\AppData\Local\__SHARED O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/10/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/04/2017 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 10/12/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cambridge O43 - CFD: 23/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GDHO O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line O43 - CFD: 19/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 16/07/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 07/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NoteWorthy Composer O43 - CFD: 15/03/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Remote O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PotPlayer O43 - CFD: 19/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller O43 - CFD: 05/05/2017 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 05/05/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Survey Remover Trial O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Test Simulator O43 - CFD: 24/04/2017 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Universal Advance Unlocker O43 - CFD: 16/07/2016 - [] RD -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell O43 - CFD: 26/10/2016 - [] D -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShellIconOverlayIdentifiers (SIOI) (8) - 0s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\user\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL {330000014096A9EE7056FECC07000100000140} =>.Microsoft Corporation ---\\ System Drivers List (124) - 8s O58 - SDL:2016/07/16 11:41:53 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows® O58 - SDL:2012/09/24 09:40:56 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\WINDOWS\System32\drivers\Accelerometer.sys [43840] =>.Hewlett-Packard Company® O58 - SDL:2016/07/16 11:41:53 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2016/07/16 11:41:53 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2016/07/16 11:41:52 A . (.QLogic Corporation - QLogic Gigabit Ethernet VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [533856] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Chelsio iSCSI Crash Dump Driver.) -- C:\WINDOWS\System32\drivers\cht4dx64.sys [102752] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Chelsio iSCSI VMiniport Driver.) -- C:\WINDOWS\System32\drivers\cht4sx64.sys [346976] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Chelsio Communications - Virtual Bus Driver for Chelsio ® T4 Chipset.) -- C:\WINDOWS\System32\drivers\cht4vx64.sys [2104160] =>.Microsoft Windows® O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x64 (Weak).) -- C:\WINDOWS\System32\drivers\cm_km.sys [389816] =>.Kaspersky Lab® O58 - SDL:2016/10/14 15:58:30 A . (.Connectify - NDISRD helper driver.) -- C:\WINDOWS\System32\drivers\cnnctfy3.sys [35352] =>.Connectify® O58 - SDL:2016/07/16 11:41:52 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3418976] =>.Microsoft Windows® O58 - SDL:2009/09/09 09:23:46 A . (.Intel Corporation - BIOS Update Driver.) -- C:\WINDOWS\System32\drivers\flashud.sys [51712] =>.Intel Corporation O58 - SDL:2017/04/23 01:50:57 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\WINDOWS\System32\drivers\fsfreedometap.sys [36480] {3300000012B05493EADDCEEB4B000000000012} =>.The OpenVPN Project O58 - SDL:2016/03/10 08:03:16 A . (.VMware, Inc. - VMware USB monitor.) -- C:\WINDOWS\System32\drivers\hcmon.sys [57536] =>.VMware, Inc.® O58 - SDL:2012/09/24 09:40:56 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\WINDOWS\System32\drivers\hpdskflt.sys [31040] =>.Hewlett-Packard Company® O58 - SDL:2015/06/17 19:40:54 A . (.Hewlett-Packard Company - Keyboard Filter Driver.) -- C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112] =>.Hewlett-Packard Company® O58 - SDL:2016/07/16 11:41:53 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iagpio.sys [33280] =>.Intel(R) Corporation O58 - SDL:2016/07/16 11:41:54 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation O58 - SDL:2016/07/16 11:41:54 A . (.Intel Corporation - Intel(R) Serial IO GPIO Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [64512] =>.Intel Corporation O58 - SDL:2016/07/16 11:41:54 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [176384] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2016/07/16 11:41:52 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2016/07/16 11:41:50 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2015/05/29 14:05:32 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [646408] =>.Intel Corporation - Rapid Storage Technology® O58 - SDL:2016/07/16 11:41:53 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [526176] =>.Microsoft Windows® O58 - SDL:2016/10/17 15:35:48 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [223464] {7828C7315808BC8717710E13FA3C0B24} =>.Tonec Inc. O58 - SDL:2016/05/12 16:49:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [3793872] {330000B898AA86B5A39E5A1BBD00020000B898} =>.Intel Corporation O58 - SDL:2015/08/21 11:50:48 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [463112] =>.Intel Corporation - Client Components Group® O58 - SDL:2015/12/01 19:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\intelaud.sys [50160] {330000B7E741A34024FC3AB6E700020000B7E7} =>.Intel Corporation O58 - SDL:2015/12/01 19:46:03 A . (.Intel Corporation - Intel® WiDi Solution.) -- C:\WINDOWS\System32\drivers\iwdbus.sys [38896] {330000B7E741A34024FC3AB6E700020000B7E7} =>.Intel Corporation O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [478392] =>.Kaspersky Lab® O58 - SDL:2015/06/06 08:48:24 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klbackupdisk.sys [53432] =>.Kaspersky Lab® O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klbackupflt.sys [70512] =>.Kaspersky Lab® O58 - SDL:2016/10/14 16:01:31 A . (.AO Kaspersky Lab - Virtual Disk [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kldisk.sys [77728] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab O58 - SDL:2015/06/24 01:28:32 A . (.Kaspersky Lab - Klelam Mini-Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klelam.sys [30328] =>.Microsoft Windows Early Launch Anti-malware Publisher® O58 - SDL:2016/10/14 16:01:31 A . (.AO Kaspersky Lab - Filter Core [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klflt.sys [181640] =>.Kaspersky Lab® O58 - SDL:2016/10/14 15:31:10 A . (.AO Kaspersky Lab - klhk [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klhk.sys [238000] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - Core System Interceptors [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klif.sys [933808] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab O58 - SDL:2016/11/03 11:38:11 A . (.AO Kaspersky Lab - Kaspersky Lab Intermediate Network Driver [.) -- C:\WINDOWS\System32\drivers\klim6.sys [49240] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klkbdflt.sys [41656] =>.Kaspersky Lab® O58 - SDL:2015/06/07 01:52:56 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klmouflt.sys [41656] =>.Kaspersky Lab® O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\klpd.sys [41352] =>.Kaspersky Lab® O58 - SDL:2016/10/14 16:01:35 A . (.AO Kaspersky Lab - WFP Network Filter [fre_win8_x64].) -- C:\WINDOWS\System32\drivers\klwfp.sys [87984] {0F668FB0F0F002B774C7DDBD769EE5B1} =>.AO Kaspersky Lab O58 - SDL:2015/06/16 21:56:32 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\WINDOWS\System32\drivers\klwtp.sys [102584] =>.Kaspersky Lab® O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x64].) -- C:\WINDOWS\System32\drivers\kneps.sys [187056] =>.Kaspersky Lab® O58 - SDL:2013/02/21 11:23:06 A . (.Google Inc - ADB Interface.) -- C:\WINDOWS\System32\drivers\lgandadb.sys [31744] =>.Google Inc O58 - SDL:2014/10/10 09:20:36 A . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetbus64.sys [20992] =>.LG Electronics Inc. O58 - SDL:2014/10/10 09:20:34 N . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [30720] =>.LG Electronics Inc. O58 - SDL:2014/10/10 09:20:34 N . (.LG Electronics Inc. - LGE AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgandnetmodem64.sys [37376] =>.LG Electronics Inc. O58 - SDL:2013/05/06 14:48:18 A . (.LG Electronics Inc. - LGE VZW AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgvzandnetdiag64.sys [29696] =>.LG Electronics Inc. O58 - SDL:2013/05/06 14:48:52 A . (.LG Electronics Inc. - LGE VZW AndroidNet Driver.) -- C:\WINDOWS\System32\drivers\lgvzandnetmdm64.sys [36864] =>.LG Electronics Inc. O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [105824] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [101216] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82776] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows® O58 - SDL:2016/10/05 10:09:07 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows® O58 - SDL:2012/08/29 10:50:38 A . (.MusicLab, Inc. - MusicLab Virtual MIDI Device.) -- C:\WINDOWS\System32\drivers\mlkumidi.sys [57408] {0100000000012E75558FAC} O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [842584] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [108896] =>.Microsoft Windows® O58 - SDL:2012/12/07 10:28:06 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\WINDOWS\System32\drivers\ndiskhaz.sys [30536] {112143B4795DF5D1366AD8607B2770CC1649} O58 - SDL:2016/07/16 11:42:03 A . (...) -- C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624] O58 - SDL:2015/06/11 20:59:24 A . (.MediaTek Inc. - MediaTek 802.11 Wireless Adapter Driver.) -- C:\WINDOWS\System32\drivers\netr28x.sys [2554528] =>.MEDIATEK INC.® O58 - SDL:2010/06/25 17:07:26 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35344] =>.CACE Technologies, Inc.® O58 - SDL:2016/07/16 11:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58720] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [61792] =>.Microsoft Windows® O58 - SDL:2011/11/25 00:25:52 A . (.June Fabrics Technology Inc. - PdaNet Broadband Adapter Driver.) -- C:\WINDOWS\System32\drivers\pneteth.sys [15360] O58 - SDL:2012/12/10 15:48:02 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\WINDOWS\System32\drivers\RimSerial_AMD64.sys [44544] =>.Research in Motion Ltd O58 - SDL:2013/01/03 13:50:48 A . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\WINDOWS\System32\drivers\RimUsb_AMD64.sys [78336] =>.Research In Motion Limited O58 - SDL:2015/05/29 02:14:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Dr.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [886528] =>.Realtek Semiconductor Corp® O58 - SDL:2014/11/24 23:49:46 A . (.Ralink Technology, Corp. - Ralink Bluetooth Adapter.) -- C:\WINDOWS\System32\drivers\rtbth.sys [1206384] =>.MEDIATEK INC.® O58 - SDL:2015/06/01 14:44:54 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\WINDOWS\System32\drivers\RtsP2Stor.sys [301784] =>.Realtek Semiconductor Corp® O58 - SDL:2016/07/16 11:41:53 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows® O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [52392] =>.Synaptics Incorporated® O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [52904] =>.Synaptics Incorporated® O58 - SDL:2016/06/27 18:07:35 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [52904] =>.Synaptics Incorporated® O58 - SDL:2016/10/26 12:00:50 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [131712] =>.Samsung Electronics CO., LTD.® O58 - SDL:2016/10/26 12:00:45 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [165504] =>.Samsung Electronics CO., LTD.® O58 - SDL:2016/07/16 11:41:53 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows® O58 - SDL:2016/06/27 18:07:41 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [622784] =>.Synaptics Incorporated® O58 - SDL:2016/04/12 19:32:03 A . (.Tencent Technology(Shenzhen) Company Limited - TAOKernel.) -- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys [132344] {52048B9C8A67E28F0CC8CC75813DDC5A} =>.Superfluous.Tencent O58 - SDL:2011/04/25 13:37:38 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [31232] =>.The OpenVPN Project O58 - SDL:2016/03/28 22:01:56 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [186424] {5600000027396847078B466FFF000000000027} =>.Intel Corporation O58 - SDL:2016/04/25 10:32:07 A . (.Huorong Borui (Beijing) Technology Co., Ltd. - Huorong Network Security Core Kext.) -- C:\WINDOWS\System32\drivers\ucguard.sys [80768] {348A4D46C9A1A9EDC2B4818465A66BED} =>.Huorong Borui (Beijing) Technology Co., Ltd. O58 - SDL:2016/08/07 04:53:25 A . (.MBB - USB Modem/Serial Device Driver.) -- C:\WINDOWS\System32\drivers\usb2ser.sys [151184] {7FE63AB8AB9D36964BC29EAD7641180A} =>.MBB O58 - SDL:2015/06/17 17:04:24 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc. O58 - SDL:2014/05/16 14:04:46 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\WINDOWS\System32\drivers\VBoxDrv.sys [254240] =>.Oracle Corporation® O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation® O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\WINDOWS\System32\drivers\VBoxNetLwf.sys [146584] =>.Oracle Corporation® O58 - SDL:2015/11/05 19:25:42 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\WINDOWS\System32\drivers\vmci.sys [90816] =>.VMware, Inc.® O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware virtual network driver (64-bit).) -- C:\WINDOWS\System32\drivers\vmnet.sys [27328] =>.VMware, Inc.® O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware virtual network adapter driver (64-b.) -- C:\WINDOWS\System32\drivers\vmnetadapter.sys [28864] =>.VMware, Inc.® O58 - SDL:2016/04/14 16:53:32 A . (.VMware, Inc. - VMware bridge driver (64-bit).) -- C:\WINDOWS\System32\drivers\vmnetbridge.sys [48832] =>.VMware, Inc.® O58 - SDL:2016/04/14 16:53:42 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\WINDOWS\System32\drivers\vmnetuserif.sys [26816] =>.VMware, Inc.® O58 - SDL:2016/04/14 17:17:44 A . (.VMware, Inc. - VMware kernel driver.) -- C:\WINDOWS\System32\drivers\vmx86.sys [66752] =>.VMware, Inc.® O58 - SDL:2016/07/16 11:41:53 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows® O58 - SDL:2015/11/05 19:25:42 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\WINDOWS\System32\drivers\vsock.sys [75512] =>.VMware, Inc.® O58 - SDL:2016/07/16 11:41:53 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows® O58 - SDL:2016/02/19 01:23:38 A . (.Western Digital Technologies, Inc. - Western Digital SCSI Architecture Model (SA.) -- C:\WINDOWS\System32\drivers\wdcsam64.sys [26880] =>.WDKTestCert wdclab,130885612892544312® O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [32096] =>.Microsoft Windows® O58 - SDL:2016/07/16 11:41:53 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [64864] =>.Microsoft Windows® O58 - SDL:2015/06/23 18:24:48 A . (.HP Inc. - HP Wireless Button Driver.) -- C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384] =>.Hewlett-Packard Company® O58 - SDL:2017/05/06 22:05:02 A . (.Google Inc - ADB Interface.) -- C:\WINDOWS\System32\drivers\wsadb.sys [40720] =>.Shenzhen Wondershare Information Technology Co., Ltd.® O58 - SDL:2012/11/22 20:05:58 A . (.MBB Incorporated - CDROM Filter.) -- C:\WINDOWS\System32\drivers\ztembbmassfilter.sys [15360] =>.MBB Incorporated O58 - SDL:2012/11/23 11:06:10 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbmdm.sys [123264] =>.ZTE Incorporated O58 - SDL:2012/11/23 11:06:16 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbnmea.sys [123264] =>.ZTE Incorporated O58 - SDL:2012/11/23 11:06:24 A . (.ZTE Incorporated - ZTE Incorporated.) -- C:\WINDOWS\System32\drivers\ztembbusbser6k.sys [123264] =>.ZTE Incorporated O58 - SDL:2013/05/07 14:27:12 A . (...) -- C:\WINDOWS\System32\ambakdrv.sys [30648] O58 - SDL:2013/05/07 14:27:12 A . (...) -- C:\WINDOWS\System32\ammntdrv.sys [151480] O58 - SDL:2013/02/06 15:52:48 A . (...) -- C:\WINDOWS\System32\amwrtdrv.sys [17848] O58 - SDL:2013/09/30 15:26:50 N . (...) -- C:\WINDOWS\System32\pwdrvio.sys [19152] =>.MiniTool Solution Ltd® O58 - SDL:2013/09/30 15:26:48 N . (...) -- C:\WINDOWS\System32\pwdspio.sys [12504] =>.MiniTool Solution Ltd® ---\\ Last modified or created user files (11) - 83s O61 - LFC: 2017/05/04 20:24:33 A . (..) -- C:\Users\user\Downloads\Programs\BitLord-Installer.exe [441408] {7D10B220FDFA59C2BD4E1AF300EBA218} =>PUP.Optional.WhenUSave O61 - LFC: 2017/05/04 20:42:23 A . (..) -- C:\Users\user\Downloads\Programs\BitLord_v2.3.2.exe [36929416] =>PUP.Optional.WhenUSave O61 - LFC: 2017/05/04 20:49:29 A . (.Hekomacidi.) -- C:\Users\user\Downloads\Programs\intel-r-extreme-graphics-driver.exe [1265608] {4BA54A70AEBC69BFA87C05E1} O61 - LFC: 2017/05/06 22:36:19 A . (.Copyright (c) 2016 HTC Corporation.) -- C:\Users\user\Downloads\Programs\setup_3.1.77.0_htc_NO_EULA.exe [147561816] {075A2ADEE8FFDBE2C3B45353F62202DC} O61 - LFC: 2017/05/06 18:13:55 RA . (..) -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_B03BBBBDCA6E22E5A7F457.exe [32038] O61 - LFC: 2017/05/06 18:13:55 RA . (..) -- C:\Users\user\AppData\Roaming\Microsoft\Installer\{76C39E3D-0A9D-453C-80E3-D4FA454BE16B}\_E4A40A3216341D7F72DB1C.exe [32038] O61 - LFC: 2017/05/03 11:32:38 A . (.InterSect Alliance Pty Ltd.) -- C:\Users\user\AppData\Local\SNAREA\Snare.dll [826368] O61 - LFC: 2017/05/11 00:15:23 A . (..) -- C:\Users\user\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148] O61 - LFC: 2017/05/03 06:30:56 A . (..) -- C:\Users\user\AppData\Local\background_fault\cfsa_blob.bin [365056] O61 - LFC: 2017/05/07 20:17:32 A . (..) -- C:\Users\user\AndroidStudioProjects\MyApplication2\gradlew.bat [2404] O61 - LFC: 2017/05/07 19:55:33 N . (.Java(TM) Native Access (JNA).) -- C:\Users\user\.AndroidStudio2.3\system\tmp\jna3765821241993789922.dll [198144] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C} O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (16) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C} O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.ex http://www.startpageing123.com/ O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\spark.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\UCBrowser\Application\UCBrowser.exe (.not file.) ---\\ Search Browser Infection (7) - 1s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (yoursites123) - http://yoursites123.com/ =>PUP.Optional.YourSites123 O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ ---\\ Search Svchost Services (46) - 2s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [193536] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [305152] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1227264] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [932352] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [945664] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [125952] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151552] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112128] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [948224] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [222720] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [387072] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [94208] =>.Microsoft Corporation O83 - Search Svchost Services: shpamsvc (shpamsvc) . (.Microsoft Corporation - SharedPC.AccountManager.) -- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll [161792] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [70656] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\WINDOWS\System32\lfsvc.dll [37376] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [407552] =>.Microsoft Corporation O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\System32\irmon.dll [25088] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [105472] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [658432] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [496128] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [70656] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [541696] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [309248] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2316288] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1054208] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [617472] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57344] =>.Microsoft Corporation O83 - Search Svchost Services: WpnService (WpnService) . (.Microsoft Corporation - Windows Push Notification System Service.) -- C:\WINDOWS\system32\WpnService.dll [234496] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536] =>.Microsoft Corporation O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [183808] =>.Microsoft Corporation O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [650752] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [197632] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167936] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [197632] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [358400] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [1020928] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1159680] =>.Microsoft Corporation O83 - Search Svchost Services: wisvc (wisvc) . (.Microsoft Corporation - Flight Settings.) -- C:\WINDOWS\system32\flightsettings.dll [635904] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [1016320] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [549376] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2104320] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [265728] =>.Microsoft Corporation ---\\ Firewall Active Exception List (11) - 2s O87 - FAEL: "UDP Query User{3D6EDC27-3C16-4793-A44C-68793171A281}C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe O87 - FAEL: "TCP Query User{AFDE4892-E83D-4CA6-AEE7-6784084FC9DA}C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\cisco packet tracer 6.0.1\bin\packettracer6.exe O87 - FAEL: "{1FC1D3AF-6852-4C8E-BAA5-19743ABA7C06}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe (.not file.) =>.Superfluous.Tencent O87 - FAEL: "{C2243631-B50D-4FC7-85AC-13C73FDC34F0}" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe (.not file.) =>.Superfluous.Tencent O87 - FAEL: "UDP Query User{B151C79D-A79C-46D6-84BD-DE27B56C7282}C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe" [In-None-P17-TRUE] .(...) -- C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe O87 - FAEL: "TCP Query User{79228387-395D-4280-BBFE-185E71B100BC}C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe" [In-None-P6-TRUE] .(...) -- C:\users\user\documents\mes cours\isig international\semestre 5\infographie\info\eclipse-standard-kepler-sr1-win32-x86_64\eclipse\eclipse.exe O87 - FAEL: "{C0E1C359-D28A-4444-B473-B76CBFFC9FFB}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O87 - FAEL: "{CEA24433-EA03-4CF2-81E5-6EDEBC1A8870}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe {59123D60D39E60127D6B456A62C9DEAC} O87 - FAEL: "{4A5FCDAD-77D8-4760-BC5B-8C39F2BB6F40}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) O87 - FAEL: "{0D0041D1-49FC-46E5-B938-2C39A9E4EC6A}" [In-None-P6-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C} O87 - FAEL: "{CD70F6FD-0B21-4556-BD39-B2642F74A8E9}" [In-None-P17-TRUE] .(.Copyright (C) 2011 - spark.) -- C:\Program Files (x86)\baidu\Baidu Browser\Spark.exe {5FAEE9E83F32948F3B2040AC6DF0145C} ---\\ Search Tracing Registry Key (2) - 1s HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies ---\\ Additional Scan (O88) (28) - 0s HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico C:\WINDOWS\Tasks\UCBrowserUpdater.job =>PUP.Optional.CertifiedToolbar C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) =>.Superfluous.Tencent C:\WINDOWS\System32\Tasks\UCBrowserUpdater =>PUP.Optional.CertifiedToolbar HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>HackTool.KMSpico HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\doulCi™ Activator tool 2.0.14 =>.Superfluous.DoulCiActivator HKLM\SOFTWARE\Wow6432Node\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\ihpmserver =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\RayDld =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\3B878D788DA34B0EA09AC0543ABB3821 =>PUP.Optional.CrossRider HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\undefined =>.Superfluous.Downloader C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico C:\ProgramData\ByteFence =>.Superfluous.ByteTechnologies C:\Users\user\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave C:\Users\user\AppData\Local\app =>PUP.Optional.CrossRider C:\Users\user\AppData\Local\CrashRpt =>.Superfluous.CrashReports C:\WINDOWS\System32\drivers\TAOKernelEx64.sys =>.Superfluous.Tencent C:\Users\user\Downloads\Programs\BitLord-Installer.exe =>PUP.Optional.WhenUSave C:\Users\user\Downloads\Programs\BitLord_v2.3.2.exe =>PUP.Optional.WhenUSave HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} =>PUP.Optional.YourSites123 HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies ---\\ Summary of the elements found (11) - 0s http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico http://www.nicolascoolman.fr/?p=577 =>PUP.Optional.CertifiedToolbar http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.DoulCiActivator http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Downloader http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.ByteTechnologies http://www.nicolascoolman.fr/?p=880 =>PUP.Optional.WhenUSave http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.CrashReports http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.YourSites123 ~ End of the scan, 64016 items in 05h58mn32s (1419)(0)