~ ZHPDiag v2015.11.23.173 By Nicolas Coolman (2015/11/23) ~ Run by My Computer (Administrator) (2015/11/25 16:32:10) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\My Computer\Desktop\ZHPDiag.txt ~ Report: C:\Users\My Computer\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 7 Professional, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (2) - 1s MFIE: Mozilla Firefox 42.0 (x86 en-US) v42.0 MSIE: Internet Explorer v11.0.9600.18097 ---\\ Windows Product Information (4) - 3s ~ Windows Server License Manager Script : OK System - VBScript Engine not found Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software (5) - 2s Avast Free Antivirus v10.4.2233 Trusteer Endpoint Protection v3.5.1507.83 Malwarebytes Anti-Malware version 2.2.0.1024 Secunia PSI Windows Defender W7 (Activate) ---\\ System protection software (Superfluous) (1) - 3s Kaspersky Security Scan v12.0.1.340 ---\\ System optimization software (1) - 3s CCleaner v5.12 ---\\ Surveillance software (2) - 3s Adobe Flash Player 19 NPAPI Adobe Acrobat Reader DC ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 6208.82 MB (65% free) System Restore: Activé (Enable) System drive C: has 343 GB () free of 476 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: MYCOMPUTER-PC ~ User Name: My Computer ~ Logged in as Administrator ---\\ Enumeration of the disk units (1) - 0s ~ Drive C: has 343 GB free of 476 GB (System) ---\\ State of the Windows Security Center (16) - 0s [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (25) - 0s [MD5.332FEAB1435662FC6C672E25BEB37BE3] - 24/02/2011 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2871808] © [MD5.DD81D91FF3B0763C392422865C9AC12E] - 13/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] © [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 13/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] © [MD5.033E70DEEE5FED5E9A3E197A2DB1A618] - 30/10/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2487808] © [MD5.8CEBD9D0A0A879CDE9F36F4383B7CAEA] - 16/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [455168] © [MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] © [MD5.492D07D79E7024CA310867B526D9636D] - 02/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] © [MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 02/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] © [MD5.9A4A1EEE802BF2F878EE8EAB407B21B7] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [497664] © [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 13/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] © [MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] © [MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] © [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] © [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] © [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] © [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] © [MD5.73ADDCC406B86E7DA4416691E8E74BDA] - 19/10/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [159232] © [MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] © [MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - 23/01/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1684928] © [MD5.0086431C29C35BE1DBC43F52CC273887] - 13/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] © [MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] © [MD5.1B6163C503398B23FF8B939C67747683] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] © [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] © [MD5.AA77EB517D2F07A947294F260E3ACA83] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [118272] © [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] © ---\\ Non Microsoft non disabled Windows Services (16) - 1s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe © O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © O23 - Service: DS Clock Synchronization Service www.dualitysoft.com (DSClockSyncTime) . (.Duality Software - DSetime.) - C:\Program Files\DS Clock\dsetime.exe O23 - Service: Portrait Displays Display Tune Service (DTSRVC) . (.Portrait Displays, Inc. - DTSRVC.) - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe © O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - SolutionsFrameworkService.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe © O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe © O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe © O23 - Service: Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC - MotoHelper Service.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe © O23 - Service: Portrait Displays SDK Service (PdiService) . (.Portrait Displays, Inc. - pdisrvc.) - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe © O23 - Service: PST Service (PST Service) . (.Motorola - ForwardDemon.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe © O23 - Service: Rapport Management Service (RapportMgmtService) . (.IBM Corp. - RapportMgmtService.) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe © O23 - Service: Macrium Reflect Image Mounting Service (ReflectService.exe) . (.Paramount Software UK Ltd - Reflect Service - Enables mounting of image.) - C:\Program Files\Macrium\Reflect\ReflectService.exe © O23 - Service: Secunia PSI Agent (Secunia PSI Agent) . (.Secunia - Secunia PSI Agent.) - C:\Program Files (x86)\Secunia\PSI\psia.exe © O23 - Service: Secunia Update Agent (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - C:\Program Files (x86)\Secunia\PSI\sua.exe © O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © ---\\ Task Planned Automatically (30) - 4s [MD5.B89A82FB10E98F2FDF51FA82C7366DD3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736] © [MD5.280A526E8111AC6A5BCC1A059E1E0340] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] © [MD5.D9E35285D8CCE58241038E5B23507DAB] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1382112] © [MD5.5C35525CEBE7B59FAFA05D5E98D7EDEF] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6602152] © [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Engine] (.Copyright 2012.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Initial Update] (.Copyright 2012.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.B6037110B175707A353B12C814D34968] [APT] [Motorola Device Manager Update] (.Copyright 2012.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [196920] [MD5.00000000000000000000000000000000] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-1731626085-4270488790-50613601-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0] [MD5.12E910B6B2FEB81F859EB62ED032DB8E] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-1731626085-4270488790-50613601-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [140800] © [MD5.12E910B6B2FEB81F859EB62ED032DB8E] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe [140800] © [MD5.00000000000000000000000000000000] [APT] [SmartDefrag4_Update] (...) -- C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe (.not file.) [0] [MD5.D4F992A7F021E25545555217CCD45CD4] [APT] [Uninstaller_SkipUac_My_Computer] (.IObit.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [4866848] © [MD5.00000000000000000000000000000000] [APT] [{E3966967-54AA-4726-8A83-DB811C133F16}] (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe (.not file.) [0] O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] © O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] © O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] © O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] © O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2784] © O39 - APT: Motorola Device Manager Engine - (.Copyright 2012.) -- C:\Windows\System32\Tasks\Motorola Device Manager Engine [3480] O39 - APT: Motorola Device Manager Initial Update - (.Copyright 2012.) -- C:\Windows\System32\Tasks\Motorola Device Manager Initial Update [3306] O39 - APT: Motorola Device Manager Update - (.Copyright 2012.) -- C:\Windows\System32\Tasks\Motorola Device Manager Update [3498] O39 - APT: RealDownloaderDownloaderScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000 [3404] O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-1731626085-4270488790-50613601-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1731626085-4270488790-50613601-1000 [3262] O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000 [3384] O39 - APT: RealPlayerRealUpgradeLogonTaskS-1-5-21-1731626085-4270488790-50613601-1000 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1731626085-4270488790-50613601-1000 [3240] © O39 - APT: RealPlayerRealUpgradeScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000 - (.RealNetworks, Inc..) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1731626085-4270488790-50613601-1000 [3362] © O39 - APT: SmartDefrag4_Update - (...) -- C:\Windows\System32\Tasks\SmartDefrag4_Update [3204] O39 - APT: Uninstaller_SkipUac_My_Computer - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_My_Computer [2926] © ---\\ Process running (33) - 1s [MD5.1854B48B8AC9FE631E727CC22C2DE928] - (.IBM Corp. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2255128] [PID.376] © [MD5.DDEA39A56B801A675E118429AF6A30D2] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [238080] [PID.516] © [MD5.11120878E5276B367E1A10FF8C9B595B] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600] [PID.1264] © [MD5.47C2CCE1B50E7E61D1831F7D39830491] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [514048] [PID.1284] © [MD5.5DB2C6B908C50767E2EDAA294A7566B5] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1964] © [MD5.6E0EE2D4470273F64826D49C441E65EA] - (.Duality Software - DSetime.) -- C:\Program Files\DS Clock\dsetime.exe [62264] [PID.1444] [MD5.D5B9C2FFEAF59AE1AE79A056BE6ED181] - (.Portrait Displays, Inc. - DTSRVC.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [138768] [PID.1508] © [MD5.1878A79551F2EDAE7EBD110AAE6D33AD] - (.Hewlett-Packard Company - SolutionsFrameworkService.) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840] [PID.2036] © [MD5.4D5D968FE6AE6BF94A807F73F7FF6B3D] - (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168] [PID.2704] © [MD5.BD1556121A4E649B9ED4CE56B981C55D] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880] [PID.2748] © [MD5.B0780A730FE7BC76FE84A0211255F690] - (.IBM Corp. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [3021080] [PID.2840] © [MD5.B7FBBEBB6A4566E8A4A4FEA1D9164744] - (.Duality Software - DS Clock.) -- C:\Program Files\DS Clock\dsclock.exe [1349960] [PID.2848] [MD5.9C5B54C07F900CF5F578D4939CA238F6] - (.Secunia - Secunia PSI Tray.) -- C:\PROGRAM FILES (X86)\Secunia\PSI\psi_tray.exe [572000] [PID.2240] © [MD5.34B75780694F0E845892CA09A556A242] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\logishrd\KHAL3\KHALMNPR.exe [230344] [PID.1776] © [MD5.3573A4FD6682D3DB7FAA089159AFFD1C] - (.brother - brstswnd.) -- C:\Program Files (x86)\Brownie\BrStsW64.exe [3695928] [PID.2316] © [MD5.4774408EA07208FBC81E19367702D8EE] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640] [PID.2568] © [MD5.7ED3A9C3763725BD700946971215EE77] - (.Motorola Mobility LLC - MotoHelper Service.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528] [PID.2572] © [MD5.8C88C2AAB0F612948F87823E842F8F41] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit 64bit tasks.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe [360248] [PID.372] © [MD5.DD2CDBEB55480E40E4D84F59D6A214B1] - (.Portrait Displays, Inc. - pdisrvc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [122384] [PID.3204] © [MD5.EA735BF6DF13A857A83C99BF27A422AD] - (.Motorola - ForwardDemon.) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657] [PID.3240] © [MD5.CAA0C16ADCCE6142A43AD83BFA20B38B] - (.Motorola Mobility LLC - MotoHelperAgent.) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe [698680] [PID.3284] © [MD5.F51E6123B1897B3F1641259F5E354887] - (.Paramount Software UK Ltd - Reflect Service - Enables mounting of image.) -- C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656] [PID.3320] © [MD5.F70A51EB03EE7046784EF62EFCE9528E] - (.Secunia - Secunia PSI Agent.) -- C:\Program Files (x86)\Secunia\PSI\psia.exe [1326176] [PID.3360] © [MD5.BCACA78707C8B44F732CCE05918277D3] - (.brother - brcdcmon.) -- C:\Program Files (x86)\Brownie\brpjp04a.exe [99632] [PID.3680] © [MD5.490F9A7948EF661DF32A9F0DC8534284] - (.Brother Industries, Ltd. - Brother Status Monitor (Local).) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe [221184] [PID.3728] © [MD5.357CABBF155AFD1D3926E62539D2A3A7] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480] [PID.3776] © [MD5.D790CAFEFF0291D0AF8C76F5A1EE2E4E] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [223488] [PID.3908] © [MD5.6FCCCAA9144312CD4AA1B38834DD9857] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [6133520] [PID.3312] © [MD5.473CD6A860EF672D6DF5CABD2BDE35FB] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240] [PID.4876] © [MD5.793D7221E5EC69EA615349A13B702B8C] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528] [PID.904] © [MD5.F70987D7C2F1C67BD1FB511C574F1F58] - (.IObit - IObit Uninstaller 5 UninstallMontior.) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe [260896] [PID.4984] © [MD5.4B0583A0A6A22D9F453BFFD467E68190] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [392872] [PID.2976] © [MD5.6A47DAC7CE1D527F3004DCB97FC4EBED] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\My Computer\Downloads\ZHPDiag3.exe [1970176] [PID.6020] © ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (11) - 1s M0 - MFSP: prefs.js [My Computer - 8kyk8yzd.default-1436897542862] http://en.canoe.ca/home.html P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\{6C4BAFB6-2AC2-4405-A98D-546B55B3AE92}.xpi P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\{9c491c49-071c-4039-98a5-66d3fe53b1b2}.xpi P2 - EXT FILE: (...) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\McSiteAdvisor.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - EXT: (.NetVideoHunter - NetVideoHunter.) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\netvideohunter@netvideohunter.com P2 - EXT: (.WOT Services Oy - WOT.) -- C:\Users\My Computer\AppData\Roaming\Mozilla\Firefox\Profiles\8kyk8yzd.default-1436897542862\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} © P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll © ---\\ Internet Explorer Extensions, Start, Search (17) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ---\\ Internet Explorer, Proxy Management (6) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.* R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) © ---\\ Hosts file redirection (1) - 1s ~ Le fichier hôte est sain (The hosts file is clean) (15516) ---\\ Browser Helper Object (BHO) (8) - 0s O2 - BHO: ExplorerWnd Helper [64Bits] - {10921475-03CE-4E04-90CE-E2E7EF20C814} (Orphean) O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll © O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll © O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll © O2 - BHO: Logitech SetPoint [64Bits] - {AF949550-9094-4807-95EC-D1C317803333} . (.Logitech, Inc. - Logitech SetPoint.) -- C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll © O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL © O2 - BHO: WOT Helper [64Bits] - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} . (...) -- C:\Program Files (x86)\WOT\WOT.dll O2 - BHO: Adblock Plus for IE Browser Helper Object [64Bits] - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Eyeo GmbH - Adblock Plus BHO for Internet Explorer.) -- C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll © ---\\ Internet Explorer Toolbars (2) - 0s O3 - Toolbar: 0x466557714D35C941AAE831F2EC22BF0D - [HKCU]{71576546-354D-41C9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files (x86)\WOT\WOT.dll O3 - Toolbar: WOT - [HKLM]{71576546-354D-41c9-AAE8-31F2EC22BF0D} . (...) -- C:\Program Files (x86)\WOT\WOT.dll ---\\ Auto loading programs from Registry and folders (14) - 0s O4 - HKLM\..\Run: [BrMfcWnd] . (.Brother Industries, Ltd. - Brother Status Monitor Application.) -- c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe © O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe © O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe © O4 - HKCU\..\Run: [DS Clock] . (.Duality Software - DS Clock.) -- C:\Program Files\DS Clock\dsclock.exe O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe © O4 - HKCU\..\RunOnce: [BrStsW64.exe] . (.brother - brstswnd.) -- C:\Program Files (x86)\Brownie\BrStsW64.exe © O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe © O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes Anti-Exploit] . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe © O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe © O4 - HKUS\.DEFAULT\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe © O4 - HKUS\S-1-5-18\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe © O4 - HKUS\S-1-5-21-1731626085-4270488790-50613601-1000\..\Run: [DS Clock] . (.Duality Software - DS Clock.) -- C:\Program Files\DS Clock\dsclock.exe O4 - HKUS\S-1-5-21-1731626085-4270488790-50613601-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe © O4 - HKUS\S-1-5-21-1731626085-4270488790-50613601-1000\..\RunOnce: [BrStsW64.exe] . (.brother - brstswnd.) -- C:\Program Files (x86)\Brownie\BrStsW64.exe © ---\\ Lop.com/Domain Hijackers (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Extra protocols (31) - 1s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: intu-qt2009 [64Bits] - {03947252-2355-4e9b-B446-8CCC75C43370} . (.Intuit Canada, a general partnership/une société en n - Asynchronous Pluggable Protocol Library.) -- C:\Program Files (x86)\QuickTax 2009\ic2009pp.dll O18 - Handler: intu-tt2010 [64Bits] - {97A0575E-2309-4e75-8509-B1F9390C4DE7} . (.Intuit Canada, a general partnership/une société en n - Asynchronous Pluggable Protocol Library.) -- C:\Program Files (x86)\TurboTax 2010\ic2010pp.dll O18 - Handler: intu-tt2013 [64Bits] - {9FF5EC07-1645-43BF-828F-C73CFA7BC1AF} . (.Intuit Canada, a general partnership/une société en n - Asynchronous Pluggable Protocol Library.) -- C:\Program Files (x86)\TurboTax 2013\ic2013pp.dll O18 - Handler: intu-tt2014 [64Bits] - {97BB39CB-9ABA-4513-81E7-1D6FDA0854B8} . (.Intuit Canada, a general partnership/une société en n - Asynchronous Pluggable Protocol Library.) -- C:\Program Files (x86)\TurboTax 2014\ic2014pp.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll © O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll © O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll © O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll © O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype4COM.) -- C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll © O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll © O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll © O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll © O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll © O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll © O18 - Handler: wot [64Bits] - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} . (...) -- C:\Program Files (x86)\WOT\WOT.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll © O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL © ---\\ Software installed (104) - 11s O42 - Logiciel: Adblock Plus for IE (32-bit and 64-bit) - (.Eyeo GmbH.) [HKLM][64Bits] -- {0F347A49-E36C-4639-8D2E-003AD408B8B2} © O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} © O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0274D240-4D1D-4FDA-9A36-09F0BECD288F} © O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR © O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX © O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI © O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824161310} © O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player © O42 - Logiciel: Any Video Converter 5.6.2 - (.Any-Video-Converter.com.) [HKLM][64Bits] -- Any Video Converter_is1 O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {AAC5D43E-816D-4C2D-8E51-55FFF35BE301} © O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} © O42 - Logiciel: Audible Download Manager - (.Audible, Inc..) [HKLM][64Bits] -- AudibleDownloadManager O42 - Logiciel: AudibleManager - (.Audible, Inc..) [HKLM][64Bits] -- AudibleManager O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM][64Bits] -- avast © O42 - Logiciel: Brother HL-2030 - (.Brother.) [HKLM][64Bits] -- {0B9BA70D-519F-43D0-8ACE-60521086AE33} © O42 - Logiciel: Brother MFL-Pro Suite MFC-685CW - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {A3FEC306-FBFF-4B0D-95B9-F9C67C65079E} © O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM][64Bits] -- {15634701-BACE-4449-8B25-1567DA8C9FD3} © O42 - Logiciel: Canon DIGITAL CAMERA Solution Disk Software Guide - (.Canon Inc..) [HKLM][64Bits] -- Software Guide © O42 - Logiciel: Canon MOV Decoder - (.Canon Inc..) [HKLM][64Bits] -- Canon MOV Decoder © O42 - Logiciel: Canon MOV Encoder - (.Canon Inc..) [HKLM][64Bits] -- Canon MOV Encoder © O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- MovieEditTask © O42 - Logiciel: Canon Utilities CameraWindow DC 8 - (.Canon Inc..) [HKLM][64Bits] -- CameraWindowDC8 © O42 - Logiciel: Canon Utilities CameraWindow Launcher - (.Canon Inc..) [HKLM][64Bits] -- CameraWindowLauncher © O42 - Logiciel: Canon Utilities Movie Uploader for YouTube - (.Canon Inc..) [HKLM][64Bits] -- MovieUploaderForYouTube © O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..) [HKLM][64Bits] -- MyCamera © O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM][64Bits] -- PhotoStitch © O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- ZoomBrowser EX © O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM][64Bits] -- ZoomBrowser EX Memory Card Utility © O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner © O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM][64Bits] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 © O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} © O42 - Logiciel: DS Clock - (.Duality Software.) [HKLM][64Bits] -- DS Clock_is1 O42 - Logiciel: eReg - (.Logitech, Inc..) [HKLM][64Bits] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C} © O42 - Logiciel: FinePixViewer Ver.5.4 - (.FUJIFILM Corporation.) [HKLM][64Bits] -- {24ED4D80-8294-11D5-96CD-0040266301AD} O42 - Logiciel: Free CUDA Video Converter 7 - (.CUDA Studio.) [HKLM][64Bits] -- {7534AD6F-A485-42A4-AE5A-43828817F29A}_is1 © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} © O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544} © O42 - Logiciel: HP My Display - (.Portrait Displays, Inc..) [HKLM][64Bits] -- {15733AD1-1CEF-459A-9245-0924FC63BDD5} © O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {FC3C2B77-6800-48C6-A15D-9D1031130C16} © O42 - Logiciel: Intel(R) Network Connections Drivers - (.Intel.) [HKLM][64Bits] -- PROSet © O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM][64Bits] -- IObitUninstall © O42 - Logiciel: IrfanView (remove only) - (.Irfan Skiljan.) [HKLM][64Bits] -- IrfanView O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} © O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79} © O42 - Logiciel: Kaspersky Security Scan - (.Kaspersky Lab.) [HKLM][64Bits] -- {56009CA3-423B-41F8-884A-E5B049534F15} © O42 - Logiciel: Legacy 8.0 - (.Millennia Corporation.) [HKLM][64Bits] -- Legacy 8.0 O42 - Logiciel: Logitech SetPoint 6.67 - (.Logitech.) [HKLM][64Bits] -- sp6 © O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM][64Bits] -- {D40EB009-0499-459c-A8AF-C9C110766215} © O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM][64Bits] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB} © O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM][64Bits] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD} © O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM][64Bits] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9} © O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM][64Bits] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6} © O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM][64Bits] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA} © O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM][64Bits] -- {08610298-29AE-445B-B37D-EFBE05802967} © O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM][64Bits] -- {174A3B31-4C43-43DD-866F-73C9DB887B48} © O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM][64Bits] -- {8937D274-C281-42E4-8CDB-A0B2DF979189} © O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM][64Bits] -- {9DAEA76B-E50F-4272-A595-0124E826553D} © O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM][64Bits] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E} © O42 - Logiciel: Macrium Reflect Standard Edition - (.Paramount Software (UK) Ltd..) [HKLM][64Bits] -- {DEFA4A06-52DB-4DE6-A8FA-A8A865EE02B1} O42 - Logiciel: Macrium Reflect Standard Edition - (.Paramount Software (UK) Ltd..) [HKLM][64Bits] -- MacriumReflect O42 - Logiciel: Malwarebytes Anti-Exploit version 1.8.1.1045 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Exploit_is1 © O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 © O42 - Logiciel: Media Go - (.Sony.) [HKLM][64Bits] -- {1CBCA994-0290-49AD-98D3-9013A0F102E6} © O42 - Logiciel: Media Go Network Downloader - (.Sony.) [HKLM][64Bits] -- {C52148B9-19E0-433A-9422-3451B1BEE20F} © O42 - Logiciel: Media Go Video Playback Engine 2.16.105.12020 - (.Sony.) [HKLM][64Bits] -- {3A0F02F8-9A04-26AC-1446-38F32F00481A} © O42 - Logiciel: Memorex exPressit Label Design Studio - (...) [HKLM][64Bits] -- MVApplication1 O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: Motorola Device Manager - (.Motorola Mobility.) [HKLM][64Bits] -- {28DB8373-C1BB-444F-A427-A55585A12ED7} © O42 - Logiciel: Motorola Device Software Update - (.Motorola Mobility.) [HKLM][64Bits] -- {894AB83D-A9AF-4E54-BFF3-A7262A0A6C13} © O42 - Logiciel: Motorola Mobile Drivers Installation 6.3.0 - (.Motorola Mobility LLC.) [HKLM][64Bits] -- {759E6A2F-1F01-45EF-A0C4-22F1B56CB975} © O42 - Logiciel: Mozilla Firefox 42.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 42.0 (x86 en-US) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService © O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} © O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} © O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} © O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} © O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} © O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} © O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM][64Bits] -- {196467F1-C11F-4F76-858B-5812ADC83B94} © O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM][64Bits] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} © O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} © O42 - Logiciel: Personal Ancestral File 5 - (...) [HKLM][64Bits] -- {D94A8E22-DF2B-4107-9E51-608A60A7671D} O42 - Logiciel: Personal Ancestral File Companion 5.7 - (.Intellectual Reserve Inc..) [HKLM][64Bits] -- {91AFACB3-CA46-4C1E-AF2D-F72EE0B112E4} O42 - Logiciel: Pivot Software - (.Portrait Displays, Inc..) [HKLM][64Bits] -- {0217E1D1-BCEF-4A61-AF6D-F7740F65A066} © O42 - Logiciel: PressReader - (. NewspaperDirect Inc..) [HKLM][64Bits] -- {912CED74-88D3-4C5B-ACB0-132318649765} O42 - Logiciel: QuickTax 2009 - (.Intuit Canada.) [HKLM][64Bits] -- {ECB9C58E-C565-4683-9599-B72290BD3B25} © O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC} © O42 - Logiciel: Rapport - (.Trusteer.) [HKLM][64Bits] -- {1DD81E7D-0D28-4CEB-87B2-C041A4FCB215} © O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} © O42 - Logiciel: Sansa Updater - (.SanDisk Corporation.) [HKCU][64Bits] -- Sansa Updater O42 - Logiciel: ScanSoft PaperPort 11 - (.Nuance Communications, Inc..) [HKLM][64Bits] -- {B6C89654-A6A2-477C-873B-724EC1C56407} © O42 - Logiciel: SDK - (.Portrait Displays, Inc..) [HKLM][64Bits] -- {0DEA342C-15CB-4F52-97B6-06A9C4B9C06F} © O42 - Logiciel: Secunia PSI (3.0.0.2004) - (.Secunia.) [HKLM][64Bits] -- Secunia PSI © O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} © O42 - Logiciel: Skype™ 7.13 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} © O42 - Logiciel: Sony PC Companion 2.10.297 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3} © O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} © O42 - Logiciel: Trusteer Endpoint Protection - (.Trusteer.) [HKLM][64Bits] -- Rapport_msi © O42 - Logiciel: TurboTax 2010 - (.Intuit Canada.) [HKLM][64Bits] -- {24AE6B5B-3D5A-488C-9224-1BEE11F75DD9} © O42 - Logiciel: TurboTax 2013 - (.Intuit Canada.) [HKLM][64Bits] -- {1E0FF98D-4AE4-46CC-B624-E771ABD5EA11} © O42 - Logiciel: TurboTax 2014 - (.Intuit Canada.) [HKLM][64Bits] -- {0B69B187-4F9F-41C2-B850-735D1A323571} © O42 - Logiciel: Windows Automated Installation Kit - (.Microsoft Corporation.) [HKLM][64Bits] -- {31E8F586-4EF7-4500-844D-BA8756474FF1} © O42 - Logiciel: WinZip 19.0 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240E7} © O42 - Logiciel: WOT for Internet Explorer - (.WOT Services Oy.) [HKLM][64Bits] -- {DCAEC601-735C-41AE-B84F-D792F09FB7D1} © ---\\ HKCU & HKLM Software Keys (167) - 11s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\ADSRemoval HKLM\SOFTWARE\Wow6432Node\Aimersoft HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\Audible HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\Brother HKLM\SOFTWARE\Wow6432Node\Brother Industries, Ltd. HKLM\SOFTWARE\Wow6432Node\Canneverbe Limited HKLM\SOFTWARE\Wow6432Node\Canon HKLM\SOFTWARE\Wow6432Node\Canon_Inc_IC HKLM\SOFTWARE\Wow6432Node\CDDB HKLM\SOFTWARE\Wow6432Node\deepinvent HKLM\SOFTWARE\Wow6432Node\DRWDemo HKLM\SOFTWARE\Wow6432Node\EASEUS HKLM\SOFTWARE\Wow6432Node\Eset HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\IObit HKLM\SOFTWARE\Wow6432Node\IrfanView HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\KasperskyLab HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\logishrd HKLM\SOFTWARE\Wow6432Node\Logitech HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\MAGIX HKLM\SOFTWARE\Wow6432Node\Malwarebytes Anti-Exploit HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\McAfee.com HKLM\SOFTWARE\Wow6432Node\MicroVision HKLM\SOFTWARE\Wow6432Node\Millennia Corporation HKLM\SOFTWARE\Wow6432Node\Motorola HKLM\SOFTWARE\Wow6432Node\Motorola Mobility HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\NCH Software HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound HKLM\SOFTWARE\Wow6432Node\Nero HKLM\SOFTWARE\Wow6432Node\NewspaperDirect HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing HKLM\SOFTWARE\Wow6432Node\NoteBurner HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Portrait Displays HKLM\SOFTWARE\Wow6432Node\Portrait Displays, Inc. HKLM\SOFTWARE\Wow6432Node\PortraitDisplays HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Safer Networking Limited HKLM\SOFTWARE\Wow6432Node\ScanSoft HKLM\SOFTWARE\Wow6432Node\Secunia HKLM\SOFTWARE\Wow6432Node\Sensible Vision HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Sony HKLM\SOFTWARE\Wow6432Node\Sony Corporation HKLM\SOFTWARE\Wow6432Node\SpywareBlaster HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\Trusteer HKLM\SOFTWARE\Wow6432Node\TuneUp HKLM\SOFTWARE\Wow6432Node\Vantage Software Technologies HKLM\SOFTWARE\Wow6432Node\Visioneer HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp. HKLM\SOFTWARE\Wow6432Node\Yahoo HKLM\SOFTWARE\Wow6432Node\Zeon HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\AdblockPlus HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AnvSoft HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ATI HKCU\SOFTWARE\Audible HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\Brother HKCU\SOFTWARE\BVRP Software HKCU\SOFTWARE\Canneverbe Limited HKCU\SOFTWARE\Canon HKCU\SOFTWARE\Canon_Inc_IC HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Citrix HKCU\SOFTWARE\CUDA HKCU\SOFTWARE\Cygwin HKCU\SOFTWARE\deepinvent HKCU\SOFTWARE\DivXNetworks HKCU\SOFTWARE\DriverSupport HKCU\SOFTWARE\Duality Software HKCU\SOFTWARE\EaseUS HKCU\SOFTWARE\EpmNewsInfo HKCU\SOFTWARE\FUJIFILM HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\InterVideo HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\KasperskyLab HKCU\SOFTWARE\LDS Church HKCU\SOFTWARE\Leadertech HKCU\SOFTWARE\Legacy 8 Ribbon Layout HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Ligos HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\LogiShrd HKCU\SOFTWARE\Logitech HKCU\SOFTWARE\Macrium HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\Malwarebytes' Anti-Malware HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\MicroVision HKCU\SOFTWARE\Millennia HKCU\SOFTWARE\Millennia Corporation HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\NCH Software HKCU\SOFTWARE\NCH Swift Sound HKCU\SOFTWARE\Nero HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nico Mak Computing HKCU\SOFTWARE\NoteBurner HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Paramount Software (UK) Ltd. HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Portrait Displays HKCU\SOFTWARE\Portrait Displays, Inc. HKCU\SOFTWARE\PressReader HKCU\SOFTWARE\Real HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Safer Networking Limited HKCU\SOFTWARE\SanDisk HKCU\SOFTWARE\ScanSoft HKCU\SOFTWARE\Secunia HKCU\SOFTWARE\SIV HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Sony HKCU\SOFTWARE\Sony Corporation HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\The Silicon Realms Toolworks HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Trusteer HKCU\SOFTWARE\TuneUp HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\Visioneer HKCU\SOFTWARE\WinZip Computing HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WsAudio_Device HKCU\SOFTWARE\WsAudio_Device(3) HKCU\SOFTWARE\WsAudio_Device(4) HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\Adobe HKCU\SOFTWARE\AppDataLow\Software\Against Intuition HKCU\SOFTWARE\AppDataLow\Software\AppDataLow HKCU\SOFTWARE\AppDataLow\Software\arcadeparlorconfig HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\RealNetworks ---\\ Contents of the Common Files folders (292) - 10s O43 - CFD: 14/06/2015 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 25/11/2015 - [0] D -- C:\Program Files (x86)\Aimersoft O43 - CFD: 23/11/2013 - [] D -- C:\Program Files (x86)\AnvSoft O43 - CFD: 19/06/2015 - [] D -- C:\Program Files (x86)\Apple Software Update O43 - CFD: 14/03/2015 - [] D -- C:\Program Files (x86)\Audible O43 - CFD: 25/02/2014 - [] D -- C:\Program Files (x86)\Brother O43 - CFD: 18/02/2014 - [] D -- C:\Program Files (x86)\Brownie O43 - CFD: 07/06/2013 - [] D -- C:\Program Files (x86)\Canon O43 - CFD: 29/08/2015 - [] D -- C:\Program Files (x86)\CDBurnerXP O43 - CFD: 22/09/2014 - [] D -- C:\Program Files (x86)\Citrix O43 - CFD: 24/11/2015 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 19/07/2015 - [0] D -- C:\Program Files (x86)\EaseUS O43 - CFD: 07/06/2013 - [] D -- C:\Program Files (x86)\FamilySearch O43 - CFD: 07/06/2013 - [] D -- C:\Program Files (x86)\FinePixViewer O43 - CFD: 24/12/2013 - [] D -- C:\Program Files (x86)\Free CUDA Video Converter 6 O43 - CFD: 19/07/2015 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 31/08/2015 - [] D -- C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 12/03/2015 - [] D -- C:\Program Files (x86)\Hp O43 - CFD: 25/11/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 12/11/2015 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 25/11/2015 - [] D -- C:\Program Files (x86)\IObit O43 - CFD: 06/04/2014 - [] D -- C:\Program Files (x86)\IrfanView O43 - CFD: 24/11/2015 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 28/01/2014 - [] D -- C:\Program Files (x86)\Kaspersky Lab O43 - CFD: 03/08/2015 - [] D -- C:\Program Files (x86)\Legacy8 O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Logitech O43 - CFD: 23/11/2015 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Exploit O43 - CFD: 14/10/2015 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 17/08/2014 - [0] D -- C:\Program Files (x86)\McAfee O43 - CFD: 10/06/2013 - [] D -- C:\Program Files (x86)\Memorex exPressit Label Design Studio O43 - CFD: 13/03/2015 - [0] D -- C:\Program Files (x86)\Microsoft O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 07/01/2014 - [] D -- C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 12/08/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 23/09/2013 - [] D -- C:\Program Files (x86)\Microsoft SkyDrive O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 03/11/2013 - [] D -- C:\Program Files (x86)\Motorola O43 - CFD: 09/11/2014 - [] D -- C:\Program Files (x86)\Motorola Mobility O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 07/06/2013 - [] D -- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 07/10/2015 - [] D -- C:\Program Files (x86)\NCH Software O43 - CFD: 10/08/2014 - [] D -- C:\Program Files (x86)\NewspaperDirect O43 - CFD: 31/08/2015 - [] D -- C:\Program Files (x86)\Portrait Displays O43 - CFD: 06/06/2013 - [] D -- C:\Program Files (x86)\QuickTax 2009 O43 - CFD: 29/08/2015 - [] D -- C:\Program Files (x86)\QuickTime O43 - CFD: 11/05/2014 - [] D -- C:\Program Files (x86)\Real O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\ScanSoft O43 - CFD: 07/06/2013 - [] D -- C:\Program Files (x86)\Secunia O43 - CFD: 14/10/2015 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 20/04/2015 - [] D -- C:\Program Files (x86)\Sony O43 - CFD: 21/06/2015 - [] D -- C:\Program Files (x86)\Sony Media Go Install O43 - CFD: 08/03/2015 - [] D -- C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 29/09/2015 - [] D -- C:\Program Files (x86)\Trusteer O43 - CFD: 06/06/2013 - [] D -- C:\Program Files (x86)\TurboTax 2010 O43 - CFD: 17/04/2014 - [] D -- C:\Program Files (x86)\TurboTax 2013 O43 - CFD: 27/04/2015 - [] D -- C:\Program Files (x86)\TurboTax 2014 O43 - CFD: 13/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 06/04/2014 - [0] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 09/08/2013 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 23/04/2014 - [] D -- C:\Program Files (x86)\Windows Live O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 10/06/2015 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 20/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 10/06/2013 - [] D -- C:\Program Files (x86)\WOT O43 - CFD: 02/03/2014 - [] D -- C:\Program Files (x86)\Xvid O43 - CFD: 05/06/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 28/05/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 23/11/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnvSoft O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager O43 - CFD: 05/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother O43 - CFD: 18/02/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother HL-2030 O43 - CFD: 07/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities O43 - CFD: 07/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 18/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DS Clock O43 - CFD: 07/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FamilySearch O43 - CFD: 07/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinePixViewer O43 - CFD: 24/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free CUDA Video Converter 6 O43 - CFD: 05/06/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 31/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 25/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller O43 - CFD: 24/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 04/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legacy 8.0 O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 23/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 10/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Memorex exPressit Label Design Studio O43 - CFD: 05/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 12/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 07/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Windows AIK O43 - CFD: 09/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager O43 - CFD: 10/08/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PressReader O43 - CFD: 06/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTax O43 - CFD: 29/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime O43 - CFD: 10/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft PaperPort 11 O43 - CFD: 23/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 05/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4 O43 - CFD: 25/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 22/11/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster O43 - CFD: 21/01/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 21/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 12/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection O43 - CFD: 22/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax O43 - CFD: 21/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 14/06/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 24/01/2014 - [] D -- C:\ProgramData\Apple O43 - CFD: 15/06/2013 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 07/01/2014 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 05/06/2013 - [] D -- C:\ProgramData\Brother O43 - CFD: 19/06/2013 - [] D -- C:\ProgramData\Canneverbe Limited O43 - CFD: 11/03/2014 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 27/05/2014 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 18/12/2013 - [] D -- C:\ProgramData\Duality Software O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 23/03/2014 - [0] D -- C:\ProgramData\firebird O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\Hewlett-Packard O43 - CFD: 02/04/2014 - [] D -- C:\ProgramData\HitmanPro O43 - CFD: 14/06/2015 - [0] D -- C:\ProgramData\Informer Technologies, Inc O43 - CFD: 05/06/2013 - [] D -- C:\ProgramData\InstallShield O43 - CFD: 22/01/2015 - [] D -- C:\ProgramData\Intuit Canada O43 - CFD: 11/12/2014 - [] D -- C:\ProgramData\IObit O43 - CFD: 28/01/2014 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Licenses O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\Logishrd O43 - CFD: 03/11/2014 - [] D -- C:\ProgramData\Logitech O43 - CFD: 06/04/2014 - [] D -- C:\ProgramData\Logs O43 - CFD: 07/06/2013 - [] D -- C:\ProgramData\Macrium O43 - CFD: 02/04/2014 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 25/11/2015 - [] D -- C:\ProgramData\Malwarebytes Anti-Exploit O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\McAfee O43 - CFD: 16/04/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 12/11/2015 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 18/12/2013 - [0] D -- C:\ProgramData\Microsoft SkyDrive O43 - CFD: 03/11/2013 - [] D -- C:\ProgramData\Motorola O43 - CFD: 05/06/2013 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 07/10/2015 - [] D -- C:\ProgramData\NCH Software O43 - CFD: 08/03/2015 - [] D -- C:\ProgramData\Nero O43 - CFD: 10/08/2014 - [0] D -- C:\ProgramData\NewspaperDirect O43 - CFD: 09/04/2014 - [0] D -- C:\ProgramData\NoteBurner O43 - CFD: 26/01/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 15/01/2015 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 21/11/2015 - [] D -- C:\ProgramData\ProductData =>PUP.Optional.Generic O43 - CFD: 07/06/2013 - [] D -- C:\ProgramData\Progeny O43 - CFD: 11/05/2014 - [] D -- C:\ProgramData\Real O43 - CFD: 28/08/2013 - [] D -- C:\ProgramData\ScanSoft O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Skype O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Sony O43 - CFD: 07/04/2014 - [] D -- C:\ProgramData\Sony Corporation O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 20/04/2015 - [] D -- C:\ProgramData\Sun O43 - CFD: 22/11/2015 - [] AD -- C:\ProgramData\TEMP O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 23/07/2015 - [] D -- C:\ProgramData\Trusteer O43 - CFD: 11/03/2014 - [] D -- C:\ProgramData\TuneUp Software O43 - CFD: 09/02/2015 - [] D -- C:\ProgramData\WinZip O43 - CFD: 07/06/2013 - [0] D -- C:\ProgramData\ZoomBrowser O43 - CFD: 15/03/2015 - [] D -- C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44} O43 - CFD: 06/06/2013 - [0] D -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} O43 - CFD: 11/03/2014 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 14/06/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 15/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 09/04/2014 - [] D -- C:\Program Files (x86)\Common Files\Aimersoft O43 - CFD: 06/06/2013 - [] D -- C:\Program Files (x86)\Common Files\AnswerWorks 4.0 O43 - CFD: 19/06/2015 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 07/06/2013 - [] D -- C:\Program Files (x86)\Common Files\Canon O43 - CFD: 19/05/2014 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 07/06/2013 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 06/06/2013 - [] D -- C:\Program Files (x86)\Common Files\Intuit O43 - CFD: 11/12/2014 - [] D -- C:\Program Files (x86)\Common Files\IObit O43 - CFD: 24/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Common Files\logishrd O43 - CFD: 27/12/2013 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 09/01/2014 - [] D -- C:\Program Files (x86)\Common Files\MSSoap O43 - CFD: 31/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Portrait Displays O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Common Files\ScanSoft Shared O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 23/08/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 21/06/2015 - [] D -- C:\Program Files (x86)\Common Files\Sony Shared O43 - CFD: 13/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 10/06/2013 - [] D -- C:\Program Files (x86)\Common Files\SureThing Shared O43 - CFD: 04/06/2013 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 05/06/2013 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 14/06/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\Adobe O43 - CFD: 29/10/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\AnvSoft O43 - CFD: 11/11/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Apple Computer O43 - CFD: 07/01/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\AVAST Software O43 - CFD: 13/06/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\BankID O43 - CFD: 04/06/2013 - [] RD -- C:\Users\My Computer\AppData\Roaming\Brother O43 - CFD: 19/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Canneverbe Limited O43 - CFD: 24/12/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\CUDA O43 - CFD: 31/08/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\DisplayTune O43 - CFD: 18/12/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Duality Software O43 - CFD: 04/04/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\dvdcss O43 - CFD: 07/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\FUJIFILM O43 - CFD: 12/03/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\Hewlett-Packard O43 - CFD: 12/03/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\hpqLog O43 - CFD: 28/05/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Identities O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\InstallShield O43 - CFD: 22/01/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\Intuit Canada O43 - CFD: 13/03/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\IObit O43 - CFD: 06/04/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\IrfanView O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Leadertech O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Logishrd O43 - CFD: 11/12/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\Logitech O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Macromedia O43 - CFD: 02/04/2014 - [0] D -- C:\Users\My Computer\AppData\Roaming\Malwarebytes O43 - CFD: 21/11/2010 - [0] D -- C:\Users\My Computer\AppData\Roaming\Media Center Programs O43 - CFD: 17/03/2015 - [] SD -- C:\Users\My Computer\AppData\Roaming\Microsoft O43 - CFD: 03/11/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Motorola O43 - CFD: 03/11/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Motorola Mobility O43 - CFD: 04/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Mozilla O43 - CFD: 27/12/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Nero O43 - CFD: 22/10/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\NewspaperDirect O43 - CFD: 03/09/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\PC-FAX TX O43 - CFD: 28/01/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\ProductData O43 - CFD: 11/05/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\Real O43 - CFD: 13/07/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\SanDisk O43 - CFD: 04/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\ScanSoft O43 - CFD: 22/11/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\Skype O43 - CFD: 05/04/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\Sony O43 - CFD: 27/08/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\Sun O43 - CFD: 04/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Thunderbird O43 - CFD: 11/03/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\TuneUp Software O43 - CFD: 20/09/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Windows Live Writer O43 - CFD: 11/12/2013 - [0] D -- C:\Users\My Computer\AppData\Roaming\WinRAR O43 - CFD: 25/11/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\ZHP O43 - CFD: 07/06/2013 - [0] D -- C:\Users\My Computer\AppData\Roaming\ZoomBrowser EX O43 - CFD: 25/11/2015 - [] D -- C:\Users\My Computer\AppData\Local\Adobe O43 - CFD: 09/04/2014 - [] D -- C:\Users\My Computer\AppData\Local\Aimersoft O43 - CFD: 15/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Apple O43 - CFD: 15/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Apple Computer O43 - CFD: 28/05/2013 - [0] SHD -- C:\Users\My Computer\AppData\Local\Application Data O43 - CFD: 23/10/2013 - [] D -- C:\Users\My Computer\AppData\Local\Apps O43 - CFD: 25/11/2015 - [] D -- C:\Users\My Computer\AppData\Local\Audible O43 - CFD: 15/07/2015 - [] D -- C:\Users\My Computer\AppData\Local\CEF O43 - CFD: 22/09/2014 - [] D -- C:\Users\My Computer\AppData\Local\Citrix O43 - CFD: 25/11/2015 - [0] D -- C:\Users\My Computer\AppData\Local\CrashDumps O43 - CFD: 22/10/2015 - [0] D -- C:\Users\My Computer\AppData\Local\Deployment O43 - CFD: 25/11/2015 - [] D -- C:\Users\My Computer\AppData\Local\Diagnostics O43 - CFD: 31/08/2015 - [] D -- C:\Users\My Computer\AppData\Local\DisplayTune O43 - CFD: 05/04/2014 - [] D -- C:\Users\My Computer\AppData\Local\Downloaded Installations O43 - CFD: 25/11/2015 - [] D -- C:\Users\My Computer\AppData\Local\ElevatedDiagnostics O43 - CFD: 10/06/2015 - [0] SHD -- C:\Users\My Computer\AppData\Local\EmieBrowserModeList O43 - CFD: 10/06/2015 - [0] SHD -- C:\Users\My Computer\AppData\Local\EmieSiteList O43 - CFD: 10/06/2015 - [0] SHD -- C:\Users\My Computer\AppData\Local\EmieUserList O43 - CFD: 03/03/2015 - [] D -- C:\Users\My Computer\AppData\Local\fontconfig O43 - CFD: 19/07/2015 - [] D -- C:\Users\My Computer\AppData\Local\Google O43 - CFD: 02/06/2015 - [] D -- C:\Users\My Computer\AppData\Local\GWX O43 - CFD: 12/03/2015 - [] D -- C:\Users\My Computer\AppData\Local\Hewlett-Packard O43 - CFD: 28/05/2013 - [0] SHD -- C:\Users\My Computer\AppData\Local\History O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Logishrd O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Logitech® Webcam Software O43 - CFD: 10/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Macromedia O43 - CFD: 15/10/2015 - [] D -- C:\Users\My Computer\AppData\Local\Microsoft O43 - CFD: 24/08/2013 - [] D -- C:\Users\My Computer\AppData\Local\Microsoft Games O43 - CFD: 18/07/2014 - [] D -- C:\Users\My Computer\AppData\Local\Microsoft Help O43 - CFD: 10/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\MicroVision Applications O43 - CFD: 07/06/2013 - [0] DC -- C:\Users\My Computer\AppData\Local\MigWiz O43 - CFD: 17/09/2013 - [] D -- C:\Users\My Computer\AppData\Local\Mozilla O43 - CFD: 07/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Progeny O43 - CFD: 10/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Programs O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\Scansoft O43 - CFD: 07/06/2013 - [0] D -- C:\Users\My Computer\AppData\Local\Secunia PSI O43 - CFD: 09/03/2014 - [] D -- C:\Users\My Computer\AppData\Local\Skype O43 - CFD: 07/04/2014 - [] D -- C:\Users\My Computer\AppData\Local\Sony O43 - CFD: 25/11/2015 - [] D -- C:\Users\My Computer\AppData\Local\Temp O43 - CFD: 28/05/2013 - [0] SHD -- C:\Users\My Computer\AppData\Local\Temporary Internet Files O43 - CFD: 26/03/2014 - [] D -- C:\Users\My Computer\AppData\Local\Thunderbird O43 - CFD: 23/07/2015 - [] D -- C:\Users\My Computer\AppData\Local\Trusteer O43 - CFD: 05/06/2013 - [] D -- C:\Users\My Computer\AppData\Local\VirtualStore O43 - CFD: 09/10/2014 - [] D -- C:\Users\My Computer\AppData\Local\Windows Live O43 - CFD: 06/07/2015 - [] D -- C:\Users\My Computer\AppData\Local\Windows Live Writer O43 - CFD: 09/02/2015 - [] D -- C:\Users\My Computer\AppData\Local\WinZip O43 - CFD: 13/07/2009 - [] RD -- C:\Users\My Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/10/2015 - [] RD -- C:\Users\My Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 13/10/2015 - [] D -- C:\Users\My Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView O43 - CFD: 03/08/2014 - [] D -- C:\Users\My Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrium O43 - CFD: 13/07/2009 - [] RD -- C:\Users\My Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 12/06/2013 - [] D -- C:\Users\My Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SanDisk O43 - CFD: 14/10/2015 - [] RD -- C:\Users\My Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 0s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll © O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll © O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll © ---\\ ShareTools MSconfig StartupReg (20) - 1s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- c:\program files (x86)\common files\Adobe\ARM\1.0\AdobeARM.exe © O53 - SMSR:HKLM\...\startupreg\Aimersoft Helper Compact.exe [Key] . (...) -- C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe © O53 - SMSR:HKLM\...\startupreg\ControlCenter3 [Key] . (.Brother Industries, Ltd. - ControlCenter Program.) -- c:\program files (x86)\Brother\controlcenter3\BrCtrCen.exe © O53 - SMSR:HKLM\...\startupreg\DT HPC [Key] . (.Portrait Displays, Inc. - DT_Startup.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe © O53 - SMSR:HKLM\...\startupreg\EaseUS EPM tray [Key] . (...) -- c:\program files (x86)\easeus\easeus partition master 9.2.1 home edition\bin\epmnews.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\EvtMgr6 [Key] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- c:\program files\Logitech\setpointp\SetPoint.exe © O53 - SMSR:HKLM\...\startupreg\IndexSearch [Key] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe © O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (...) -- c:\program files (x86)\itunes\ituneshelper.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\LWS [Key] . (.Logitech Inc. - Logitech Webcam Software.) -- c:\program files (x86)\Logitech\LWS\webcam software\LWS.exe © O53 - SMSR:HKLM\...\startupreg\PaperPort PTD [Key] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- c:\program files (x86)\ScanSoft\paperport\pptd40nt.exe © O53 - SMSR:HKLM\...\startupreg\PivotSoftware [Key] . (...) -- C:\Program Files (x86)\Portrait Displays\Pivot Software\wpCtrl.exe O53 - SMSR:HKLM\...\startupreg\PPort11reminder [Key] . (.Nuance Communications, Inc. - SSEreg MFC Application.) -- C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe © O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- c:\program files (x86)\quicktime\QTTask.exe © O53 - SMSR:HKLM\...\startupreg\SansaDispatch [Key] . (.SanDisk Corporation - Sansa Dispatcher.) -- c:\Users\my computer\AppData\Roaming\SanDisk\sansa updater\sansadispatch.exe O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- c:\program files (x86)\Skype\Phone\Skype.exe © O53 - SMSR:HKLM\...\startupreg\Skype.exe [Key] . (.Skype Technologies S.A. - Skype.) -- c:\program files (x86)\Skype\Phone\Skype.exe © O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (...) -- c:\program files (x86)\spybot - search & destroy\teatimer.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SSBkgdUpdate [Key] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- c:\program files (x86)\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe © O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (...) -- c:\program files (x86)\real\realplayer\update\realsched.exe (.not file.) ---\\ System Drivers List (104) - 5s O58 - SDL:2015/08/30 14:33:43 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\36854E29.sys [113880] © O58 - SDL:2009/07/13 18:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] © O58 - SDL:2009/07/13 18:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] © O58 - SDL:2009/07/13 18:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] © O58 - SDL:2009/07/13 18:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] © O58 - SDL:2011/03/10 23:41:12 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] © O58 - SDL:2009/07/13 18:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] © O58 - SDL:2011/03/10 23:41:12 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] © O58 - SDL:2009/07/13 18:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] © O58 - SDL:2009/07/13 18:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] © O58 - SDL:2015/10/02 16:30:09 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [28656] © O58 - SDL:2015/10/02 16:30:09 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [90968] © O58 - SDL:2015/10/02 16:30:08 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [93528] © O58 - SDL:2015/10/02 16:30:09 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [65224] © O58 - SDL:2015/11/06 07:49:18 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswsnx.sys [1059656] © O58 - SDL:2015/11/06 07:49:18 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswsp.sys [449992] © O58 - SDL:2015/10/02 16:30:09 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [153744] © O58 - SDL:2015/10/02 16:30:09 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [274808] © O58 - SDL:2013/11/24 12:06:48 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [11922944] © O58 - SDL:2013/11/24 12:06:48 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [359936] © O58 - SDL:2009/06/10 13:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] © O58 - SDL:2009/06/10 13:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] © O58 - SDL:2009/06/10 13:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] © O58 - SDL:2006/11/06 08:56:30 A . (.Brother Industries Ltd. - Brother Parallel class Driver AMD 64bit ed.) -- C:\Windows\System32\drivers\brpar64a.sys [30528] © O58 - SDL:2009/07/13 18:18:06 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerIb.sys [281088] © O58 - SDL:2009/07/13 18:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] © O58 - SDL:2006/12/12 10:29:02 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerIf.sys [97280] © O58 - SDL:2009/06/10 13:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] © O58 - SDL:2009/06/10 13:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] © O58 - SDL:2006/09/03 08:53:38 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [19584] © O58 - SDL:2009/06/10 13:41:10 A . (.Brother Industries Ltd. - Brother MFC Serial USB Driver(WDM).) -- C:\Windows\System32\drivers\BrUsbSIb.sys [15360] © O58 - SDL:2009/06/10 13:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] © O58 - SDL:2009/07/13 18:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] © O58 - SDL:2009/06/10 13:35:20 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\e1e6032e.sys [278016] © O58 - SDL:2014/03/11 08:46:47 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\e1e6232e.sys [301784] © O58 - SDL:2009/07/13 18:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] © O58 - SDL:2009/06/10 13:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] © O58 - SDL:2012/08/21 12:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [33240] © O58 - SDL:2009/06/10 13:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] © O58 - SDL:2010/11/20 20:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] © O58 - SDL:2011/03/10 23:41:26 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] © O58 - SDL:2009/07/13 18:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] © O58 - SDL:2015/06/17 19:25:00 A . (.Logitech, Inc. - Logitech Equad USB Driver..) -- C:\Windows\System32\drivers\LEqdUsb.sys [87696] © O58 - SDL:2015/06/17 19:25:00 A . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\System32\drivers\LHidEqd.sys [23184] © O58 - SDL:2015/06/17 19:25:00 A . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\System32\drivers\LHidFilt.Sys [86672] © O58 - SDL:2015/06/17 19:25:00 A . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\System32\drivers\LMouFilt.Sys [69264] © O58 - SDL:2015/09/08 13:21:34 A . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\System32\drivers\LNonPnP.sys [18960] © O58 - SDL:2009/07/13 18:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] © O58 - SDL:2009/07/13 18:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] © O58 - SDL:2009/07/13 18:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] © O58 - SDL:2009/07/13 18:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] © O58 - SDL:2014/03/18 17:24:44 A . (.Logitech, Inc. - Logitech USB Filter Driver..) -- C:\Windows\System32\drivers\LUsbFilt.sys [40728] © O58 - SDL:2012/09/21 12:04:22 A . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Dr.) -- C:\Windows\System32\drivers\lvrs64.sys [351520] © O58 - SDL:2012/09/21 12:04:22 A . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\System32\drivers\LVUVC64.sys [4763680] © O58 - SDL:2015/10/05 08:50:06 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [25816] © O58 - SDL:2015/10/05 08:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [109272] © O58 - SDL:2015/11/22 09:06:07 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] © O58 - SDL:2009/07/13 18:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] © O58 - SDL:2009/07/13 18:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] © O58 - SDL:2013/03/19 17:25:28 A . (.Motorola Mobility Inc - Motorola USB Composite Device Driver.) -- C:\Windows\System32\drivers\motccgp.sys [23552] O58 - SDL:2013/03/20 09:51:14 A . (.Motorola Inc - Motorola Unsafe Removal Filter Driver.) -- C:\Windows\System32\drivers\motfilt.sys [6144] © O58 - SDL:2013/03/19 17:25:46 A . (.Motorola Mobility Inc - Motorola USB Networking Driver.) -- C:\Windows\System32\drivers\Motousbnet.sys [27648] O58 - SDL:2012/06/08 16:08:54 A . (.Motorola - .) -- C:\Windows\System32\drivers\motswch.sys [8832] © O58 - SDL:2013/03/20 09:49:34 A . (.Motorola Inc - Motorola USB Device Driver (SVC).) -- C:\Windows\System32\drivers\motusbdevice.sys [12288] © O58 - SDL:2015/10/05 08:50:18 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [63704] © O58 - SDL:2009/07/13 18:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] © O58 - SDL:2011/01/06 10:29:18 A . (.NoteBurn Software - NoteBurn Virtual CD-RW SCSI Controller.) -- C:\Windows\System32\drivers\ntcdrdrv.sys [25680] O58 - SDL:2011/03/10 23:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] © O58 - SDL:2011/03/10 23:41:34 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] © O58 - SDL:2011/12/16 07:20:10 A . (.Secunia - Secunia PSI Driver.) -- C:\Windows\System32\drivers\psi_mf.sys [17976] © O58 - SDL:2015/07/30 11:34:33 A . (.Windows (R) Win 7 DDK provider - Paramount Software Image Mounting Driver.) -- C:\Windows\System32\drivers\psmounterex.sys [169992] © O58 - SDL:2014/07/21 11:36:48 A . (.Paramount Software UK Ltd - Volume Access driver.) -- C:\Windows\System32\drivers\PSVolAcc.sys [12760] © O58 - SDL:2009/07/13 18:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] © O58 - SDL:2009/07/13 18:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] © O58 - SDL:2015/10/18 15:06:58 A . (.IBM Corp. - RapportHades64.) -- C:\Windows\System32\drivers\RapportHades64.sys [139896] © O58 - SDL:2015/10/18 15:06:56 A . (.IBM Corp. - RapportKE.) -- C:\Windows\System32\drivers\RapportKE64.sys [394584] © O58 - SDL:2010/03/15 10:38:38 A . (.MCCI Corporation - Sony Ericsson Device 1039 Driver.) -- C:\Windows\System32\drivers\s1039bus.sys [127600] © O58 - SDL:2010/03/15 10:38:40 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s1039cm.sys [15472] © O58 - SDL:2010/03/15 10:38:40 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s1039cmnt.sys [15472] © O58 - SDL:2010/03/15 10:38:46 A . (.MCCI Corporation - Sony Ericsson Device 1039 USB Ethernet Emul.) -- C:\Windows\System32\drivers\s1039cr.sys [14960] © O58 - SDL:2010/03/15 10:38:46 A . (.MCCI Corporation - Sony Ericsson Device 1039 USB WMC Modem Fil.) -- C:\Windows\System32\drivers\s1039mdfl.sys [19568] © O58 - SDL:2010/03/15 10:38:46 A . (.MCCI Corporation - Sony Ericsson Device 1039 USB WMC Modem WDM.) -- C:\Windows\System32\drivers\s1039mdm.sys [161904] © O58 - SDL:2010/03/15 10:38:46 A . (.MCCI Corporation - Sony Ericsson Device 1039 USB WMC Device Ma.) -- C:\Windows\System32\drivers\s1039mgmt.sys [141424] © O58 - SDL:2010/03/15 10:38:46 A . (.MCCI Corporation - Sony Ericsson Device 1039 USB Ethernet Emul.) -- C:\Windows\System32\drivers\s1039nd5.sys [34416] © O58 - SDL:2010/03/15 10:38:46 A . (.MCCI Corporation - Sony Ericsson Device 1039 USB WMC OBEX Inte.) -- C:\Windows\System32\drivers\s1039obex.sys [137328] © O58 - SDL:2010/03/15 10:38:46 A . (.MCCI Corporation - Sony Ericsson Device 1039 USB Ethernet Emul.) -- C:\Windows\System32\drivers\s1039unic.sys [158320] © O58 - SDL:2010/03/15 10:38:44 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s1039wh.sys [15984] © O58 - SDL:2010/03/15 10:38:44 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\s1039whnt.sys [15984] © O58 - SDL:2009/06/10 13:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] © O58 - SDL:2009/07/13 17:00:40 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] © O58 - SDL:2008/09/22 23:24:00 A . (.Todos Data System AB - Handelsbanken card reader.) -- C:\Windows\System32\drivers\shbecr.sys [50176] O58 - SDL:2009/07/13 18:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] © O58 - SDL:2009/07/13 18:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] © O58 - SDL:2014/06/04 14:17:30 A . (.IObit - SmartDefrag Driver.) -- C:\Windows\System32\drivers\SmartDefragDriver.sys [21184] © O58 - SDL:2009/07/13 18:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] © O58 - SDL:2012/12/13 12:50:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl64.sys [54784] © O58 - SDL:2009/07/13 18:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] © O58 - SDL:2013/01/25 16:44:28 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\drivers\VirtualAudio1.sys [31080] © O58 - SDL:2013/01/25 16:44:28 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\drivers\VirtualAudio2.sys [31080] © O58 - SDL:2013/01/25 16:44:28 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\drivers\VirtualAudio3.sys [31080] © O58 - SDL:2013/01/25 16:44:28 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\drivers\VirtualAudio4.sys [31080] © O58 - SDL:2013/01/25 16:44:28 A . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\drivers\VirtualAudio5.sys [31080] © O58 - SDL:2009/07/13 18:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] © O58 - SDL:2015/04/29 23:01:06 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\drivers\wdcsam64.sys [23200] © ---\\ Last modified or created user files (1) - 8s O61 - LFC: 2015/11/19 15:04:31 A . (..) -- C:\Users\My Computer\AppData\Local\Adobe\Acrobat\DC\UserCache.bin [71963] ---\\ File Associations Shell Spawning (11) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © ---\\ Start Menu Internet (8) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe © ---\\ Search Browser Infection (3) - 10s O69 - SBI: SearchScopes [HKCU] A5BB1BB80AF74BE4947A0103F8951D58 - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {520CAB51-2253-D723-50E9-2E61F8B8EBD9} - (Bing) - http://www.bing.com/ ---\\ Search Svchost Services (33) - 0s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] © O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [236032] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [859648] © O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [680960] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] © O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [683520] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [2608128] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [30720] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [156672] © O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [67584] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136704] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1110016] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [90624] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [210432] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [44544] © O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] © O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] © ---\\ Services not Microsoft (SR=Run, SS=Stop) (21) - 31s SR - Auto [28/10/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe © SS - Demand [25/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe © SR - Auto [24/11/2013] [ 238080] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe © SR - Auto [02/10/2015] [ 146600] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe © SR - Auto [19/11/2009] [ 62264] DS Clock Synchronization Service www.dualitysoft.com (DSClockSyncTime) . (.Duality Software.) - C:\Program Files\DS Clock\dsetime.exe SR - Auto [27/06/2014] [ 138768] Portrait Displays Display Tune Service (DTSRVC) . (.Portrait Displays, Inc..) - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe © SR - Auto [28/03/2015] [ 89840] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe © SS - Demand [02/07/2015] [ 356808] Logitech Bluetooth Service (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe © SS - Auto [09/10/2015] [ 2934048] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe © SR - Auto [18/11/2015] [ 739640] Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe © SR - Auto [15/11/2013] [ 137528] Motorola Device Manager Service (Motorola Device Manager) . (.Motorola Mobility LLC.) - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe © SS - Demand [07/11/2015] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe © SR - Auto [22/01/2014] [ 122384] Portrait Displays SDK Service (PdiService) . (.Portrait Displays, Inc..) - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe © SR - Auto [02/09/2011] [ 65657] PST Service (PST Service) . (.Motorola.) - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe © SR - Auto [26/10/2015] [ 2255128] Rapport Management Service (RapportMgmtService) . (.IBM Corp..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe © SR - Auto [21/07/2014] [ 3272656] Macrium Reflect Image Mounting Service (ReflectService.exe) . (.Paramount Software UK Ltd.) - C:\Program Files\Macrium\Reflect\ReflectService.exe © SR - Auto [27/06/2012] [ 1326176] Secunia PSI Agent (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\psia.exe © SS - Auto [27/06/2012] [ 681056] Secunia Update Agent (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe © SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe © SS - Demand [10/06/2015] [ 155520] Sony PC Companion (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe © ---\\ Additional Scan (O88) (1) - 0s C:\ProgramData\ProductData =>PUP.Optional.Generic ---\\ Summary of the elements found (1) - 0s http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic ~ End of the scan, 41961 items in 109 seconds (1048)(0) barsim