Browsers Crash, Executable files stall or crash

**Malnutrition** · 11-17-2016, 04:37 AM

Remove these programs with Geek Uninstaller, if something is missing from the list, then use D-Uninstaller to see and remove hidden items.

Apple Application Support (HKLM...{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Mobile Device Support (HKLM...{308B6AEA-DE50-4666-996D-0FA461719D6B}) (Version: 3.3.0.69 - Apple Inc.)
Apple Software Update (HKLM...{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM...{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}is1) (Version: 4.4.0.0 - Auslogics Labs Pty Ltd)
Bonjour (HKLM...{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}) (Version: 2.0.3.0 - Apple Inc.)
CD/DVD Drive Acoustic Silencer (HKLM...{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.02.01 - TOSHIBA)
ESET Online Scanner v3 (HKLM...\ESET Online Scanner) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM...{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GearDrvs (Version: 1 - Symantec Corporation) Hidden
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
Google Talk Plugin (HKLM...{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM...{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Java 7 Update 67 (HKLM...{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
TOSHIBA Assist (HKLM...{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.05 - TOSHIBA)
TOSHIBA ConfigFree (HKLM...{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}) (Version: 7.1.27 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM...{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.20.10 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM...\InstallShield{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 1.0.3.32 - TOSHIBA)
TOSHIBA Hardware Setup (HKLM...{2883F6F5-0509-43F3-868C-D50330DD9DD3}) (Version: 2.00.06 - )
Toshiba Registration (HKLM...{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA SD Memory Utilities (HKLM...{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.1 - TOSHIBA)
TOSHIBA Software Upgrades (HKLM...{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.3 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM...{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM...{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM...{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM...{4B1E87C3-00DE-4898-8E39-E390AAEF2391}) (Version: 2.00.03 - )
TOSHIBA Value Added Package (HKLM...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.1.14 - TOSHIBA Corporation)

Fix with HijackThis!

Close all other programs!
Right Click Hijack this, run as administrator.
Click do a system scan only.
Place a tick next to the items below.

O4 - HKLM..\Run: [StartCCC] “C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe”
O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM..\Run: [Camera Assistant Software] “C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe” /start
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM..\Run: [UsbMonitor] “C:\Program Files\TrueSuite Access Manager\usbnotify.exe”
O4 - HKLM..\Run: [InstaLAN] “C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe” startup
O4 - HKLM..\Run: [ZAM] “C:\Program Files\Zemana AntiMalware\ZAM.exe” /minimized
O4 - HKCU..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU..\Run: [cdloader] “C:\Users\psimoes\AppData\Roaming\mjusbsp\cdloader 2.exe” MAGICJACK
O4 - HKCU..\Run: [CCleaner Monitoring] “C:\Program Files\CCleaner\CCleaner.exe” /MONITOR
O4 - HKCU..\Run: [Adobe Reader Synchronizer] “C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe”

Click fix checked.
Accept the prompt.
Reboot the machine after.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
[ul]
[li]Double-click SystemLook.exe to run it.[/li][li]Copy the content of the following codebox into the main textfield:[/li]

Code:

:filefind
tljkva
wayuia

:Regfind
tljkva
wayuia

[li]Click the Look button to start the scan.[/li]Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
(Takes about 4 minutes on my XP net book)
[li]When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.[/li][/ul]
Note: The log can also be found on your Desktop entitled SystemLook.txt

**jmarket** · 11-17-2016, 07:43 AM

@Paul Simoes You should be able to see images now. Apologies if you weren’t able to before.

**paulwb** · 11-17-2016, 02:05 PM

Much appreciated, thank you.

**paulwb** · 11-17-2016, 06:36 PM

Regarding post 16416 quoted below, all except the following were done …

Disable IPV6 - ran the diagcab file, using the method below

Press Winkey + R. Delete what’s already in the dialog.
Click Browse to insert the diagcab file into the dialog.
Insert before the filename msdt /cab ( msdt space/cab )
msdt /cab “C:\the filename you dragged in .diagcab”

but got the following Error message …
[ATTACH]771[/ATTACH]

My internet connection is fine. What do you recommend?
I found the following …
Simple Way to Disable IPV6 in Windows Vista

404 Not Found

http://www.home-network-help.com/disable-ipv6.html

Can I remove the Tunnel adaptors even though IPV6 has not been disabled?

Changing DNS
You recommend DNS Jumper but the software hasn’t been updated since June 2015. I’ve used OpenDns in the past and they’re software is updated regularly. Your thoughts?

Also Reset Browser. Software not updated since Sept. 2015. OK to proceed?

Thanks for the excellent suggestions !!!

«:::F:::» «::️::» «::️::» «:::U:::» «:::L:::» «::⭕::» «:::U:::»«:::S:::» !

Originally posted by Malnutrition

Might not be a bad idea to reset your browsers, considering the age of this machine…

Also, a quick little bit of info to get your internet settings in the optimum area. (y)

Disable IPV6

Configure IPv6 for advanced users - Windows Server | Microsoft Learn

Change some settings.

Use this tool to remove the Tunnel adapters.

Disable Computer Browser Service

Press the Windows + R key at the same time, a Run Window will appear
Type or copy and paste Services.msc hit enter.
Scroll to the Computer Browser Service
Right-Click Computer Browser Service and choose Stop the service.
Right Click Computer Browser Service again select Properties.
Change the Startup type to disabled.

https://windowsinstructed.com/wp-content/uploads/2015/03/8cPC1j3.png

7. Hit Apply then Ok.

Uninstall Netbt Driver.

Press the Windows + R key at the same time, a Run Window will appear.
Now enter or copy and paste devmgmt.msc in the Run Window and click on OK
Click on View and select Show Hidden Devices

[MEDIA=imgur]Crp3oNM[/MEDIA]

Then click on and unfold Non-Plug and Play Driver

https://windowsinstructed.com/wp-con...03/27sS1dS.png

Then find NET BT, Right-click the device and choose to Uninstall the Driver.
Reboot your device when asked.

Hit enter after each command.

Open Start and type cmd, then right-click Command Prompt and choose Run as Administrator
Once Command Prompt has started enter the following command. nbtstat -R
Wait for that command to complete, a new line will appear, now enter the following command. nbtstat -RR

4 Wait for that command to complete, a new line will appear, now enter the following command. Shutdown – R

Disable netbios over tcpip.

Windows key & r at the same time.
Type or copy and paste ncpa.cpl hit enter.
Right click your connection hit properties.
Select internet protocol version 4 then properties.
Select Advanced, then Wins tab.
Put a tick next to Disable Net Bios over TCPIP.

Use DNS Jumper to set your dns to google dns.

Dns Jumper v2.3 - A Free DNS Changer

**Malnutrition** · 11-17-2016, 11:00 PM

Originally posted by Paul Simoes

Can I remove the Tunnel adaptors even though IPV6 has not been disabled?

Yes.

Originally posted by Paul Simoes

Also Reset Browser. Software not updated since Sept. 2015. OK to proceed?

There is no need to have this software updated considering what it does, and it does a fine job of doing.

Originally posted by Paul Simoes

You recommend DNS Jumper but the software hasn’t been updated since June 2015. I’ve used OpenDns in the past and they’re software is updated regularly. Your thoughts?

Yes, there is no need to have the tool updated, since it does what it does just fine. You could use this tool to change your dns in 2070 even if it is not updated from this point on.

**paulwb** · 11-17-2016, 11:44 PM

Great.
I couldn’t disable IPV6. Which process should I use ?

I found this on the net… What do you recommend?

Simple Way to Disable IPV6 in Windows Vista

404 Not Found

http://www.home-network-help.com/disable-ipv6.html

**Malnutrition** · 11-17-2016, 11:46 PM

Just use the link you just posted, and simply untick IPV6, a reboot is required to complete the task. I would not go digging in the registry.

**paulwb** · 11-18-2016, 02:26 AM

OK, here is the SystemLook file …

SystemLook 30.07.11 by jpshortstuff
Log created at 21:01 on 17/11/2016 by psimoes
Administrator - Elevation successful

========== filefind ==========

Searching for “tljkva”
No files found.

Searching for “wayuia”
No files found.

========== Regfind ==========

Searching for “tljkva”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_TLJKVA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_TLJKVA\0000]
“Service”=“tljkva”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_TLJKVA\0000]
“DeviceDesc”=“tljkva”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ LEGACY_TLJKVA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ LEGACY_TLJKVA\0000]
“Service”=“tljkva”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ LEGACY_TLJKVA\0000]
“DeviceDesc”=“tljkva”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_TLJKVA]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_TLJKVA\0000]
“Service”=“tljkva”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_TLJKVA\0000]
“DeviceDesc”=“tljkva”

Searching for “wayuia”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_WAYUIA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_WAYUIA\0000]
“Service”=“wayuia”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\ LEGACY_WAYUIA\0000]
“DeviceDesc”=“wayuia”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ LEGACY_WAYUIA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ LEGACY_WAYUIA\0000]
“Service”=“wayuia”
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\ LEGACY_WAYUIA\0000]
“DeviceDesc”=“wayuia”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_WAYUIA]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_WAYUIA\0000]
“Service”=“wayuia”
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\R oot\LEGACY_WAYUIA\0000]
“DeviceDesc”=“wayuia”

-= EOF =-

**Malnutrition** · 11-18-2016, 02:40 AM

Alright, we will remove those registry keys, but lets make sure nothing else needs to go with it before I make a fix with FRST for you.

ZHP Diag.

Download ZHP Diag to your desktop.

Right Click Run as Admin.
2. Click the Scanner button.

[ATTACH]779[/ATTACH]

When complete please push the report button.
A notepad will open… copy and paste the report in your next reply.

**paulwb** · 11-18-2016, 03:30 AM

Thanks for your quick responses.
Here’s the ZHPDiag scan report …

~ ZHPDiag v2016.11.16.220 By Nicolas Coolman (2016/11/16)
~ Run by psimoes (Administrator) (2016/11/17 22:13:27)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: ZHP
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\psimoes\Desktop\ZHPDiag.txt
~ Report: C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows VISTA, 32-bit Service Pack 2 (Build 6002)

—\ Internet Browsers (4) - 0s
~ GCIE: Google Chrome v49.0.2623.112
~ MFIE: Mozilla Firefox 50.0 (x86 en-US)
~ OPIE: Opera 36.0.2130.80
~ MSIE: Internet Explorer v8.0.6001.19600

—\ Windows Product Information (4) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO

—\ System protection software (3) - 12s
Malwarebytes Anti-Malware version 2.2.1.1043 =>.Software.Protection
Panda Devices Agent v1.08.00 =>.Software.Protection
Panda Free Antivirus v8.31.00 =>.Software.Protection

—\ System protection software (Superfluous) (1) - 13s
Zemana AntiMalware v2.60.1 =>.Software.Superfluous

—\ System optimization software (1) - 13s
CCleaner v5.24 =>.Software.Optimization

—\ Surveillance software (2) - 13s
Adobe Flash Player 23 PPAPI =>.Software.Surveillance
Adobe Reader X =>.Software.Surveillance

—\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3142.876 MB (46% free)
System Restore: Activé (Enable)
System drive C: has 6 GB () free of 189 GB =>Alerte espace disque inférieur à 20 Go

—\ Connection to the system mode (3) - 0s
~ Computer Name: PS-TOSHIBA
~ User Name: psimoes
~ Logged in as Administrator

—\ Enumeration of the disk units (2) - 0s
~ Drive C: has 6 GB free of 189 GB (System)
~ Drive D: has 95 GB free of 190 GB

—\ State of the Windows Security Center (16) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] EnableShellExecuteHooks: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Win dowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

—\ Search Generic System Files (23) - 5s
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - 11/04/2009 - (.Microsoft Corporation - Windows Explorer.) – C:\Windows\Explorer.exe [2926592] =>.Microsoft Corporation
[MD5.4B555106290BD117334E9A08761C035A] - 02/11/2006 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - 20/01/2008 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\Windows\System32\Wininit.exe [96768] =>.Microsoft Corporation
[MD5.0F4E2EB111B898DEF0211D6CFD4A3B0C] - 07/03/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\Windows\System32\wininet.dll [916992] =>.Microsoft Corporation
[MD5.898E7C06A350D4A1A64A9EA264D55452] - 11/04/2009 - (.Microsoft Corporation - Windows Logon Application.) – C:\Windows\System32\Winlogon.exe [314368] =>.Microsoft Corporation
[MD5.85E861D0B88DB2B54ACB0839654C09F7] - 02/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\System32\dnsapi.dll [168448] =>.Microsoft Corporation
[MD5.4A0978779958D8FE8F5849F452BCC812] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\AFD.sys [273408] =>.Microsoft Corporation
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - 11/04/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [19944] =>.Microsoft Windows®
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - 20/01/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\Cdfs.sys [70144] =>.Microsoft Corporation
[MD5.6B4BFFB9BECD728097024276430DB314] - 10/04/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\Cdrom.sys [67072] =>.Microsoft Corporation
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - 14/04/2011 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\DfsC.sys [75264] =>.Microsoft Corporation
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - 10/04/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\HDAudBus.sys [561152] =>.Microsoft Corporation
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - 20/01/2008 - (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [54784] =>.Microsoft Corporation
[MD5.8793643A67B42CEC66490B2A0CF92D68] - 20/01/2008 - (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\IpNat.sys [100864] =>.Microsoft Corporation
[MD5.1B864548B2ACEC1C0BB29B615CC42978] - 05/09/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\MRxSmb.sys [107008] =>.Microsoft Corporation
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - 10/04/2009 - (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netBT.sys [185856] =>.Microsoft Corporation
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - 03/03/2013 - (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [1082232] =>.Microsoft Windows®
[MD5.0FA9B5055484649D63C303FE404E5F4D] - 02/11/2006 - (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - 20/01/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\Rasl2tp.sys [76288] =>.Microsoft Corporation
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - 20/01/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) – C:\Windows\System32\drivers\rdpdr.sys [248832] =>.Microsoft Corporation
[MD5.7B75299A4D201D6A6533603D6914AB04] - 10/04/2009 - (.Microsoft Corporation - SMB Transport driver.) – C:\Windows\System32\drivers\smb.sys [66560] =>.Microsoft Corporation
[MD5.EC565DFA3D9C45D8083B72DEC5B33710] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [72192] =>.Microsoft Corporation
[MD5.786DB5771F05EF300390399F626BF30A] - 21/08/2012 - (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\Windows\System32\drivers\volsnap.sys [224640] =>.Microsoft Windows®

—\ Non Microsoft non disabled Windows Services (28) - 4s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: AffinegyService (AffinegyService) . (.Affinegy, Inc. - BelkinService.) - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe {6A8B8367285B702071BD17F1C2DF68CD}
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\System32\agrsmsvc.exe =>.Agere Systems
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: (AppMgmt) . (…) - C:\Windows\System32\appmgmts.dll (.not file.)
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe =>.ATI Technologies Inc.
O23 - Service: Authentec memory manager service (Authentec memory manager) . (.AuthenTec Inc. - Fingerprint system initialization service.) - C:\Windows\System32\TAMSvr.exe =>.AuthenTec Inc.
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) - C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe =>.AOMEI Tech Co., Ltd.
O23 - Service: Belkin Local Backup Service (Belkin Local Backup Service) . (…) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
O23 - Service: Belkin Network USB Helper (Belkin Network USB Helper) . (…) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe =>.Intel Corporation
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Panda Protection Service (NanoServiceMain) . (.Panda Security, S.L. - Application Host Service.) - C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe =>.Panda Security S.L®
O23 - Service: Online Armor Helper Service (OAcat) . (.Emsisoft GmbH - Online Armor Component.) - C:\Program Files\Online Armor\OAcat.exe =>.Emsisoft GmbH®
O23 - Service: Panda Devices Agent (PandaAgent) . (.Panda Security, S.L. - Agent Service.) - C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe =>.Panda Security S.L®
O23 - Service: Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012 - PassThruSvr Application.) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: pinger (pinger) . (…) - C:\Toshiba\IVP\ISM\pinger.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
O23 - Service: Panda Product Service (PSUAService) . (.Panda Security, S.L. - PSUAService.) - C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe =>.Panda Security S.L®
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe =>.Intel Corporation
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: Online Armor (SvcOnlineArmor) . (.Emsisoft GmbH - Online Armor Component.) - C:\Program Files\Online Armor\OAsrv.exe =>.Emsisoft GmbH®
O23 - Service: Swupdtmr (Swupdtmr) . (…) - c:\Toshiba\IVP\swupdate\swupdtmr.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (…) - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (.not file.)
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (…) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (.not file.)
O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (…) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (.not file.)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe =>.Ulead Systems, Inc.
O23 - Service: ZAM Controller Service (ZAMSvc) . (.Zemana Ltd. - ZAM.) - C:\Program Files\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.®

—\ Services not Microsoft (SR=Run, SS=Stop) (32) - 131s
SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [08/11/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpda teService.exe =>.Adobe Systems Incorporated®
SR - Auto [23/02/2012] [ 563104] AffinegyService (AffinegyService) . (.Affinegy, Inc..) - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe {6A8B8367285B702071BD17F1C2DF68CD}
SR - Auto [05/10/2006] [ 9216] Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems.) - C:\Windows\System32\agrsmsvc.exe =>.Agere Systems
SS - Auto [22/09/2016] [ 67384] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Auto [30/01/2008] [ 643072] (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe =>.ATI Technologies Inc.
SR - Auto [15/10/2007] [ 49152] Authentec memory manager service (Authentec memory manager) . (.AuthenTec Inc..) - C:\Windows\System32\TAMSvr.exe =>.AuthenTec Inc.
SR - Auto [21/08/2014] [ 29912] AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd..) - C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe =>.AOMEI Tech Co., Ltd.
SR - Auto [19/04/2011] [ 152576] Belkin Local Backup Service (Belkin Local Backup Service) . (…) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
SR - Auto [09/02/2010] [ 49152] Belkin Network USB Helper (Belkin Network USB Helper) . (…) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
SR - Auto [12/08/2015] [ 390416] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Auto [08/10/2007] [ 794624] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe =>.Intel Corporation
SS - Demand [02/07/2011] [ 34728] Gizmo Central (Gizmo Central) . (.Arainia Solutions.) - C:\Program Files\Gizmo\gservice.exe =>.Arainia Solutions, LLC®
SS - Demand [12/02/2008] [ 1862144] GoogleDesktopManager (GoogleDesktopManager) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe =>.Google
SS - Auto [28/08/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [28/08/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [21/08/2012] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SS - Demand [14/11/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe =>.Macrovision Corporation
SS - Demand [05/11/2016] [ 172488] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [04/08/2016] [ 153096] Panda Protection Service (NanoServiceMain) . (.Panda Security, S.L..) - C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe =>.Panda Security S.L®
SR - Auto [15/10/2013] [ 584864] Online Armor Helper Service (OAcat) . (.Emsisoft GmbH.) - C:\Program Files\Online Armor\OAcat.exe =>.Emsisoft GmbH®
SR - Auto [19/07/2016] [ 86104] Panda Devices Agent (PandaAgent) . (.Panda Security, S.L..) - C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe =>.Panda Security S.L®
SR - Auto [17/10/2013] [ 166912] Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012.) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
SR - Auto [25/01/2007] [ 136816] pinger (pinger) . (…) - C:\Toshiba\IVP\ISM\pinger.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
SR - Auto [04/08/2016] [ 48584] Panda Product Service (PSUAService) . (.Panda Security, S.L..) - C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe =>.Panda Security S.L®
SR - Auto [08/10/2007] [ 483328] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe =>.Intel Corporation
SS - Demand [08/06/2011] [ 633856] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe =>.Nokia
SS - Auto [20/09/2016] [ 324224] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SS - Auto [20/09/2016] [ 324224] Online Armor (SvcOnlineArmor) . (.Emsisoft GmbH.) - C:\Program Files\Online Armor\OAsrv.exe =>.Emsisoft GmbH®
SR - Auto [20/09/2016] [ 324224] Swupdtmr (Swupdtmr) . (…) - c:\Toshiba\IVP\swupdate\swupdtmr.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
SR - Auto [20/09/2016] [ 324224] Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe =>.Ulead Systems, Inc.
SR - Auto [20/09/2016] [ 324224] ZAM Controller Service (ZAMSvc) . (.Zemana Ltd..) - C:\Program Files\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.®

—\ Task Planned Automatically (18) - 5s
O39 - APT: Unknown - (…) – C:\Windows\Tasks\Adobe Flash Player Updater.job [324224]
O39 - APT: Unknown - (…) – C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [324224]
O39 - APT: Unknown - (…) – C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [324224]
O39 - APT: Unknown - (…) – C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core.job [324224]
O39 - APT: Unknown - (…) – C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA.job [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\Adobe Acrobat Update Task [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\Adobe Flash Player Updater [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\CCleanerSkipUAC [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\CrystalDiskInfo [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1382066025 [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\PCMAgent.exe_1826580705 [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458652480 [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks{C074CB77-8752-4695-819D-DF00F7AAE9A6} [324224]
O39 - APT: Unknown - (…) – C:\Windows\System32\Tasks{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} [324224]

—\ Auto loading programs from Registry and folders (6) - 0s
O4 - HKLM..\Run: [FingerPrintNotifer] . (.AuthenTec, Inc - Fingerprint Suite Notifier Application.) – C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
O4 - HKLM..\Run: [PwdBank] . (.Arachnoid Biometrics Identification Group - .) – C:\Program Files\TrueSuite Access Manager\PwdBank.exe
O4 - HKLM..\Run: [@OnlineArmor GUI] . (.Emsisoft GmbH - Online Armor Component.) – C:\Program Files\Online Armor\OAui.exe =>.Emsisoft GmbH®
O4 - HKLM..\Run: [PSUAMain] . (.Panda Security, S.L. - AV Console.) – C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe =>.Panda Security S.L®
O4 - HKCU..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) – C:\Users\psimoes\AppData\Roaming\mjusbsp\cdloader2 .exe =>.magicJack, L.P.®
O4 - HKUS\S-1-5-21-3399307451-3074549587-1771456082-1000..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) – C:\Users\psimoes\AppData\Roaming\mjusbsp\cdloader2 .exe =>.magicJack, L.P.®

—\ Process running (29) - 3s
[MD5.530FE40A1420E7E3992DDB58AF12B8B9] - (.AuthenTec Inc. - Fingerprint system initialization service.) – C:\Windows\System32\TAMSvr.exe [49152] [PID.1040] =>.AuthenTec Inc.
[MD5.26757A5A06C37EF44BE544EB7E98D9D3] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) – C:\Windows\System32\Ati2evxx.exe [643072] [PID.1104] =>.ATI Technologies Inc.
[MD5.26757A5A06C37EF44BE544EB7E98D9D3] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) – C:\Windows\System32\Ati2evxx.exe [643072] [PID.1584] =>.ATI Technologies Inc.
[MD5.C1342DDE1D9D33B670DC91F146AFEBAA] - (.Emsisoft GmbH - Online Armor Component.) – C:\Program Files\Online Armor\OAcat.exe [584864] [PID.1668] =>.Emsisoft GmbH®
[MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) – C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2388] =>.Adobe Systems, Incorporated®
[MD5.91637684AFBC847A563654C9B39A642C] - (.Affinegy, Inc. - BelkinService.) – C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [563104] [PID.2436] {6A8B8367285B702071BD17F1C2DF68CD}
[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) – C:\Windows\System32\agrsmsvc.exe [9216] [PID.2492] =>.Agere Systems
[MD5.FB6F64FA0C5A2EF8179AEC0C13FA1E3F] - (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) – C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe [29912] [PID.2684] =>.AOMEI Tech Co., Ltd.
[MD5.B899B0945A36FC8DEC8E1B0006B43DB4] - (…) – C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152576] [PID.2732]
[MD5.E23AF2900A4E3CA7FF22F1C80A013305] - (…) – C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152] [PID.2768]
[MD5.5EA9C80F18CBC393EA7D9A2991DED4B5] - (.Apple Inc. - Bonjour Service.) – C:\Program Files\Bonjour\mDNSResponder.exe [390416] [PID.2812] =>.Apple Inc.®
[MD5.F10E7AA8BDF4488E3DFA989B8E7F7C9F] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) – C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [794624] [PID.3136] =>.Intel Corporation
[MD5.984A6039BC06C2857599AF2CF8A40AD8] - (.Panda Security, S.L. - Application Host Service.) – C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [153096] [PID.3396] =>.Panda Security S.L®
[MD5.823079C4FF6CE5AB1C61A332FFA8918E] - (.Panda Security, S.L. - Agent Service.) – C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [86104] [PID.3508] =>.Panda Security S.L®
[MD5.446462BBA744DA60379574926FD51EAB] - (.Copyright (C) 2012 - PassThruSvr Application.) – C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912] [PID.3592]
[MD5.6DBF2AC2BDAFF355995AB25ECCC4CFE1] - (…) – C:\Toshiba\IVP\ISM\pinger.exe [136816] [PID.3656] =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
[MD5.D6BB4A20AED4C85645494C1B0C2D1472] - (.Panda Security, S.L. - PSUAService.) – C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [48584] [PID.3740] =>.Panda Security S.L®
[MD5.7274BD434B6165BAA382BDD87F6CA4CE] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) – C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [483328] [PID.3804] =>.Intel Corporation
[MD5.E1292C1ED4DEB17B8A9B586D22CB2061] - (…) – c:\Toshiba\IVP\swupdate\swupdtmr.exe [66928] [PID.4004] =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
[MD5.332D341D92B933600D41953B08360DFB] - (.Ulead Systems, Inc. - ULCDRSvr.) – C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.1504] =>.Ulead Systems, Inc.
[MD5.FB01D4AE207B9EFDBABFC55DC95C7E31] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536] [PID.2696] =>.Microsoft Corporation®
[MD5.C649F293B8B047A2694F3C615D09BF17] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [193920] [PID.2900] =>.Microsoft Corporation®
[MD5.ADE093D9F6D3FE36B0A0F66F0EC84598] - (.Zemana Ltd. - ZAM.) – C:\Program Files\Zemana AntiMalware\ZAM.exe [13900016] [PID.3652] =>.Zemana Ltd.®
[MD5.661AA917612243229CE7AEF66FDBF81E] - (.AuthenTec, Inc - Fingerprint Suite Notifier Application.) – C:\Program Files\TrueSuite Access Manager\FpNotifier.exe [671744] [PID.2228]
[MD5.7961110EA15F869E1DAA820D335A9C35] - (.Arachnoid Biometrics Identification Group - .) – C:\Program Files\TrueSuite Access Manager\PwdBank.exe [3150848] [PID.5076]
[MD5.8C9E624E902A40A8FCDEB35D676455BC] - (.Panda Security, S.L. - AV Console.) – C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [109824] [PID.5588] =>.Panda Security S.L®
[MD5.BA6FEF846B9633C21149D3D8CE67BAA4] - (.Arachnoid Biometrics Identification Group Corp. - .) – C:\Program Files\TrueSuite Access Manager\CssSvr.exe [163840] [PID.5108] =>.Arachnoid Biometrics Identification Group Corp.
[MD5.CB64D7154D984DE902C85E4E02B80215] - (.Crystal Dew World - CrystalDiskInfo.) – C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_ 2\DiskInfo.exe [2385016] [PID.6032] =>.Noriyuki MIYAZAKI®
[MD5.545706A0FA9B65DF1F5E5F3E2ED50184] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\psimoes\Desktop\ZHPDiag3.exe [2455040] [PID.5424] =>.Nicolas Coolman

—\ Google Chrome, Start,Search,Extensions (35) - 2s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients4.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchelpforum.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.ca =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] MSG_tv_name
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [clljlcapeomdokpgadmegpabakieebci] Thesaurus.com - Synonyms and Antonyms
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dadgddaepklpemjojmnhgdjmmkmefihe] Learn Italian - Molto Bene
G2 - GCE: Preference [User Data\Default] [egfjlnahigndmbebpdhnnkcfnahhhglp] Trading Dashboard to Fructify your Money
G2 - GCE: Preference [User Data\Default] [ehmnelfmlmpladgddfgghoaigjhfkhdj] Zoho Invoice and Time Tracking
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gmbmikajjgmnabiglmofipeabaddhgne] MSG_CHROME_EXTENSION_NAME
G2 - GCE: Preference [User Data\Default] [hihbikoooaenkpdooehgemieligjejcb] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [iaichpenkdlohcjgagagapnegbjmfnfh] Learn Portuguese - Tudo Bem
G2 - GCE: Preference [User Data\Default] [kajibbejlbohfaggdiogboambcijhkke] MSG_ext_name
G2 - GCE: Preference [User Data\Default] [mdanidgdpmkimeiiojknlnekblgmpdll] Boomerang for Gmail
G2 - GCE: Preference [User Data\Default] [meddmiakkfjlledfhjljjjdebajikafa] Vend
G2 - GCE: Preference [User Data\Default] [ndnaehgpjlnokgebbaldlmgkapkpjkkb] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nnbmlagghjjcbdhgmkedmbmedengocbn] MSG_ext_name
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pmcdjmebmeoobmdghjbjhbifoocbcmaj] Learn Spanish - Qué Onda
G2 - GCE: Preference [User Data\Default] [pnnfemgpilpdaojpnkjdgfgbnnjojfik] Google Chrome manifest =>.Google Inc.

—\ Mozilla Firefox,Plugins,Start,Search,Extensions (4) - 2s
P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) – C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated®
P2 - EXT: (…) – C:\Program Files\Mozilla Firefox\Plugins\QuickTimePlugin.class
P2 - EXT: (…) – C:\Users\psimoes\AppData\Roaming\Mozilla\Extension s{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\System32\Macromed\Flash\NPSWF32_23_0_0_ 207.dll =>.Adobe Systems Incorporated

—\ Opera, Plugins,Start,Search (1) - 0s
B0 - SPO: C:\Users\psimoes\AppData\Roaming\Opera\Opera\opera prefs.ini [psimoes] https://accounts.google.com/ServiceL...che=2&hl=en-GB

—\ Internet Explorer Extensions, Start, Search (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

—\ Internet Explorer, Proxy Management (6) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0

—\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL “sysdm.cpl”

—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

—\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) – C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®

—\ Global shortcuts Startup (195) - 24s
O4 - GS\Desktop [Administrator]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [Administrator]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_ 2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [Administrator]: Downloads - Shortcut.lnk . (…) C:\Users\psimoes\Downloads
O4 - GS\Desktop [Administrator]: Edu - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [Administrator]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [Administrator]: Ideal DVD Copy.lnk . (…) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [Administrator]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Learned_optimism_ho w_to_change your mind and your life.pdf
O4 - GS\Desktop [Administrator]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [Administrator]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [Administrator]: MMFX Webinars - Shortcut.lnk . (…) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [Administrator]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [Administrator]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [Administrator]: PC_Info - Shortcut.lnk . (…) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Administrator]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamVi ewer.exe =>.TeamViewer®
O4 - GS\Desktop [Administrator]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\R osetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [Administrator]: Videos - Shortcut.lnk . (…) C:\Users\psimoes\Videos
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Microsoft Office Picture Manager.lnk . (…) C:\Windows\Installer{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [Administrator]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [Administrator]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Programs [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [Administrator]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [Guest]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_ 2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [Guest]: Downloads - Shortcut.lnk . (…) C:\Users\psimoes\Downloads
O4 - GS\Desktop [Guest]: Edu - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [Guest]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [Guest]: Ideal DVD Copy.lnk . (…) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [Guest]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Learned_optimism_ho w_to_change your mind and your life.pdf
O4 - GS\Desktop [Guest]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [Guest]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [Guest]: MMFX Webinars - Shortcut.lnk . (…) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [Guest]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [Guest]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [Guest]: PC_Info - Shortcut.lnk . (…) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Guest]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamVi ewer.exe =>.TeamViewer®
O4 - GS\Desktop [Guest]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\R osetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [Guest]: Videos - Shortcut.lnk . (…) C:\Users\psimoes\Videos
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Microsoft Office Picture Manager.lnk . (…) C:\Windows\Installer{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [Guest]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [Guest]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Programs [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [Guest]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Desktop [psimoes]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [psimoes]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_ 2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [psimoes]: Downloads - Shortcut.lnk . (…) C:\Users\psimoes\Downloads
O4 - GS\Desktop [psimoes]: Edu - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [psimoes]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [psimoes]: Ideal DVD Copy.lnk . (…) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [psimoes]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Learned_optimism_ho w_to_change your mind and your life.pdf
O4 - GS\Desktop [psimoes]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [psimoes]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [psimoes]: MMFX Webinars - Shortcut.lnk . (…) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [psimoes]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [psimoes]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [psimoes]: PC_Info - Shortcut.lnk . (…) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [psimoes]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [psimoes]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamVi ewer.exe =>.TeamViewer®
O4 - GS\Desktop [psimoes]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\R osetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [psimoes]: Videos - Shortcut.lnk . (…) C:\Users\psimoes\Videos
O4 - GS\Desktop [psimoes]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [psimoes]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [psimoes]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [psimoes]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [psimoes]: Microsoft Office Picture Manager.lnk . (…) C:\Windows\Installer{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [psimoes]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [psimoes]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [psimoes]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [psimoes]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [psimoes]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [psimoes]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [psimoes]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [psimoes]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Programs [psimoes]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [psimoes]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [psimoes]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Desktop [torrents]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [torrents]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_ 2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [torrents]: Downloads - Shortcut.lnk . (…) C:\Users\psimoes\Downloads
O4 - GS\Desktop [torrents]: Edu - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [torrents]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [torrents]: Ideal DVD Copy.lnk . (…) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [torrents]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (…) C:\Users\psimoes\Documents\Edu\Learned_optimism_ho w_to_change your mind and your life.pdf
O4 - GS\Desktop [torrents]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [torrents]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [torrents]: MMFX Webinars - Shortcut.lnk . (…) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [torrents]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [torrents]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [torrents]: PC_Info - Shortcut.lnk . (…) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [torrents]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [torrents]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamVi ewer.exe =>.TeamViewer®
O4 - GS\Desktop [torrents]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\R osetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [torrents]: Videos - Shortcut.lnk . (…) C:\Users\psimoes\Videos
O4 - GS\Desktop [torrents]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [torrents]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [torrents]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [torrents]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [torrents]: Microsoft Office Picture Manager.lnk . (…) C:\Windows\Installer{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [torrents]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [torrents]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [torrents]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [torrents]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [torrents]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [torrents]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [torrents]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [torrents]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Programs [torrents]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [torrents]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [torrents]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: AOMEI Backupper Standard Edition 2.0.2.lnk . (.AOMEI Tech Co., Ltd. - AOMEI Backupper.) C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\Backupper.exe =>.AOMEI Tech Co., Ltd.
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Gizmo.lnk . (.Arainia Solutions - Gizmo Central.) C:\Program Files\Gizmo\gizmo.exe =>.Arainia Solutions, LLC®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: ImgBurn.lnk . (.LIGHTNING UK! - ImgBurn - The Ultimate Image Burner!.) C:\Program Files\ImgBurn\ImgBurn.exe =>.LIGHTNING UK!
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Network Recording Player.lnk . (.Cisco WebEx LLC - NBR Player Execute Module.) C:\ProgramData\WebEx\WebEx\500\nbrplay.exe =>.Cisco WebEx LLC®
O4 - GS\CommonDesktop [Public]: Panda Free Antivirus.lnk . (.Panda Security, S.L. - AV Console.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe =>.Panda Security S.L®
O4 - GS\CommonDesktop [Public]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files\Google\Picasa3\Picasa3.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe =>.VS Revo Group®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (…) C:\Windows\Installer{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: Snagit 11.lnk . (.TechSmith Corporation - Snagit.) C:\Program Files\TechSmith\Snagit 11\Snagit32.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: User’s Guide.lnk . (…) C:\docs\userguide.pdf
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: Zemana AntiMalware.lnk . (.Zemana Ltd. - ZAM.) C:\Program Files\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJack Loader.exe =>.magicJack, L.P.®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\System32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\System32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Sidebar.) C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\System32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\Windows\System32\control.exe /name Microsoft.WelcomeCenter =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Microsoft® Windows Backup.) C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Windows Easy Transfer.) C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Windows®
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (…) C:\Windows\System32\taskschd.msc /s
O4 - GS\ProgramsCommon [Public]: Acrobat.com.lnk . (…) C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe
O4 - GS\ProgramsCommon [Public]: Adobe Reader X.lnk . (…) C:\Windows\Installer{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (…) C:\Windows\Installer{56EC47AA-5813-4FF6-8E75-544026FBEA83}\AppleSoftwareUpdateIco.exe
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: ImgBurn.lnk . (.LIGHTNING UK! - ImgBurn - The Ultimate Image Burner!.) C:\Program Files\ImgBurn\ImgBurn.exe =>.LIGHTNING UK!
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Opera 36.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\ProgramsCommon [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Windows Calendar.) C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Windows DVD Maker.) C:\Program Files\Movie Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) C:\Program Files\Windows Live\Messenger\msnmsgr.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Windows Photo Gallery.) C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation

—\ Lop.com/Domain Hijackers (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = Belkin
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}: NameServer = 8.8.8.8,8.8.4.4,192.168.2.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}: DhcpNameServer = 192.168.2.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{1D540E3C-1399-47A6-BADF-78CB0BFC08EB}: DhcpDomain = Belkin
O17 - HKLM\System\CCS\Services\Tcpip..{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}: DhcpDomain = Belkin

—\ Extra protocols (28) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) – C:\Program Files\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) – C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) – C:\Program Files\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) – C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®

—\ Software installed (141) - 41s
O42 - Logiciel: 7-Zip 4.65 - (…) [HKLM] – 7-Zip
O42 - Logiciel: 7-Zip 9.20 - (.Igor Pavlov.) [HKLM] – {23170F69-40C1-2701-0920-000001000000} =>.Igor Pavlov
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] – {77DCDCE3-2DED-62F3-8154-05E745472D07} =>.Adobe Systems Incorporated
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] – com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B32048 5DF8CE.1 =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] – {BBEC10F9-AC15-41EE-A271-0B1077F53740} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] – Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 23 ActiveX - (.Adobe Systems Incorporated.) [HKLM] – Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 23 NPAPI - (.Adobe Systems Incorporated.) [HKLM] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 23 PPAPI - (.Adobe Systems Incorporated.) [HKLM] – Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader X (10.1.16) - (.Adobe Systems Incorporated.) [HKLM] – {AC76BA86-7AD7-1033-7B44-AA1000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] – {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated
O42 - Logiciel: Aiseesoft Blu-ray Ripper - (…) [HKLM] – Aiseesoft Blu-ray Ripper_is1
O42 - Logiciel: Aiseesoft Streaming Video Recorder - (…) [HKLM] – Aiseesoft Streaming Video Recorder_is1
O42 - Logiciel: AOMEI Backupper Standard Edition 2.0.2 - (.AOMEI Technology Co., Ltd..) [HKLM] – {A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}is1 =>.AOMEI Technology Co., Ltd.
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] – {D9F3D66A-9885-4DDD-A800-9DDF488359A1} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] – {56EC47AA-5813-4FF6-8E75-544026FBEA83} =>.Apple Inc.
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] – {53BB9294-6E76-4853-4130-1CD0A01EAE45} =>.ATI Technologies, Inc.
O42 - Logiciel: Belkin Setup and Router Monitor - (…) [HKLM] – Belkin Setup and Router Monitor_is1
O42 - Logiciel: Belkin USB Print and Storage Center - (.Belkin International, Inc..) [HKLM] – Belkin USB Print and Storage Center =>.Belkin International, Inc.
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] – {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} =>.Toshiba Corporation
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] – {D168AAD0-6686-47C1-B599-CDD4888B9D1A} =>.Apple Inc.
O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] – {37C866E4-AA67-4725-9E95-A39968DD7960} =>.Macrovision Corporation®
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] – {D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941} =>.ATI
O42 - Logiciel: Catalyst Control Center Core Implementation - (.ATI.) [HKLM] – {91B067A5-89C8-3C29-57EE-597034D56D42} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Full Existing - (.ATI.) [HKLM] – {44AB916C-E8AE-3A81-269A-2A55C4802C7A} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Full New - (.ATI.) [HKLM] – {1D88A6A6-C2C6-3E2F-DDB6-A635090141B0} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Light - (.ATI.) [HKLM] – {507DB37B-FFE7-429E-FF1B-D46F3BB0FE96} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Previews Vista - (.ATI.) [HKLM] – {CB685FA8-9C7A-73F5-3BBF-38B8F63A1C48} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Chinese Standard - (.ATI.) [HKLM] – {C19D5636-D868-57D1-A36E-EF1056E9813C} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Chinese Traditional - (.ATI.) [HKLM] – {09527978-C15B-6AF8-5582-C9784F8F3B69} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Dutch - (.ATI.) [HKLM] – {EFD48405-94CC-71B6-A915-5B0121C6C7E3} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization French - (.ATI.) [HKLM] – {DECF4937-8E72-5723-E82E-74A566F73197} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization German - (.ATI.) [HKLM] – {9607BEEE-ED89-FE20-C992-AF3DC46EBEB5} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Italian - (.ATI.) [HKLM] – {54E1A977-FC97-AAAB-A3C2-CA8ED6545951} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Japanese - (.ATI.) [HKLM] – {0AB16A24-2465-0F1A-C12E-BFAB6F612191} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Korean - (.ATI.) [HKLM] – {48284361-3F81-8AD3-0630-72AEDB614936} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Portuguese - (.ATI.) [HKLM] – {16E42331-56E6-53BC-428C-6E2020E58025} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Spanish - (.ATI.) [HKLM] – {25F83D04-6D32-5AAD-C057-AEA7B8C746E3} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Swedish - (.ATI.) [HKLM] – {0A6A6F94-7EFC-2FEA-CC70-FB6A22188F88} =>.ATI
O42 - Logiciel: ccc-core-static - (.ATI.) [HKLM] – {AF8B7B36-0427-22DD-8005-07869A67CE20} =>.ATI
O42 - Logiciel: ccc-utility - (.ATI.) [HKLM] – {1B8FAB81-0811-FAE4-A77C-33683B43A9D8} =>.ATI
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] – CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cisco WebEx Meetings - (.Cisco WebEx LLC.) [HKLM] – ActiveTouchMeetingClient =>.Cisco WebEx LLC®
O42 - Logiciel: Citrix Online Launcher - (.Citrix.) [HKLM] – {678753E6-E526-4AE5-A144-00240772543A} =>.Citrix
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] – {90120000-0020-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Cover Commander 3.0 by Insofta Development - (.Insofta Development.) [HKLM] – Cover Commander
O42 - Logiciel: CyberLink PowerCinema for TOSHIBA - (.CyberLink Corp..) [HKLM] – {2637C347-9DAD-11D6-9EA2-00055D0CA761} =>.CyberLink Corp.
O42 - Logiciel: CyberLink PowerCinema for TOSHIBA - (.CyberLink Corp..) [HKLM] – InstallShield{2637C347-9DAD-11D6-9EA2-00055D0CA761} =>.CyberLink®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] – {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] – {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485} =>.Ulead Systems, Inc.
O42 - Logiciel: FileASSASSIN - (.Malwarebytes.) [HKLM] – FileASSASSIN =>.Malwarebytes
O42 - Logiciel: Folder Lock - (.New Sofware.net Inc..) [HKCU] – FolderLock6
O42 - Logiciel: FXCM Trading Station - (.FXCM.) [HKLM] – {494367EC-82A9-4C0D-A788-74A967998E8C} =>.FXCM
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] – {206FD69B-F9FE-4164-81BD-D52552BC9C23} =>.Symantec Corporation
O42 - Logiciel: Gizmo Central - (.Arainia Solutions, LLC.) [HKLM] – Gizmo Central =>.Arainia Solutions, LLC®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] – Google Chrome =>.Google Inc®
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] – Google Desktop =>.Google Inc.®
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM] – {F9B579C2-D854-300A-BE62-A09EB9D722E4} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] – {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: GoToMeeting 7.16.0.4800 - (.CitrixOnline.) [HKCU] – GoToMeeting =>.Citrix Online®
O42 - Logiciel: HTC BMP USB Driver - (.HTC.) [HKLM] – {31A559C1-9E4D-423B-9DD3-34A6C5398752} =>.HTC
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM] – {6D6664A9-3342-4948-9B7E-034EFE366F0F} =>.HTC Corporation
O42 - Logiciel: Ideal DVD Copy V4.1.2 - (.Ideal DVD Software, Inc..) [HKLM] – Ideal DVD Copy_is1
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] – ImgBurn =>.LIGHTNING UK!
O42 - Logiciel: Intel(R) PROSet/Wireless Software - (.Intel Corporation.) [HKLM] – ProInst =>.Intel Corporation - Mobile Wireless Group®
O42 - Logiciel: Intel® Matrix Storage Manager - (…) [HKLM] – {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} =>.Intel Corporation®
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM] – {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] – {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
O42 - Logiciel: Logitech Unifying Software 2.50 - (.Logitech.) [HKLM] – Logitech Unifying =>.Logitech
O42 - Logiciel: magicJack - (.magicJack L.P..) [HKCU] – magicJack =>.magicJack, L.P.®
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM] – Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: mCorev32.ism_new - (.Intel Corporation.) [HKLM] – {A945BD16-4774-4A1F-96A7-118BEC004881} =>.Intel Corporation
O42 - Logiciel: mCPlug - (.Intel Corporation.) [HKLM] – {F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F} =>.Intel Corporation
O42 - Logiciel: mHelp - (.Intel.) [HKLM] – {8C6BB412-D3A8-4AAE-A01B-35B681789D68} =>.Intel
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] – {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] – {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] – {15BC8CD0-A65B-47D0-A2DD-90A824590FA8} =>.Microsoft Corporation
O42 - Logiciel: Microsoft XML Parser - (.Microsoft Corporation.) [HKLM] – {B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE} =>.Microsoft Corporation
O42 - Logiciel: mMHouse - (.Intel Corporation.) [HKLM] – {F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} =>.Intel Corporation
O42 - Logiciel: Mozilla Firefox 50.0 (x86 en-US) - (.Mozilla.) [HKLM] – Mozilla Firefox 50.0 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] – MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: mPfMgr - (.Intel Corporation.) [HKLM] – {8B928BA1-EDEC-4227-A2DA-DD83026C36F5} =>.Intel Corporation
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] – {AF111648-99A1-453E-81DD-80DBBF6DAD0D} =>.Nokia
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] – {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] – {C523D256-313D-4866-B36A-F3DE528246EF} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] – {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] – {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] – {196467F1-C11F-4F76-858B-5812ADC83B94} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2721691) - (.Microsoft Corporation.) [HKLM] – {355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] – {1D95BA90-F4F8-47EC-A882-441C99D30C1E} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] – {859DFA95-E4A6-48CD-B88E-A3E483E89B44} =>.Microsoft Corporation
O42 - Logiciel: Network Recording Player - (.Cisco WebEx LLC.) [HKLM] – {FDA24BB0-8462-4356-B30E-C74FDC25C6DF} =>.Cisco WebEx LLC
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] – {2D99A593-C841-43A7-B7C9-D6F3AE70B756} =>.Nokia
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] – {D0D14551-3A2D-433B-861F-F4DCE5422759} =>.Nokia
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] – Nokia PC Suite =>.Nokia®
O42 - Logiciel: Online Armor 6.0 - (.Emsisoft GmbH.) [HKLM] – OnlineArmor_is1 =>.Emsisoft GmbH®
O42 - Logiciel: Opera Stable 36.0.2130.80 - (.Opera Software.) [HKLM] – Opera 36.0.2130.80 =>.Opera Software ASA®
O42 - Logiciel: Panda Devices Agent - (.Panda Security.) [HKLM] – {3F9548B2-0B34-4453-A92E-35056B053F19} =>.Panda Security
O42 - Logiciel: Panda Devices Agent - (.Panda Security.) [HKLM] – Panda Devices Agent =>.Panda Security
O42 - Logiciel: Panda Free Antivirus - (.Panda Security.) [HKLM] – {62692A64-8661-4040-AC6C-F24E48393E20} =>.Panda Security
O42 - Logiciel: Panda Free Antivirus - (.Panda Security.) [HKLM] – Panda Universal Agent Endpoint =>.Panda Security S.L®
O42 - Logiciel: Panda Safe Web - (.Panda Security and Visicom Media Inc..) [HKLM] – pandasecuritytb
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] – {C373F7C4-05D2-4047-96D1-6AF30661C6AA} =>.Nokia
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] – Picasa 3 =>.Google, Inc.
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] – {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} =>Riskware.QuickTime
O42 - Logiciel: Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Window - (.Realtek.) [HKLM] – {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Macrovision Corporation®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.
O42 - Logiciel: Revo Uninstaller 2.0.1 - (.VS Revo Group, Ltd..) [HKLM] – {A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}is1 =>.VS Revo Group, Ltd.
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 - (…) [HKLM] – {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: Security Update for Windows Media Encoder (KB2447961) - (.Microsoft Corporation.) [HKLM] – KB2447961 =>.Microsoft Corporation
O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.) [HKLM] – KB954156 =>.Microsoft Corporation
O42 - Logiciel: Security Update for Windows Media Encoder (KB979332) - (.Microsoft Corporation.) [HKLM] – KB979332 =>.Microsoft Corporation
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] – {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} =>.Microsoft Corp
O42 - Logiciel: Skins - (.ATI.) [HKLM] – {F06B8809-3C26-E6A0-3D80-084331666B73} =>.ATI
O42 - Logiciel: Skype™ 7.29 - (.Skype Technologies S.A..) [HKLM] – {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
O42 - Logiciel: Snagit 11 - (.TechSmith Corporation.) [HKLM] – {A56C6348-59D0-433B-A48A-75914858664E} =>.TechSmith Corporation
O42 - Logiciel: SnagIt 9 - (.TechSmith Corporation.) [HKLM] – {59991D18-A988-45AB-B1BF-5ADE6E64CD3F} =>.TechSmith Corporation
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] – {AC76BA86-7AD7-5464-3428-900000000004} =>.Adobe Systems Incorporated
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] – SynTPDeinstKey =>.Synaptics
O42 - Logiciel: TOSHIBA Software Upgrades - (.TOSHIBA.) [HKLM] – {425A2BC2-AA64-4107-9C29-484245BBEA05} =>.TOSHIBA
O42 - Logiciel: TOSHIBA Speech System Applications - (…) [HKLM] – {EE033C1F-443E-41EC-A0E2-559B539A4E4D}
O42 - Logiciel: TOSHIBA Speech System SR Engine(U.S.) Version1.0 - (…) [HKLM] – {008D69EB-70FF-46AB-9C75-924620DF191A}
O42 - Logiciel: TOSHIBA Speech System TTS Engine(U.S.) Version1.0 - (…) [HKLM] – {3FBF6F99-8EC6-41B4-8527-0A32241B5496}
O42 - Logiciel: TOSHIBA Supervisor Password - (…) [HKLM] – {4B1E87C3-00DE-4898-8E39-E390AAEF2391}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] – {FEDD27A0-B306-45EF-BF58-B527406B42C8} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] – InstallShield{FEDD27A0-B306-45EF-BF58-B527406B42C8} =>.Toshiba Corporation
O42 - Logiciel: TrueSuite Access Manager - (.ABIG.) [HKLM] – {A2075A09-28AA-4D30-9BCC-82EAD9FA51BD} =>.Macrovision Corporation®
O42 - Logiciel: TRW conferencing - (.Digitalweb.) [HKLM] – {E23E9487-2B6B-42CA-AE8D-E2369563AB02}
O42 - Logiciel: TurboMeeting - (.RHUB Communications, Inc..) [HKCU] – TurboMeeting =>.RHUB Communications Inc®
O42 - Logiciel: Unlocker 1.9.0 - (.Cedrick Collomb.) [HKLM] – Unlocker =>.Cedrick Collomb
O42 - Logiciel: Video Mover - (…) [HKLM] – Video Mover_is1
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] – VLC media player =>.VideoLAN
O42 - Logiciel: Windows Driver Package - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM] – E0AC723A3DE3A04256288CADBBB011B112AED454 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM] – 72A50F48CC5601190B9C4E74D81161693133E7F7 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] – 504244733D18C8F63FF584AEB290E3904E791693 =>.Microsoft Windows®
O42 - Logiciel: Windows Media Encoder 9 Series - (…) [HKLM] – Windows Media Encoder 9
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] – {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} =>.Microsoft Corporation
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] – WinPcapInst =>.CACE Technologies
O42 - Logiciel: Your monster voice 1 - (…) [HKLM] – Your monster voice 1
O42 - Logiciel: Zemana AntiMalware - (.Zemana Ltd..) [HKLM] – {8F0CD7D1-42F3-4195-95CD-833578D45057}_is1 =>.Zemana Ltd.®

—\ HKCU & HKLM Software Keys (185) - 42s
HKLM\SOFTWARE\2BrightSparks =>.2BrightSparks
HKLM\SOFTWARE\7-PDF =>.7-PDF
HKLM\SOFTWARE\7-Zip =>.Igor Pavlov
HKLM\SOFTWARE\Acronis =>.Acronis
HKLM\SOFTWARE\ActiveTouch
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\AdwCleaner =>.Malwarebytes
HKLM\SOFTWARE\Affinegy
HKLM\SOFTWARE\Agere
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Arainia =>.Arainia Solutions, LLC
HKLM\SOFTWARE\ASProtect
HKLM\SOFTWARE\ATI =>.ATI
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Auslogics =>.Auslogics
HKLM\SOFTWARE\AuthenTec =>.AuthenTec
HKLM\SOFTWARE\BCL Technologies =>.BCL Technologies
HKLM\SOFTWARE\Belkin =>.Belkin
HKLM\SOFTWARE\CandleWorks
HKLM\SOFTWARE\Citrix =>.Citrix
HKLM\SOFTWARE\CodeGear =>.CodeGear
HKLM\SOFTWARE\ComodoGroup =>.ComodoGroup
HKLM\SOFTWARE\CyberLink =>.CyberLink
HKLM\SOFTWARE\Data Fellows
HKLM\SOFTWARE\DivXNetworks =>.DivXNetworks
HKLM\SOFTWARE\Eset =>.ESET
HKLM\SOFTWARE\F-Secure =>.F-Secure
HKLM\SOFTWARE\GEAR Software =>.GEAR Software
HKLM\SOFTWARE\Global IP Solutions
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\HTC =>.HTC
HKLM\SOFTWARE\idc
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\ImgBurn
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\InstallShield =>.InstallShield
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\InterVideo =>.InterVideo
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Kodak =>.Kodak
HKLM\SOFTWARE\Licenses =>.Microsoft Corporation
HKLM\SOFTWARE\Logitech =>.Logitech
HKLM\SOFTWARE\Lucent
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
HKLM\SOFTWARE\McAfee =>.McAfee
HKLM\SOFTWARE\MetaQuotes Software =>.MetaQuotes Software
HKLM\SOFTWARE\MicroWorld
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Napster
HKLM\SOFTWARE\NCH Software =>.NCH Software
HKLM\SOFTWARE\NCH Swift Sound =>.NCH Swift Sound
HKLM\SOFTWARE\Netscape =>.Netscape
HKLM\SOFTWARE\Nokia =>.Nokia
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Online Armor
HKLM\SOFTWARE\Opera Software =>.Opera Software
HKLM\SOFTWARE\Panda Security =>.Panda Security
HKLM\SOFTWARE\Panda Software =>.Panda Software
HKLM\SOFTWARE\pandasecuritytb
HKLM\SOFTWARE\Patch My PC
HKLM\SOFTWARE\PC Connectivity Solution
HKLM\SOFTWARE\PCSuite
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\Realtek =>.Realtek
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\RTLSetup
HKLM\SOFTWARE\RtWLan =>.REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\Sonic =>.Sonic
HKLM\SOFTWARE\SRS Labs =>.SRS Labs
HKLM\SOFTWARE\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
HKLM\SOFTWARE\Swearware =>.Swearware
HKLM\SOFTWARE\Sxuptp Driver
HKLM\SOFTWARE\SymNRT
HKLM\SOFTWARE\Synaptics =>.Synaptics
HKLM\SOFTWARE\Sys Modules
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\TechSmith =>.TechSmith
HKLM\SOFTWARE\The Silicon Realms Toolworks
HKLM\SOFTWARE\Toshiba =>.TOSHIBA
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\TrueSuite Access Manager
HKLM\SOFTWARE\Ulead Systems =>.Ulead Systems
HKLM\SOFTWARE\Unlocker
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\VidSoft
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\Waves Audio
HKLM\SOFTWARE\WebEx
HKLM\SOFTWARE\WildTangent =>.WildTangent
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WiseCleaner =>.wisecleaner
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Zemana =>.Zemana
HKLM\SOFTWARE\ZmnGlobalSDK =>.Zemana Ltd
HKCU\SOFTWARE\2BrightSparks =>.2BrightSparks
HKCU\SOFTWARE\7-Zip =>.Igor Pavlov
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Affinegy
HKCU\SOFTWARE\AnVir
HKCU\SOFTWARE\AOMEI
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\Arainia =>.Arainia Solutions, LLC
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\ATI Technologies Inc. =>.ATI Technologies Inc.
HKCU\SOFTWARE\Belkin =>.Belkin
HKCU\SOFTWARE\CEC_CM_SW
HKCU\SOFTWARE\Citrix =>.Citrix
HKCU\SOFTWARE\ComodoGroup =>.ComodoGroup
HKCU\SOFTWARE\CyberLink =>.CyberLink
HKCU\SOFTWARE\DataLode
HKCU\SOFTWARE\DigitalWeb
HKCU\SOFTWARE\DVD Decrypter
HKCU\SOFTWARE\DVD Shrink =>.DVD Shrink
HKCU\SOFTWARE\EasyBits =>.EasyBits
HKCU\SOFTWARE\ESET =>.ESET
HKCU\SOFTWARE\Facebook =>.Facebook
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\Garmin =>.Garmin
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\giveawayoftheday.com
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\ImgBurn
HKCU\SOFTWARE\Insofta Development
HKCU\SOFTWARE\InterVideo =>.InterVideo
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Logitech =>.Logitech
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\MainConcept =>.MainConcept
HKCU\SOFTWARE\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
HKCU\SOFTWARE\McAfee =>.McAfee
HKCU\SOFTWARE\Memeo =>.Memeo
HKCU\SOFTWARE\MetaQuotes Software =>.MetaQuotes Software
HKCU\SOFTWARE\MicroWorld
HKCU\SOFTWARE\MimarSinan =>.Mimar Sinan
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\NCH Software =>.NCH Software
HKCU\SOFTWARE\NCH Swift Sound =>.NCH Swift Sound
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nokia =>.Nokia
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\OnlineArmor
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\Perfect Uninstaller
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Raxco
HKCU\SOFTWARE\Realtek =>.Realtek
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\SkypeApps
HKCU\SOFTWARE\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\talk4free
HKCU\SOFTWARE\TechSmith =>.TechSmith
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\TOSHIBA =>.TOSHIBA
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TrueSuite Access Manager
HKCU\SOFTWARE\Ulead
HKCU\SOFTWARE\Ulead Systems =>.Ulead Systems
HKCU\SOFTWARE\VidSoft
HKCU\SOFTWARE\VS Revo Group =>.VS Revo Group
HKCU\SOFTWARE\WebEx
HKCU\SOFTWARE\Wget
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZebHelpProcess Helper =>.Nicolas Coolman
HKCU\SOFTWARE\Zemana =>.Zemana
HKCU\SOFTWARE\AppDataLow\LastScanTime
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\panda
HKCU\SOFTWARE\AppDataLow\Software\pandasecuritytb

—\ Contents of the Common Files folders (334) - 47s
O43 - CFD: 25/02/2016 - D – C:\Program Files\2BrightSparks =>.2BrightSparks
O43 - CFD: 08/03/2013 - D – C:\Program Files\7-Zip =>.Igor Pavlov
O43 - CFD: 17/11/2016 - D – C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 06/09/2015 - D – C:\Program Files\Adware-Removal-Tool =>.Pawan Kumar®
O43 - CFD: 14/01/2011 - D – C:\Program Files\Aiseesoft Studio =>.Aiseesoft Studio
O43 - CFD: 19/07/2016 - D – C:\Program Files\AOMEI Backupper Standard Edition 2.0.2
O43 - CFD: 17/11/2016 - D – C:\Program Files\Apple Software Update =>.Apple Inc.®
O43 - CFD: 16/02/2009 - D – C:\Program Files\ATI =>.ATI
O43 - CFD: 16/02/2009 - D – C:\Program Files\ATI Technologies =>.ATI Technologies
O43 - CFD: 27/06/2013 - D – C:\Program Files\Belkin {6A8B8367285B702071BD17F1C2DF68CD} =>.Belkin
O43 - CFD: 17/11/2016 - D – C:\Program Files\Bonjour =>.Apple Inc.®
O43 - CFD: 16/02/2009 - D – C:\Program Files\Camera Assistant Software for Toshiba
O43 - CFD: 17/11/2016 - [0] D – C:\Program Files\Candleworks
O43 - CFD: 29/09/2015 - D – C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 16/02/2009 - D – C:\Program Files\Cisco =>.Cisco
O43 - CFD: 19/03/2009 - D – C:\Program Files\Citrix {5C5F2BA5C9994BE5EF254FFE511288E1} =>.Citrix
O43 - CFD: 17/11/2016 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 21/02/2008 - D – C:\Program Files\CyberLink =>.CyberLink
O43 - CFD: 04/08/2011 - D – C:\Program Files\DIFX =>.Microsoft Windows®
O43 - CFD: 18/12/2013 - D – C:\Program Files\FairStars CD Ripper
O43 - CFD: 21/03/2011 - D – C:\Program Files\FileASSASSIN
O43 - CFD: 12/07/2013 - D – C:\Program Files\FxPro - MetaTrader
O43 - CFD: 02/07/2011 - D – C:\Program Files\Gizmo =>.Arainia Solutions, LLC®
O43 - CFD: 17/11/2016 - D – C:\Program Files\Google =>.Google Inc®
O43 - CFD: 09/08/2014 - D – C:\Program Files\HTC =>.HTC
O43 - CFD: 04/05/2012 - D – C:\Program Files\ImgBurn =>.Lightning UK
O43 - CFD: 28/12/2014 - D – C:\Program Files\Insofta Cover Commander
O43 - CFD: 17/11/2016 - D – C:\Program Files\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 16/02/2009 - D – C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 07/03/2015 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 12/02/2008 - D – C:\Program Files\InterVideo =>.InterVideo
O43 - CFD: 17/11/2016 - D – C:\Program Files\Java =>.Sun Microsystems, Inc.®
O43 - CFD: 16/07/2011 - D – C:\Program Files\Logitech =>.Logitech
O43 - CFD: 16/02/2009 - D – C:\Program Files\ltmoh
O43 - CFD: 15/11/2016 - D – C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 15/11/2016 - D – C:\Program Files\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
O43 - CFD: 02/11/2006 - D – C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 24/01/2011 - D – C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 17/11/2016 - D – C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 24/01/2011 - D – C:\Program Files\Microsoft Visual Studio =>.Microsoft Corporation
O43 - CFD: 24/01/2011 - D – C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 24/01/2011 - D – C:\Program Files\Microsoft Works =>.Microsoft Corporation
O43 - CFD: 24/01/2011 - D – C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 18/08/2010 - D – C:\Program Files\Movie Maker =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - D – C:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 17/11/2016 - D – C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 24/01/2011 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 11/02/2011 - D – C:\Program Files\NCH Software =>.NCH Software
O43 - CFD: 04/08/2011 - D – C:\Program Files\Nokia =>.Nokia
O43 - CFD: 17/11/2016 - D – C:\Program Files\Online Armor =>.Emsisoft GmbH®
O43 - CFD: 17/11/2016 - D – C:\Program Files\Opera =>.Opera Software ASA®
O43 - CFD: 21/06/2012 - D – C:\Program Files\Oracle =>.Oracle America, Inc.®
O43 - CFD: 21/10/2016 - D – C:\Program Files\Panda Security =>.Panda Security S.L®
O43 - CFD: 15/11/2016 - D – C:\Program Files\Panda Security URL Filtering =>PUP.Optional.StartSearch
O43 - CFD: 04/08/2011 - D – C:\Program Files\PC Connectivity Solution =>.Microsoft Windows®
O43 - CFD: 16/02/2009 - D – C:\Program Files\Realtek =>.Realtek
O43 - CFD: 02/11/2006 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\S.A.D
O43 - CFD: 17/11/2016 - RD – C:\Program Files\Skype =>.Skype Software Sarl®
O43 - CFD: 25/07/2014 - D – C:\Program Files\Spirent Communications =>.Spirent Communications
O43 - CFD: 12/02/2008 - D – C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 12/07/2013 - D – C:\Program Files\TechSmith =>.TechSmith Corporation®
O43 - CFD: 24/07/2014 - D – C:\Program Files\ToolwizCareFree
O43 - CFD: 16/02/2009 - D – C:\Program Files\TrueSuite Access Manager {2BCDF59FA22D417942CA41961DA44D88}
O43 - CFD: 15/06/2009 - D – C:\Program Files\TRW conferencing
O43 - CFD: 12/02/2008 - D – C:\Program Files\Ulead Systems =>.Ulead Systems
O43 - CFD: 27/07/2014 - [0] D – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 21/03/2011 - D – C:\Program Files\Unlocker =>.Cedrick Collomb
O43 - CFD: 22/02/2016 - D – C:\Program Files\VideoLAN =>.VideoLAN
O43 - CFD: 02/05/2009 - D – C:\Program Files\VS Revo Group =>.VS Revo Group®
O43 - CFD: 26/06/2009 - D – C:\Program Files\Windows Calendar =>.Microsoft Corporation
O43 - CFD: 26/06/2009 - D – C:\Program Files\Windows Defender =>.Microsoft Windows®
O43 - CFD: 30/04/2016 - D – C:\Program Files\Windows Journal =>.Microsoft Corporation
O43 - CFD: 13/01/2012 - D – C:\Program Files\Windows Live =>.Microsoft Corporation®
O43 - CFD: 30/04/2016 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/02/2008 - D – C:\Program Files\Windows Media Components =>.Microsoft Corporation®
O43 - CFD: 05/09/2015 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 26/06/2009 - D – C:\Program Files\Windows Photo Gallery =>.Microsoft Corporation
O43 - CFD: 29/10/2009 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 26/06/2009 - D – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 17/09/2010 - D – C:\Program Files\WinPcap =>.CACE Technologies, Inc.®
O43 - CFD: 28/06/2009 - D – C:\Program Files\Your monster voice 1
O43 - CFD: 15/11/2016 - D – C:\Program Files\Zemana AntiMalware =>.Zemana Ltd.®
O43 - CFD: 08/03/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip =>.Igor Pavlov
O43 - CFD: 04/03/2011 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 04/03/2011 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 14/01/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft =>.Aiseesoft
O43 - CFD: 18/10/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper Standard Edition 2.0.2
O43 - CFD: 10/05/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam =>.Bandisoft
O43 - CFD: 27/06/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin =>.Belkin
O43 - CFD: 16/02/2009 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Assistant Software
O43 - CFD: 16/02/2009 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center =>.AMD
O43 - CFD: 05/07/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform
O43 - CFD: 12/03/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerCinema for TOSHIBA
O43 - CFD: 12/02/2008 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD MovieFactory for TOSHIBA
O43 - CFD: 12/03/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 21/03/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
O43 - CFD: 12/07/2013 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FxPro - MetaTrader
O43 - CFD: 12/03/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 02/07/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gizmo Central
O43 - CFD: 12/02/2008 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop
O43 - CFD: 25/07/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC =>.HTC
O43 - CFD: 01/07/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ideal DVD Copy
O43 - CFD: 17/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn =>.Lightning UK
O43 - CFD: 24/10/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insofta Cover Commander
O43 - CFD: 16/02/2009 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless =>.Intel Corporation
O43 - CFD: 16/02/2009 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager =>.Intel Corporation
O43 - CFD: 31/07/2013 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Interactive Brokers
O43 - CFD: 24/04/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech =>.Logitech
O43 - CFD: 12/03/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 15/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 25/01/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 24/10/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works =>.Microsoft Corporation
O43 - CFD: 12/06/2014 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIG Trading Station
O43 - CFD: 24/10/2015 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
O43 - CFD: 04/08/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
O43 - CFD: 07/03/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor
O43 - CFD: 21/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
O43 - CFD: 17/01/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 17/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller =>.VS Revo Group
O43 - CFD: 14/03/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 16/02/2009 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnagIt 9
O43 - CFD: 25/07/2014 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 12/03/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
O43 - CFD: 12/07/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith =>.TechSmith
O43 - CFD: 17/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA =>.Toshiba
O43 - CFD: 16/02/2009 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSuite Access Manager
O43 - CFD: 24/10/2015 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
O43 - CFD: 22/02/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLAN
O43 - CFD: 01/02/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebEx
O43 - CFD: 21/12/2010 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media =>.Microsoft Corporation
O43 - CFD: 17/09/2010 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap =>.Riverbed Technology
O43 - CFD: 28/06/2009 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your monster voice 1.0
O43 - CFD: 15/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware =>.Zemana
O43 - CFD: 21/12/2015 - D – C:\ProgramData\360Quarant
O43 - CFD: 17/04/2013 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 27/06/2013 - D – C:\ProgramData\Affinegy
O43 - CFD: 14/01/2011 - D – C:\ProgramData\Aiseesoft Studio =>.Aiseesoft Studio
O43 - CFD: 18/10/2014 - D – C:\ProgramData\AomeiBR =>.AOMEI Technology
O43 - CFD: 11/09/2010 - D – C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 11/09/2010 - D – C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 02/11/2006 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 16/02/2009 - D – C:\ProgramData\ATI =>.ATI
O43 - CFD: 17/11/2016 - [0] D – C:\ProgramData\Auslogics =>.Auslogics
O43 - CFD: 27/06/2013 - D – C:\ProgramData\Belkin =>.Belkin
O43 - CFD: 07/03/2013 - D – C:\ProgramData\CPA_VA
O43 - CFD: 16/02/2009 - D – C:\ProgramData\CyberLink =>.CyberLink
O43 - CFD: 02/11/2006 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 16/02/2009 - D – C:\ProgramData\DVD Shrink =>.DVD Shrink
O43 - CFD: 02/11/2006 - [0] SHD – C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [0] D – C:\ProgramData\Google =>.Google
O43 - CFD: 09/08/2014 - D – C:\ProgramData\HTC =>.HTC
O43 - CFD: 04/08/2011 - D – C:\ProgramData\Installations
O43 - CFD: 16/02/2009 - D – C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 16/04/2012 - D – C:\ProgramData\InterVideo =>.InterVideo
O43 - CFD: 13/10/2014 - D – C:\ProgramData\Kaspersky Lab =>.Kaspersky Lab
O43 - CFD: 08/06/2011 - D – C:\ProgramData\Kodak =>.Kodak
O43 - CFD: 16/07/2011 - D – C:\ProgramData\LogiShrd =>.Logitech Inc.
O43 - CFD: 16/07/2011 - D – C:\ProgramData\Logitech =>.Logitech
O43 - CFD: 27/04/2014 - D – C:\ProgramData\magicJack
O43 - CFD: 15/11/2016 - D – C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 04/10/2013 - D – C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 31/12/2013 - SD – C:\ProgramData\Microsoft =>.Microsoft
O43 - CFD: 25/07/2014 - D – C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 07/06/2015 - D – C:\ProgramData\MicroWorld
O43 - CFD: 06/05/2012 - D – C:\ProgramData\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/02/2011 - D – C:\ProgramData\NCH Software =>.NCH Software
O43 - CFD: 07/03/2013 - D – C:\ProgramData\OnlineArmor
O43 - CFD: 21/10/2016 - D – C:\ProgramData\Panda Security =>.Panda Security
O43 - CFD: 04/08/2011 - D – C:\ProgramData\PC Suite =>.Nokia
O43 - CFD: 12/07/2013 - D – C:\ProgramData\regid.1995-08.com.techsmith =>.TechSmith Corporation
O43 - CFD: 17/11/2016 - D – C:\ProgramData\Skype =>.Skype
O43 - CFD: 02/11/2006 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 27/01/2010 - D – C:\ProgramData\Sun =>.Oracle
O43 - CFD: 12/07/2013 - D – C:\ProgramData\TechSmith =>.TechSmith
O43 - CFD: 14/11/2010 - [0] AD – C:\ProgramData\TEMP =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - D – C:\ProgramData\Toshiba =>.Toshiba
O43 - CFD: 16/02/2009 - D – C:\ProgramData\TrueSuite Access Manager
O43 - CFD: 12/02/2008 - D – C:\ProgramData\Ulead Systems =>.Ulead Systems
O43 - CFD: 28/09/2015 - D – C:\ProgramData\WebEx
O43 - CFD: 12/02/2008 - D – C:\ProgramData\WildTangent =>.WildTangent
O43 - CFD: 06/03/2011 - D – C:\ProgramData\WindowsSearch =>.Microsoft Corporation
O43 - CFD: 08/01/2013 - D – C:\ProgramData\WindSolutions =>.WindSolutions
O43 - CFD: 11/04/2010 - D – C:\Program Files\Common Files\Acronis1
O43 - CFD: 25/04/2016 - D – C:\Program Files\Common Files\Adobe =>.Adobe
O43 - CFD: 17/11/2016 - D – C:\Program Files\Common Files\Adobe AIR =>.Adobe Inc.
O43 - CFD: 17/11/2016 - D – C:\Program Files\Common Files\Apple =>.Apple Inc.
O43 - CFD: 24/01/2011 - D – C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/02/2008 - D – C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 16/07/2011 - D – C:\Program Files\Common Files\Logishrd =>.Logitech Inc.
O43 - CFD: 07/06/2015 - D – C:\Program Files\Common Files\Microsoft =>.Microsoft
O43 - CFD: 13/01/2012 - D – C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 04/08/2011 - D – C:\Program Files\Common Files\Nokia =>.Nokia
O43 - CFD: 04/08/2011 - D – C:\Program Files\Common Files\PCSuite
O43 - CFD: 02/11/2006 - D – C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - D – C:\Program Files\Common Files\Skype =>.Skype
O43 - CFD: 02/11/2006 - D – C:\Program Files\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 14/03/2009 - D – C:\Program Files\Common Files\Symantec Shared =>.Symantec
O43 - CFD: 30/04/2016 - D – C:\Program Files\Common Files\System =>.Microsoft Corporation
O43 - CFD: 12/02/2008 - D – C:\Program Files\Common Files\Ulead Systems =>.Ulead Systems
O43 - CFD: 13/01/2012 - D – C:\Program Files\Common Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 25/02/2016 - D – C:\Users\psimoes\AppData\Roaming\2BrightSparks =>.2BrightSparks
O43 - CFD: 21/03/2009 - D – C:\Users\psimoes\AppData\Roaming\ABIG
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 11/09/2010 - D – C:\Users\psimoes\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Roaming\ATI =>.ATI
O43 - CFD: 17/11/2016 - [0] D – C:\Users\psimoes\AppData\Roaming\Auslogics =>.Auslogics
O43 - CFD: 10/03/2009 - D – C:\Users\psimoes\AppData\Roaming\BitDefender =>.Bitdefender
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Roaming\CyberLink =>.CyberLink
O43 - CFD: 29/03/2013 - D – C:\Users\psimoes\AppData\Roaming\dvdcss =>.VideoLAN
O43 - CFD: 06/11/2013 - D – C:\Users\psimoes\AppData\Roaming\FairStars CD Ripper
O43 - CFD: 25/01/2011 - D – C:\Users\psimoes\AppData\Roaming\FXTS2
O43 - CFD: 11/03/2010 - D – C:\Users\psimoes\AppData\Roaming\GARMIN =>.Garmin
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 11/09/2012 - D – C:\Users\psimoes\AppData\Roaming\Gizmo =>.Gizmo Project
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Roaming\Google =>.Google
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 04/05/2012 - D – C:\Users\psimoes\AppData\Roaming\ImgBurn =>.Lightning UK
O43 - CFD: 13/04/2009 - D – C:\Users\psimoes\AppData\Roaming\InstallShield =>.InstallShield
O43 - CFD: 01/03/2009 - D – C:\Users\psimoes\AppData\Roaming\Intel =>.Intel Corporation
O43 - CFD: 16/08/2009 - D – C:\Users\psimoes\AppData\Roaming\IObit =>.IObit
O43 - CFD: 16/07/2011 - D – C:\Users\psimoes\AppData\Roaming\Leadertech =>.Leadertech
O43 - CFD: 16/07/2011 - D – C:\Users\psimoes\AppData\Roaming\Logitech =>.Logitech
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 15/11/2016 - [0] D – C:\Users\psimoes\AppData\Roaming\Malwarebytes =>.Malwarebytes
O43 - CFD: 02/11/2006 - [0] D – C:\Users\psimoes\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 24/09/2012 - D – C:\Users\psimoes\AppData\Roaming\MetaQuotes
O43 - CFD: 19/11/2015 - SD – C:\Users\psimoes\AppData\Roaming\Microsoft =>.Microsoft
O43 - CFD: 07/10/2016 - D – C:\Users\psimoes\AppData\Roaming\mjusbsp
O43 - CFD: 10/07/2013 - D – C:\Users\psimoes\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 11/02/2011 - D – C:\Users\psimoes\AppData\Roaming\NCH Software =>.NCH Software
O43 - CFD: 05/08/2011 - D – C:\Users\psimoes\AppData\Roaming\Nokia =>.Nokia
O43 - CFD: 07/03/2013 - D – C:\Users\psimoes\AppData\Roaming\OnlineArmor
O43 - CFD: 09/06/2009 - D – C:\Users\psimoes\AppData\Roaming\OpenOffice.org =>.OpenOffice.org
O43 - CFD: 28/01/2011 - D – C:\Users\psimoes\AppData\Roaming\Opera =>.Opera Software
O43 - CFD: 17/10/2013 - D – C:\Users\psimoes\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 25/08/2014 - D – C:\Users\psimoes\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 21/10/2016 - D – C:\Users\psimoes\AppData\Roaming\Panda Security =>.Panda Security
O43 - CFD: 04/08/2011 - D – C:\Users\psimoes\AppData\Roaming\PC Suite =>.Nokia
O43 - CFD: 18/08/2013 - D – C:\Users\psimoes\AppData\Roaming\ProcessLasso
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Roaming\Skype =>.Skype
O43 - CFD: 18/10/2012 - D – C:\Users\psimoes\AppData\Roaming\SomePDF =>.SomePDF.com
O43 - CFD: 13/01/2016 - D – C:\Users\psimoes\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Roaming\toshiba =>.Toshiba
O43 - CFD: 26/06/2013 - D – C:\Users\psimoes\AppData\Roaming\TurboMeeting
O43 - CFD: 25/03/2012 - D – C:\Users\psimoes\AppData\Roaming\Ulead Systems =>.Ulead Systems
O43 - CFD: 30/06/2014 - D – C:\Users\psimoes\AppData\Roaming\webex
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Roaming\WinBatch =>.winbatch.com
O43 - CFD: 08/01/2013 - D – C:\Users\psimoes\AppData\Roaming\WindSolutions =>.WindSolutions
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Local\Adobe =>.Adobe
O43 - CFD: 05/02/2010 - D – C:\Users\psimoes\AppData\Local\AnVir
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 22/09/2010 - D – C:\Users\psimoes\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 16/02/2009 - [0] SHD – C:\Users\psimoes\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 21/03/2009 - D – C:\Users\psimoes\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 03/10/2013 - D – C:\Users\psimoes\AppData\Local\assembly =>.Assembly
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Local\ATI =>.ATI
O43 - CFD: 01/07/2016 - D – C:\Users\psimoes\AppData\Local\CEF =>.CEF
O43 - CFD: 19/11/2015 - D – C:\Users\psimoes\AppData\Local\Citrix =>.Citrix
O43 - CFD: 16/11/2016 - D – C:\Users\psimoes\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 09/06/2009 - [0] D – C:\Users\psimoes\AppData\Local\Deployment =>.Microsoft Corporation
O43 - CFD: 13/11/2016 - D – C:\Users\psimoes\AppData\Local\ESET =>.ESET
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Local\Facebook =>.Facebook
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Local\Google =>.Google
O43 - CFD: 16/02/2009 - [0] SHD – C:\Users\psimoes\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 22/06/2012 - D – C:\Users\psimoes\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 29/07/2014 - D – C:\Users\psimoes\AppData\Local\magicJack
O43 - CFD: 11/08/2012 - D – C:\Users\psimoes\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 27/02/2009 - [0] D – C:\Users\psimoes\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 08/12/2014 - D – C:\Users\psimoes\AppData\Local\MigWiz =>.MigWiz
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 28/01/2011 - D – C:\Users\psimoes\AppData\Local\Opera =>.Opera Software
O43 - CFD: 17/10/2013 - D – C:\Users\psimoes\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 21/10/2016 - D – C:\Users\psimoes\AppData\Local\panda
O43 - CFD: 06/03/2011 - D – C:\Users\psimoes\AppData\Local\PowerCinema =>.CyberLink Corporation
O43 - CFD: 24/01/2011 - D – C:\Users\psimoes\AppData\Local\Seven Zip =>.Seven Zip
O43 - CFD: 13/05/2009 - D – C:\Users\psimoes\AppData\Local\TechSmith =>.TechSmith
O43 - CFD: 17/11/2016 - D – C:\Users\psimoes\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 23/05/2016 - D – C:\Users\psimoes\AppData\Local\temp(49)
O43 - CFD: 16/02/2009 - [0] SHD – C:\Users\psimoes\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 28/04/2014 - D – C:\Users\psimoes\AppData\Local\tjnet
O43 - CFD: 24/07/2014 - D – C:\Users\psimoes\AppData\Local\ToolwizCareFree
O43 - CFD: 16/02/2009 - D – C:\Users\psimoes\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 29/09/2014 - D – C:\Users\psimoes\AppData\Local\WebEx
O43 - CFD: 11/08/2012 - D – C:\Users\psimoes\AppData\Local\Windows Live =>.Microsoft Corporation
O43 - CFD: 11/08/2012 - D – C:\Users\psimoes\AppData\Local\Windows Live Writer =>.Microsoft Corporation
O43 - CFD: 15/11/2016 - D – C:\Users\psimoes\AppData\Local\Zemana =>.Zemana
O43 - CFD: 12/03/2009 - RD – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 12/03/2009 - RD – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 05/07/2014 - D – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\CCleaner =>.Piriform
O43 - CFD: 15/11/2016 - D – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Chrome Apps
O43 - CFD: 12/03/2009 - RD – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 29/12/2014 - RD – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 29/04/2009 - D – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\TRW conferencing
O43 - CFD: 21/03/2011 - D – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Unlocker =>.Cedrick Collomb
O43 - CFD: 28/06/2009 - [0] D – C:\Users\psimoes\AppData\Roaming\Microsoft\Windows \Start Menu\Programs\Your monster voice 1.0
O43 - CFD: 02/11/2006 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 27/02/2009 - [0] D – C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/11/2016 - [0] D – C:\Users\Default\AppData\Local\temp =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 27/02/2009 - [0] D – C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/11/2016 - [0] D – C:\Users\Default User\AppData\Local\temp =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 27/07/2014 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Adobe =>.Adobe
O43 - CFD: 12/02/2008 - SHD – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Application Data =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\ATI =>.ATI
O43 - CFD: 17/11/2016 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\CrashDumps =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Google =>.Google
O43 - CFD: 12/02/2008 - SHD – C:\Windows\System32\Config\systemprofile\AppData\L ocal\History =>.Microsoft Corporation
O43 - CFD: 24/07/2014 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft
O43 - CFD: 12/02/2008 - SHD – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\tjnet
O43 - CFD: 31/12/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Toshiba =>.Toshiba
O43 - CFD: 15/11/2016 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Zemana =>.Zemana
O43 - CFD: 20/10/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\360safe =>.Qihu 360 Software
O43 - CFD: 19/11/2010 - D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Adobe =>.Adobe
O43 - CFD: 17/11/2010 - D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Apple Computer =>.Apple Inc.
O43 - CFD: 31/12/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\ATI =>.ATI
O43 - CFD: 25/07/2011 - [0] D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\EurekaLog
O43 - CFD: 16/02/2009 - D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Intel =>.Intel Corporation
O43 - CFD: 13/01/2012 - SD – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft
O43 - CFD: 31/12/2015 - D – C:\Windows\System32\Config\systemprofile\AppData\R oaming\OnlineArmor
O43 - CFD: 12/02/2008 - RD – C:\Windows\System32\Config\systemprofile\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 12/02/2008 - RD – C:\Windows\System32\Config\systemprofile\Start Menu\Programs\Startup =>.Microsoft Corporation

—\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) – C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) – C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) – C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) – C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) – C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: IconOvrly [IconOvrly1] - {A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}. (.Arachnoid Biometrics Identification Group Corp. - .) – C:\Program Files\TrueSuite Access Manager\IconOvrly.dll =>.Arachnoid Biometrics Identification Group Corp.

—\ ShareTools MSconfig StartupReg (7) - 1s
O53 - SMSR:HKLM...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) – C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe =>.CyberLink
O53 - SMSR:HKLM...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Facebook Installer.) – C:\Users\psimoes\AppData\Local\Facebook\Update\Fac ebookUpdate.exe =>.Facebook Inc.
O53 - SMSR:HKLM...\startupreg\GizmoDriveDelegate [Key] . (.Arainia Solutions - Gizmo Central.) – C:\Program Files\Gizmo\gizmo.exe =>.Arainia Solutions
O53 - SMSR:HKLM...\startupreg\Google Desktop Search [Key] . (.Google - Google Desktop.) – C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe =>.Google
O53 - SMSR:HKLM...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) – C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation
O53 - SMSR:HKLM...\startupreg\iTunesHelper [Key] . (…) – C:\Program Files\iTunes\iTunesHelper.exe (.not file.)
O53 - SMSR:HKLM...\startupreg\PCMAgent [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) – C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe =>.CyberLink Corp.

—\ System Drivers List (137) - 106s
O58 - SDL:2008/01/20 21:23:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\Windows\System32\drivers\adp94xx.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:25 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\Windows\System32\drivers\adpahci.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:26 A . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) – C:\Windows\System32\drivers\adpu160m.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:27 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) – C:\Windows\System32\drivers\adpu320.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/28 18:11:00 A . (.Agere Systems - SoftModem Device Driver.) – C:\Windows\System32\drivers\AGRSM.sys [324224] =>.Agere Systems
O58 - SDL:2008/02/03 02:04:02 A . (.Alfa Corporation - Windows 2000 Mini-Filter Monitor Network Ed.) – C:\Windows\System32\drivers\AlfaFF.sys [324224] {01000000000110EA1A2F68}
O58 - SDL:2008/01/20 21:23:00 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\Windows\System32\drivers\aliide.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\Windows\System32\drivers\arc.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:24 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\System32\drivers\arcsas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/30 19:24:00 A . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) – C:\Windows\System32\drivers\atikmdag.sys [324224] =>.ATI Technologies Inc.
O58 - SDL:2009/01/26 12:39:48 A . (.AuthenTec, Inc. - Slide Fingerprint USB Driver.) – C:\Windows\System32\drivers\atswpdrv.sys [324224] =>.AuthenTec, Inc.®
O58 - SDL:2006/11/02 03:24:45 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) – C:\Windows\System32\drivers\BrFiltLo.sys [324224] =>.Brother Industries, Ltd.
O58 - SDL:2006/11/02 03:24:46 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) – C:\Windows\System32\drivers\BrFiltUp.sys [324224] =>.Brother Industries, Ltd.
O58 - SDL:2006/11/02 03:25:24 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) – C:\Windows\System32\drivers\BrSerId.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2006/11/02 03:24:44 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) – C:\Windows\System32\drivers\BrSerWdm.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2006/11/02 03:24:44 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) – C:\Windows\System32\drivers\BrUsbMdm.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2006/11/02 03:24:47 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) – C:\Windows\System32\drivers\BrUsbSer.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2011/05/18 09:12:28 A . (.Nokia - Nokia USB Phone Bus Driver.) – C:\Windows\System32\drivers\ccdcmb.sys [324224] =>.Nokia
O58 - SDL:2011/05/18 09:12:32 A . (.Nokia - Nokia USB Phone Bus Driver.) – C:\Windows\System32\drivers\ccdcmbo.sys [324224] =>.Nokia
O58 - SDL:2006/10/04 21:42:42 A . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) – C:\Windows\System32\drivers\cdr4_xp.sys [324224] =>.Sonic Solutions
O58 - SDL:2006/10/04 21:42:42 A . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) – C:\Windows\System32\drivers\cdralw2k.sys [324224] =>.Sonic Solutions
O58 - SDL:2008/01/20 21:23:00 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) – C:\Windows\System32\drivers\cmdide.sys [324224] =>.Microsoft Windows®
O58 - SDL:2014/03/17 13:09:20 A . (…) – C:\Windows\System32\drivers\DasPtct.SYS [324224] =>.Panda Security S.L®
O58 - SDL:2006/11/02 04:50:11 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) – C:\Windows\System32\drivers\djsvs.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:24 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) – C:\Windows\System32\drivers\E1G60I32.sys [324224] =>.Intel Corporation
O58 - SDL:2008/01/20 21:23:22 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) – C:\Windows\System32\drivers\elxstor.sys [324224] =>.Microsoft Windows®
O58 - SDL:2009/02/16 11:18:02 RASH . (…) – C:\Windows\System32\drivers\fbd.sys [324224]
O58 - SDL:2006/11/20 17:11:14 A . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 32-bit Driver.) – C:\Windows\System32\drivers\FwLnk.sys [324224] =>.Toshiba Corporation
O58 - SDL:2009/05/18 12:17:00 A . (.GEAR Software Inc. - CD DVD Filter.) – C:\Windows\System32\drivers\GEARAspiWDM.sys [324224] =>.GEAR Software Inc.®
O58 - SDL:2011/07/02 10:00:30 A . (.Arainia Solutions LLC - Gizmo Drive, kernel-mode device driver.) – C:\Windows\System32\drivers\gizmodrv.sys [324224] =>.Arainia Solutions, LLC®
O58 - SDL:2008/01/20 21:23:26 A . (.Hewlett-Packard Company - Smart Array Storport Driver.) – C:\Windows\System32\drivers\HpCISSs.sys [324224] =>.Microsoft Windows®
O58 - SDL:2010/06/23 09:23:44 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) – C:\Windows\System32\drivers\htcnprot.sys [324224] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2007/09/30 02:03:12 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) – C:\Windows\System32\drivers\iaStor.sys [324224] =>.Intel Corporation®
O58 - SDL:2008/01/20 21:23:23 A . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) – C:\Windows\System32\drivers\iaStorV.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:17 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) – C:\Windows\System32\drivers\iirsp.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:07 A . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) – C:\Windows\System32\drivers\iteatapi.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:09 A . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) – C:\Windows\System32\drivers\iteraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/09 01:32:00 A . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) – C:\Windows\System32\drivers\KR10I.sys [324224] =>.Toshiba Corporation
O58 - SDL:2006/11/09 01:31:00 A . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) – C:\Windows\System32\drivers\KR10N.sys [324224] =>.Toshiba Corporation
O58 - SDL:2008/01/20 21:23:23 A . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) – C:\Windows\System32\drivers\lsi_fc.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:25 A . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) – C:\Windows\System32\drivers\lsi_scsi.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Windows\System32\drivers\mbam.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) – C:\Windows\System32\drivers\mbamchameleon.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2016/11/16 18:06:13 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Windows\System32\drivers\MBAMSwissArmy.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2008/01/20 21:23:27 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:27 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\Windows\System32\drivers\MegaSR.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:49:59 A . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\Mraid35x.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:00 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) – C:\Windows\System32\drivers\mwac.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2008/01/20 21:23:20 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) – C:\Windows\System32\drivers\NETw3v32.sys [324224] =>.Intel Corporation
O58 - SDL:2007/09/26 09:12:22 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) – C:\Windows\System32\drivers\NETw4v32.sys [324224] =>.Intel Corporation
O58 - SDL:2006/11/02 04:50:19 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) – C:\Windows\System32\drivers\nfrd960.sys [324224] =>.Microsoft Windows®
O58 - SDL:2015/12/04 04:45:09 A . (.Panda Security, S.L. - Application Layer Protocol Colorizer.) – C:\Windows\System32\drivers\NNSAlpc.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:10 A . (.Panda Security, S.L. - Http Parser.) – C:\Windows\System32\drivers\NNSHttp.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:11 A . (.Panda Security, S.L. - Https Parser.) – C:\Windows\System32\drivers\NNSHttps.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:11 A . (.Panda Security, S.L. - Intrusion Detection System.) – C:\Windows\System32\drivers\NNSIds.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/04/27 04:09:59 A . (.Panda Security, S.L. - Network Activity Hook Server LWF.) – C:\Windows\System32\drivers\NNSNAHSL.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:12 A . (.Panda Security, S.L. - Process Info Colorizer Client.) – C:\Windows\System32\drivers\NNSpicc.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2016/03/14 05:59:51 A . (.Panda Security, S.L. - Process Info Hook Server WFP.) – C:\Windows\System32\drivers\NNSPihsw.sys [324224] =>.Panda Security S.L®
O58 - SDL:2015/12/04 04:45:14 A . (.Panda Security, S.L. - Pop3 Parser.) – C:\Windows\System32\drivers\NNSPop3.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:14 A . (.Panda Security, S.L. - Network Protector.) – C:\Windows\System32\drivers\NNSProt.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2016/02/17 10:35:35 A . (.Panda Security, S.L. - Network Provider.) – C:\Windows\System32\drivers\NNSPrv.sys [324224] =>.Panda Security S.L®
O58 - SDL:2015/12/04 04:45:15 A . (.Panda Security, S.L. - Smtp Parser.) – C:\Windows\System32\drivers\NNSSmtp.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2016/02/17 10:35:54 A . (.Panda Security, S.L. - Streamer.) – C:\Windows\System32\drivers\NNSStrm.sys [324224] =>.Panda Security S.L®
O58 - SDL:2015/12/04 04:45:16 A . (.Panda Security, S.L. - Transport Layer Session Colorizer.) – C:\Windows\System32\drivers\NNStlsc.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2010/06/25 12:07:14 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) – C:\Windows\System32\drivers\npf.sys [324224] =>.CACE Technologies, Inc.®
O58 - SDL:2006/11/02 02:36:50 A . (.N-trig Innovative Technologies - N-trig tablet digitizer in-box driver.) – C:\Windows\System32\drivers\ntrigdigi.sys [324224] =>.N-trig Innovative Technologies
O58 - SDL:2008/01/20 21:23:21 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\System32\drivers\nvraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:21 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\System32\drivers\nvstor.sys [324224] =>.Microsoft Windows®
O58 - SDL:2013/10/15 10:19:55 A . (…) – C:\Windows\System32\drivers\OADriver.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2013/10/15 10:19:59 A . (…) – C:\Windows\System32\drivers\oahlp32.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2013/10/15 10:20:08 A . (.Emsisoft - TDI Helper Driver.) – C:\Windows\System32\drivers\OAmon.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2013/10/15 10:20:08 A . (.Emsisoft - OA Helper Driver.) – C:\Windows\System32\drivers\OAnet.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2008/08/26 09:26:12 A . (.Nokia - PCCS Mode Change Filter Driver.) – C:\Windows\System32\drivers\pccsmcfd.sys [324224] =>.Nokia
O58 - SDL:2016/08/04 21:28:16 A . (.Panda Security, S.L. - PSINAflt Filter Driver for Vista32.) – C:\Windows\System32\drivers\PSINAflt.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:32:08 A . (.Panda Security, S.L. - PSINFile Filter Driver for Vista32.) – C:\Windows\System32\drivers\PSINFile.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:22:40 A . (.Panda Security, S.L. - PSINKNC Kernel Controller for Vista32.) – C:\Windows\System32\drivers\PSINKNC.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:40:39 A . (.Panda Security, S.L. - PSINProc Filter Driver for Vista32.) – C:\Windows\System32\drivers\PSINProc.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:45:46 A . (.Panda Security, S.L. - PSINProt for Vista32.) – C:\Windows\System32\drivers\PSINProt.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:36:13 A . (.Panda Security, S.L. - PSINReg Filter Driver for Vista32.) – C:\Windows\System32\drivers\PSINReg.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/08 04:00:47 A . (.Panda Security, S.L. - Panda Kernel Memory Access Driver (x86).) – C:\Windows\System32\drivers\PSKMAD.sys [324224] =>.Panda Security S.L®
O58 - SDL:2008/11/20 14:19:06 A . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) – C:\Windows\System32\drivers\pxhelp20.sys [324224] =>.Sonic Solutions®
O58 - SDL:2008/01/20 21:23:24 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) – C:\Windows\System32\drivers\ql2300.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:35 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) – C:\Windows\System32\drivers\ql40xx.sys [324224] =>.Microsoft Windows®
O58 - SDL:2007/02/24 17:42:22 A . (.REDC - RICOH SD Driver.) – C:\Windows\System32\drivers\rimmptsk.sys [324224] =>.REDC
O58 - SDL:2007/01/23 19:40:20 A . (.REDC - RICOH MS Driver.) – C:\Windows\System32\drivers\rimsptsk.sys [324224] =>.REDC
O58 - SDL:2007/03/22 01:02:04 A . (.REDC - RICOH XD SM Driver.) – C:\Windows\System32\drivers\rixdptsk.sys [324224] =>.REDC
O58 - SDL:2008/01/30 14:34:20 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\Windows\System32\drivers\RTKVHDA.sys [324224] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/06/23 09:21:32 A . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) – C:\Windows\System32\drivers\Rtlh86.sys [324224] =>.Realtek Semiconductor Corp®
O58 - SDL:2006/11/02 01:37:21 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) – C:\Windows\System32\drivers\secdrv.sys [324224] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2008/01/20 21:23:26 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\System32\drivers\sisraid4.sys [324224] =>.Microsoft Windows®
O58 - SDL:2009/03/14 20:32:52 A . (.Acronis - Acronis Snapshot API.) – C:\Windows\System32\drivers\snman380.sys [324224] =>.Acronis, Inc®
O58 - SDL:2016/08/31 07:49:31 A . (…) – C:\Windows\System32\drivers\staport.sys [324224] =>.AVAST Software a.s.®
O58 - SDL:2011/02/11 22:55:59 A . (.NCH Software - stdriver.sys.) – C:\Windows\System32\drivers\stdriver32.sys [324224] {2B24FDF675AB9FACF9226943B579512D} =>.NCH Software
O58 - SDL:2009/06/22 15:49:00 A . (.silex technology, Inc. - SXUPTP Driver.) – C:\Windows\System32\drivers\sxuptp.sys [324224] {48B6DCB1174D010AEC98B059A4F4849A} =>.silex technology, Inc.
O58 - SDL:2006/11/02 04:50:05 A . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) – C:\Windows\System32\drivers\symc8xx.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:49:56 A . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) – C:\Windows\System32\drivers\sym_hi.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:03 A . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) – C:\Windows\System32\drivers\sym_u3.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/08/14 10:40:40 A . (.Synaptics, Inc. - Synaptics Touchpad Driver.) – C:\Windows\System32\drivers\SynTP.sys [324224] =>.Synaptics Incorporated®
O58 - SDL:2008/03/17 22:36:21 A . (…) – C:\Windows\System32\drivers\taishop.sys [324224]
O58 - SDL:2010/02/25 17:51:02 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) – C:\Windows\System32\drivers\tap0901.sys [324224] =>.The OpenVPN Project
O58 - SDL:2009/03/14 20:33:01 A . (.Acronis - Acronis Try&Decide Volume Filter Driver.) – C:\Windows\System32\drivers\tdrpm147.sys [324224] =>.Acronis, Inc®
O58 - SDL:2013/10/17 10:32:56 A . (.TeamViewer GmbH - TeamViewerVPN Network Adapter.) – C:\Windows\System32\drivers\teamviewervpn.sys [324224] =>.TeamViewer GmbH
O58 - SDL:2009/03/14 16:32:04 A . (.Acronis - Acronis True Image File System Filter.) – C:\Windows\System32\drivers\tifsfilt.sys [324224] =>.Acronis, Inc®
O58 - SDL:2009/03/14 20:32:55 A . (.Acronis - Acronis True Image Backup Archive Explorer.) – C:\Windows\System32\drivers\timntr.sys [324224] =>.Acronis, Inc®
O58 - SDL:2006/10/23 19:32:20 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) – C:\Windows\System32\drivers\tosrfec.sys [324224] =>.Toshiba Corporation
O58 - SDL:2008/01/21 18:42:24 A . (.TOSHIBA Corporation - tos_sps2.) – C:\Windows\System32\drivers\tos_sps32.sys [324224] =>.Toshiba Corporation
O58 - SDL:2015/06/07 17:57:06 A . (.BitDefender S.R.L. - Trufos Kernel Module.) – C:\Windows\System32\drivers\trufos.sys [324224] =>.Bitdefender SRL®
O58 - SDL:2007/11/09 17:00:52 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) – C:\Windows\System32\drivers\TVALZ_O.SYS [324224] =>.TOSHIBA CORPORATION®
O58 - SDL:2008/01/20 21:23:20 A . (.ULi Electronics Inc. - ULi SATA Controller Driver.) – C:\Windows\System32\drivers\uliahci.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:35 A . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) – C:\Windows\System32\drivers\ulsata.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) – C:\Windows\System32\drivers\ulsata2.sys [324224] =>.Microsoft Windows®
O58 - SDL:2011/05/18 09:12:36 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) – C:\Windows\System32\drivers\usbser_lowerflt.sys [324224] =>.Nokia
O58 - SDL:2011/05/18 09:12:38 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) – C:\Windows\System32\drivers\usbser_lowerfltj.sys [324224] =>.Nokia
O58 - SDL:2007/12/17 14:45:20 A . (.Chicony Electronics Co., Ltd. - UVCFTR_S.sys.) – C:\Windows\System32\drivers\UVCFTR_S.SYS [324224] =>.Chicony Electronics Co., Ltd.
O58 - SDL:2008/01/20 21:23:00 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\viaide.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\Windows\System32\drivers\vsmraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/11/15 14:33:16 A . (.Zemana Ltd. - ZAM.) – C:\Windows\System32\drivers\zam32.sys [324224] =>.Zemana Ltd.®
O58 - SDL:2016/11/15 14:33:15 A . (.Zemana Ltd. - ZAM.) – C:\Windows\System32\drivers\zamguard32.sys [324224] =>.Zemana Ltd.®
O58 - SDL:2014/08/19 14:47:14 A . (…) – C:\Windows\System32\ambakdrv.sys [324224] =>.AOMEI Tech Co
O58 - SDL:2014/08/19 14:47:14 A . (…) – C:\Windows\System32\ammntdrv.sys [324224] =>.AOMEI Tech Co
O58 - SDL:2014/08/19 14:47:14 A . (…) – C:\Windows\System32\amwrtdrv.sys [324224] =>.AOMEI Tech Co
O58 - SDL:2006/11/02 02:09:42 A . (…) – C:\Windows\System32\ANSI.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:45 A . (…) – C:\Windows\System32\country.sys [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:41 A . (…) – C:\Windows\System32\HIMEM.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:44 A . (…) – C:\Windows\System32\KEY01.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:44 A . (…) – C:\Windows\System32\KEYBOARD.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:29 A . (…) – C:\Windows\System32\NTDOS.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:35 A . (…) – C:\Windows\System32\NTDOS404.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:38 A . (…) – C:\Windows\System32\NTDOS411.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:40 A . (…) – C:\Windows\System32\NTDOS412.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:31 A . (…) – C:\Windows\System32\NTDOS804.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:20 A . (…) – C:\Windows\System32\NTIO.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:23 A . (…) – C:\Windows\System32\NTIO404.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:24 A . (…) – C:\Windows\System32\NTIO411.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:26 A . (…) – C:\Windows\System32\NTIO412.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:22 A . (…) – C:\Windows\System32\NTIO804.SYS [324224] =>.Microsoft Corporation

—\ Last modified or created user files (6) - 33s
O61 - LFC: 2016/11/17 12:44:27 A . (..) – C:\Users\psimoes\Desktop\OpenDNS-Updater-2.2.1.exe [225336] {7680189BD7F3A03993677393F1F067C7}
O61 - LFC: 2016/11/15 20:40:38 A . (.glax24 (safezone.cc).) – C:\Users\psimoes\Desktop\SecurityCheck.exe [507938]
O61 - LFC: 2016/11/17 17:46:22 A . (..) – C:\Users\psimoes\Desktop\SystemLook.exe [139264]
O61 - LFC: 2016/11/14 14:33:28 A . (..) – C:\Users\psimoes\Desktop\zoek.exe [1309184]
O61 - LFC: 2016/11/15 14:16:45 A . (..) – C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [308]
O61 - LFC: 2016/11/17 16:00:54 A . (..) – C:\Users\psimoes\AppData\Local\ATI\ACE\Manifest.Bi n [14938]

—\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) – C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S

—\ Start Menu Internet (24) - 1s
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (…) – C:\Program Files\Opera\Opera.exe
O68 - StartMenuInternet: <Opera.exe> [HKLM..\Shell\open\Command] (…) – C:\Program Files\Opera\Opera.exe
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) – C:\Program Files\Opera\Launcher.exe =>.Opera Software ASA®
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (…) – C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <Opera.exe> [HKLM..\InstallInfo\ShowIconsCommand] (…) – C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) – C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (…) – C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <Opera.exe> [HKLM..\InstallInfo\ReinstallCommand] (…) – C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) – C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (…) – C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <Opera.exe> [HKLM..\InstallInfo\HideIconsCommand] (…) – C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) – C:\Program Files\Opera\launcher.exe =>.Opera Software

—\ Search Browser Infection (3) - 11s
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.

—\ Search Svchost Services (31) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) – C:\Windows\System32\aelupsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\Windows\System32\wercplsupport.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\System32\srvsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\IKEEXT.DLL [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) – C:\Windows\System32\audiosrv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Terminal Server Remote Connections Manager.) – C:\Windows\System32\termsrv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\System32\wuaueng.dll [324224] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\System32\seclogon.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\System32\iscsiexe.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) – C:\Windows\System32\mmcss.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\System32\schedsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Terminal Services Configuration service.) – C:\Windows\System32\SessEnv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\Windows\System32\browser.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) – C:\Windows\System32\KMSVC.DLL [324224] =>.Microsoft Corporation

—\ Firewall Active Exception List (4) - 3s
O87 - FAEL: “WinCollab-Out-UDP” [Out-None-P17-FALSE] .(…) – C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: “WinCollab-In-UDP” [In-None-P17-FALSE] .(…) – C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: “WinCollab-Out-TCP” [Out-None-P6-FALSE] .(…) – C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: “WinCollab-In-TCP” [In-None-P6-FALSE] .(…) – C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)

—\ Additional Scan (O88) (7) - 2s
C:\Users\psimoes\AppData\Roaming\Mozilla\Extension s{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\U ninstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\U ninstall{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} =>Riskware.QuickTime
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} =>Riskware.QuickTime
C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.loca lstorage =>.Superfluous.CloudfrontNet
C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.loca lstorage-journal =>.Superfluous.CloudfrontNet

—\ Summary of the elements found (5) - 0s
Redirecting... =>PUP.Optional.Wajam
Redirecting... =>Heuristic.Suspect
Redirecting... =>Riskware.QuickTime
https://www.nicolascoolman.com/fr/pu...l-startsearch/ =>PUP.Optional.StartSearch
Redirecting... =>.Superfluous.CloudfrontNet

~ End of the scan, 41006 items in 00h08mn03s (1466)

**Malnutrition** · 11-18-2016, 03:32 AM

While I look over this, have you uninstalled the programs and ran the fix with HijackThis?

**paulwb** · 11-18-2016, 03:38 AM

Yes. All done except for reset router to defaults, reset browsers which I forgot to do. Patchmypc worked quite nicely this old PC.
Set up DNS Jumper but not showing IP addresses… see screenshot below.
Am I missing something?

[ATTACH]806[/ATTACH]

**Malnutrition** · 11-18-2016, 03:42 AM

Originally posted by Paul Simoes

Set up DNS Jumper but not showing IP addresses… see screenshot below.
Am I missing something?

? It does not show IP, it is a tool for changing your DNS server and finding the best one for your area. You should now just hit apply DNS and it will be set to google DNS. Or you can use this DNS to block ads on your machine. Ad Blocking DNS

**Malnutrition** · 11-18-2016, 03:49 AM

Alright, in your Autoruns log I still see remnants of TeamViewer running, & I do not see it in a list of installed programs. I want a list of the currently installed programs on your machine before I make this final fix list for you.

Please download MINITOOLBOX and run it.

Checkmark following boxes:

Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)

Click Go and post the result.

**paulwb** · 11-18-2016, 03:56 AM

Originally posted by Malnutrition

? It does not show IP, it is a tool for changing your DNS server and finding the best one for your area. You should now just hit apply DNS and it will be set to google DNS. Or you can use this DNS to block ads on your machine. Ad Blocking DNS

Should I make the change in Settings to make it start at System Start up? I guess it’s only working if it appears in the systray?

I’ll check out Ad Blocking DNS

Browsers Crash, Executable files stall or crash

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment