How to remove rundll32.exe virus.

**Malnutrition** · 02-10-2017, 03:23 AM

Hello @toreee how are you moving along with the instructions? Have you got an update for us?

Please update this thread within 48 hours, or it will be closed. You can however have it re-opened at any time, by sending a private message to a staff member.

**Malnutrition** · 02-25-2017, 12:55 AM

Thread re-opened at OP request.

**toreee** · 02-25-2017, 07:48 AM

ok

**toreee** · 02-25-2017, 08:22 AM

attached is the file requested

ClearLNK by Alex Dragokas ver. 2.9.0.11

OS: x32 Windows 7 Starter, 6.1.7601, Service Pack: 1
Time: 25.02.2017 - 12:24
Language: OS: EN (0x409). Display: EN (0x409). Non-Unicode: unknown (0x4409)
Elevated: Yes
User: MSI CR-460 (group: Administrator)

_____________________________ Begin of Log ______________________________
.
[DEL ] 1 “C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\µTorrent.lnk” (target was not recovered)
.
______________________________ Statistics _______________________________
Cure ran per today: 1 times.

Total processed: 1

Code:

     Deleted:   1

______________________________ End of Log _______________________________CRC32: C51D6EFA

**toreee** · 02-25-2017, 08:55 AM

ok already done everything as per your guide. when I click time to change the setting im still getting the same message.

**Malnutrition** · 02-25-2017, 11:24 AM

Rogue Killer Scan.

Download RogueKiller – (Portable) – from one of the following links and save it to your Desktop:

Link 1
Link 2

[ul]
[li]Close all other the running programs[/li][li]Disable ALL Antivirus – Antimalware – Applications.[/li][li]Right Click Rogue Killer and Run as Administrator.[/li][li]Click the Start Scan button.[/li][li]Allow the scan to run – it can take ten minutes or more.[/li][li]Once the scan is complete check All items for removal.[/li][li]https://pchelpforum.net/attachments/...5-54-png.1658/ [/li]
[li]After All items are checked then press Remove Selected.[/li]
[li]Wait until the Status box shows Deleting Finished.[/li][li]Click on open report – then open txt[/li]
[li]Copy the content of the report and paste it here in your next reply.[/li][/ul]

ZHP Diag Scan

Download ZHP Diag to your desktop.

Right Click Run as Admin.
2. Click the Scanner button.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-2-23_3-32-26-png.1647/

PCHF Forums

When complete please push the report button.
A notepad will open… copy and paste the report in your next reply.

**toreee** · 02-26-2017, 01:22 PM

Rogue Killer Scan.
the screen directly close without have any option on cleared. report for the scan are not available

**toreee** · 02-26-2017, 01:37 PM

~ ZHPDiag v2017.2.26.36 By Nicolas Coolman (2017/02/26)
~ Run by MSI CR-460 (Administrator) (2017/02/26 17:29:44)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: ZHP
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\MSI CR-460\Desktop\ZHPDiag.txt
~ Report: C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation

—\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v56.0.2924.87
~ MSIE: Internet Explorer v11.0.9600.18537

—\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
Windows Activation Technologies : KO

—\ System protection software (1) - 2s
Malwarebytes Anti-Malware version 2.2.1.1043 (Protection)

—\ System optimization software (1) - 3s
~ CCleaner v5.26 (Optimize)

—\ Surveillance software (2) - 3s
~ Adobe Flash Player 22 NPAPI (Surveillance)
~ Adobe Reader XI (Surveillance)

—\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2097.152 MB (56% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 47 GB (15%) free of 305 GB : OK =>.Disk Space

—\ Connection to the system mode (3) - 0s
~ Computer Name: MSICR-460-PC
~ User Name: MSI CR-460
~ Logged in as Administrator

—\ Enumeration of the disk units (1) - 0s
~ Drive C: has 47 GB free of 305 GB (System)

—\ State of the Windows Security Center (23) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Win dowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

—\ Search Generic System Files (22) - 3s
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - 29/08/2016 - (.Microsoft Corporation - Windows Explorer.) – C:\windows\Explorer.exe [2972672] =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\windows\System32\Wininit.exe [96256] =>.Microsoft Corporation
[MD5.F4F5123B45BFCFD2F035280FDCB5BBBE] - 12/11/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\windows\System32\wininet.dll [2444800] =>.Microsoft Corporation
[MD5.52449FD429D6053B78AE564DEF303870] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) – C:\windows\System32\Winlogon.exe [304128] =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) – C:\windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) – C:\windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.93B49FA857F7036A4EFF32371F6E7391] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - 08/09/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\windows\System32\drivers\DfsC.sys [81408] =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) – C:\windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) – C:\windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation
[MD5.6284D46BAA301BEDB9AB7FA7672B2410] - 05/01/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\windows\System32\drivers\MRxSmb.sys [124416] =>.Microsoft Corporation
[MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) – C:\windows\System32\drivers\netBT.sys [188928] =>.Microsoft Corporation
[MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) – C:\windows\System32\drivers\ntfs.sys [1212352] =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) – C:\windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) – C:\windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation
[MD5.BB8817D0508DD5EA69C770C8DEF5AB67] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) – C:\windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows®

—\ Task Planned Automatically (3) - 12s
[MD5.1A709A8B23B584115F2CCEEDAD64DE97] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) – C:\Program Files\CCleaner\CCleaner.exe [7173848] (.Activate.) =>.Piriform Ltd®
[MD5.00000000000000000000000000000000] [APT] [Microsoft\Windows\Autochk\Proxy] (…) – C:\windows\system32\rundll32.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) – C:\windows\System32\Tasks\CCleanerSkipUAC [2784] =>.Piriform Ltd®

—\ Auto loading programs from Registry and folders (2) - 0s
O4 - HKUS\S-1-5-19..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

—\ Process running (3) - 1s
[MD5.0A70F4022EC2E14C159EFC4F69AA2477] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1710464] [PID.1860] =>.Microsoft Corporation®
[MD5.9C879E1C3B27085FB46EFECCD7120D51] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [193408] [PID.1564] =>.Microsoft Corporation®
[MD5.139A1E7AC1479231D95F650ECBD55081] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\MSI CR-460\Desktop\ZHPDiag3.exe [2703872] [PID.828] =>.Nicolas Coolman

—\ Google Chrome, Start,Search,Extensions (6) - 1s
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dnligehkhogpcngalffdoomehjcbecna] Baboom Search =>.Superfluous.Linkury
G2 - GCE: Preference [User Data\Default] [gehmndecgbcffhmfjkenpamdgechcgpe] Baboom Search =>.Superfluous.Linkury
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] [ https://epicunitscan.info/00service/update2/crx ] Google Chrome manifest =>Hijacker.Browser
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

—\ Mozilla Firefox,Plugins,Start,Search,Extensions (7) - 2s
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) – C:\Program Files\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT FILE: (.Test Pilot - Help make Firefox better by running us.) – C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4 hyy.default\extensions\testpilot@labs.mozilla.com.xpi =>.Test Pilot
P2 - EXT FILE: (.Google - Default Search.) – C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4 hyy.default\searchplugins\Google.xml =>.Google
P2 - EXT FILE: (…) – C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4 hyy.default\searchplugins\WebSearch.xml
P2 - EXT: (…) – C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4 hyy.default\extensions\staged
P2 - EXT: (.Riverbed Technology, Inc. - Steelhead Mobile Certificate Manager.) – C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4 hyy.default\extensions\SteelheadMobileCertificateManager@riverbed.com =>.Riverbed Technology, Inc.
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\System32\Macromed\Flash\NPSWF32_22_0_0_ 209.dll =>.Adobe Systems Incorporated

—\ Opera, Plugins,Start,Search (1) - 0s
B2 - EXT: [CinemaP-1.9cV22.08] C:\Users\MSI CR-460\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi

—\ Internet Explorer Extensions, Start, Search (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

—\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyHttp1.1 = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies

—\ Line Analysis, IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\windows\system32\SystemPropertiesPerfo rmance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

—\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

—\ Browser Helper Object (BHO) (8) - 1s
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) – C:\Program Files\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) – C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) – C:\Program Files\Windows Live\Companion\companioncore.dll =>.Microsoft Corporation®
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) – C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL =>.Microsoft Corporation®
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) – C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java™ Platform SE binary.) – C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll =>.Oracle America, Inc.®

—\ Global shortcuts Startup (98) - 18s
O4 - GS\Desktop [Administrator]: Documents - Shortcut.lnk . (…) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Do cuments.library-ms
O4 - GS\Desktop [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Administrator]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Administrator]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrator]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Documents - Shortcut.lnk . (…) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Do cuments.library-ms
O4 - GS\Desktop [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Guest]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Guest]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Guest]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [MSI CR-460]: Documents - Shortcut.lnk . (…) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Do cuments.library-ms
O4 - GS\Desktop [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [MSI CR-460]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [MSI CR-460]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [MSI CR-460]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [MSI CR-460]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [MSI CR-460]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [MSI CR-460]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [MSI CR-460]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [MSI CR-460]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [MSI CR-460]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [MSI CR-460]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Canon IJ Network Tool.lnk . (.CANON INC. - Canon IJ Network Tool.) C:\Program Files\Canon\Canon IJ Network Tool\CNMNPUT.EXE =>.Canon Inc.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Family Tree Maker 2012.lnk . (.Ancestry.com - Family Tree Maker 2012.) C:\Program Files\Family Tree Maker 2012\FTM.exe
O4 - GS\CommonDesktop [Public]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: PIXAJOY Editor.lnk . (.Pixajoy - Pixajoy.) C:\Program Files\PIXAJOY Editor\PIXAJOY Editor.exe
O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (…) C:\Program Files\RogueKiller\RogueKiller.exe =>.Adlice®
O4 - GS\Programs [Public]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (…) C:\windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Reader XI.lnk . (…) C:\windows\Installer{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico =>.Adobe Inc.
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) C:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\windows\system32\xpsrchvw.exe =>.Microsoft Corporation

—\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip..{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpDomain = domain.name

—\ Extra protocols (25) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) – C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) – C:\Program Files\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) – C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) – C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®

—\ Software installed (114) - 40s
O42 - Logiciel: Adobe Flash Player 22 NPAPI - (.Adobe Systems Incorporated.) [HKLM] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 24 ActiveX - (.Adobe Systems Incorporated.) [HKLM] – Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.13) - (.Adobe Systems Incorporated.) [HKLM] – {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] – {AC76BA86-0804-1033-1959-001824157129} =>.Adobe Systems Incorporated
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] – {4555BB9E-E715-4260-A178-E8EFD2B653E3} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] – {AB398DDB-0E7B-400B-A940-7E61FB91A531} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] – AmUStor =>.Alcor Micro Corp.
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] – {28006915-2739-4EBE-B5E8-49B25D32EB33} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] – {D3694B69-6F8C-42D3-8A0A-EB2AB528C02C} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] – {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Atheros Communications Inc.®
O42 - Logiciel: AVG PC TuneUp 2015 (en-US) - (.AVG Technologies.) [HKLM] – {4AC74ED1-719B-46DA-8B8A-340FBF892291} =>.AVG Technologies
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] – Broadcom 802.11 Network Adapter =>.Broadcom Corporation®
O42 - Logiciel: Canon IJ Network Scanner Selector EX - (..) [HKLM] – Canon_IJ_Network_Scanner_Selector_EX =>.Canon Inc.®
O42 - Logiciel: Canon IJ Network Tool - (.Canon Inc..) [HKLM] – Canon_IJ_Network_UTILITY =>.Canon Inc.®
O42 - Logiciel: Canon MX420 series MP Drivers - (.Canon Inc..) [HKLM] – {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}Canon_MX420_series =>.Canon Inc.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] – CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] – Cisco AnyConnect Secure Mobility Client =>.Cisco Systems, Inc.®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] – {F63E747C-5B51-4A6E-9413-BF258F4653F3} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] – {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] – {51C7AD07-C3F6-4635-8E8A-231306D810FE} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] – {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} =>.Cisco Systems, Inc.
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] – {01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] – InstallShield{01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] – {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] – {1CB0993B-1CD4-4A18-9C85-9732AFD9843F}
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] – Family Tree Maker 2012
O42 - Logiciel: FileHippo App Manager - (.FileHippo.com.) [HKLM] – FileHippo.com =>.FileHippo.com
O42 - Logiciel: FlashGet3.7 - (. http://www.flashget.com .) [HKLM] – FlashGet3.7 =>. http://www.flashget.com
O42 - Logiciel: FormatFactory 2.20 - (.Free Time.) [HKLM] – FormatFactory =>.Free Time
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] – GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] – Google Chrome =>.Google Inc®
O42 - Logiciel: Google Photos Backup - (.Google, Inc..) [HKCU] – Google Photos Backup =>.Google, Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] – {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] – {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] – {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM] – {4CEEE5D0-F905-4688-B9F9-ECC710507796} =>.HTC Corporation
O42 - Logiciel: HTC Sync Manager - (.HTC.) [HKLM] – {231D0C79-98A6-4693-A366-36DE7D7346EC} =>.HTC
O42 - Logiciel: ImagXpress - (.Nero AG.) [HKLM] – {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} =>.Nero AG
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] – {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] – {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM] – {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: Java 8 Update 121 - (.Oracle Corporation.) [HKLM] – {26A24AE4-039D-4CA4-87B4-2F32180121F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] – {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] – {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
O42 - Logiciel: K-Lite Codec Pack 8.3.2 (Full) - (.KLite Inc.) [HKLM] – KLiteCodecPack_is1 =>.KLite Inc
O42 - Logiciel: Lenovo_Wireless_Driver - (.Lenovo.) [HKLM] – {28ABE740-47F3-441B-9437-852F6A64EFF8} =>.Macrovision Corporation®
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM] – Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Master PDF Editor 2.1.65 - (.Code Industry Ltd..) [HKLM] – Master PDF Editor 2.1.65_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] – {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.Microsoft Corporation
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] – {50816F92-1652-4A7C-B9BC-48F682742C4B} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0015-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0117-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] – {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0090-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0016-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-00BA-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0044-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-012B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-00A1-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-001A-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0018-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0019-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] – {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0054-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-0051-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] – Office15.VISPRO =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] – {90150000-001B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] – {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] – {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] – {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: My Photo Creations (Photobookmart Edition) - (.Digilabs.) [HKLM] – {111FC0F4-F93D-4FB1-A91D-B0258A8A1BA5}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] – {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: PDF Password Remover - (.Tenorshare, Inc..) [HKLM] – PDF Password Remover =>.Tenorshare, Inc.
O42 - Logiciel: PDFill PDF Editor with FREE Writer and FREE Tools - (.PlotSoft LLC.) [HKLM] – {D1399216-81B2-457C-A0F7-73B9A2EF6902} =>.PlotSoft LLC
O42 - Logiciel: Photobook Designer - (.Photobook Malaysia.) [HKCU] – Photobook Designer
O42 - Logiciel: Pismo File Mount Audit Package - (..) [HKLM] – PismoFileMountAuditPackage =>.Pismo Technic Inc.®
O42 - Logiciel: PIXAJOY Editor - (.Pixajoy.) [HKCU] – PIXAJOY Editor
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] – {B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] – {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek USB 2.0 Reader Driver - (.Realtek Semiconductor Corp..) [HKLM] – {62BBB2F0-E220-4821-A564-730807D2C34D} =>.Realtek Semiconductor Corp®
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] – {9D3D8C60-A55F-4123-B2B9-173F09590E16} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Riverbed Steelhead Mobile - (.Riverbed Technology, Inc..) [HKLM] – {09D86FD5-EA7E-4072-997F-4E88AE25ACA2} =>.Riverbed Technology, Inc.
O42 - Logiciel: RogueKiller version 12.9.8.0 - (.Adlice Software.) [HKLM] – 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: S-Bar - (.MSI.) [HKLM] – {4E18A842-A084-46E0-81BA-31C7EB96B26C} =>.MSI
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] – TeamViewer =>.TeamViewer®
O42 - Logiciel: Telegram Desktop version 0.10.19 - (.Telegram Messenger LLP.) [HKCU] – {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1 =>.Telegram Messenger LLP
O42 - Logiciel: TuneUp Utilities 2014 (en-US) - (.TuneUp Software.) [HKLM] – {14C8CE46-C68C-461B-BCA9-E276A85851C6} =>.TuneUp Software
O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 32-Bit Edition - (.Microsoft.) [HKLM] – {90150000-012B-0409-0000-0000000FF1CE}Office15.PROPLUS{9F6B3627-AF9E-40A5-AAD5-3497C4327616} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] – {90150000-0011-0000-0000-0000000FF1CE}Office15.PROPLUS{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] – {90150000-012B-0409-0000-0000000FF1CE}Office15.PROPLUS{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Uplayer - (.D-LINK CORPORATION.) [HKLM] – {246F5A8A-ADB1-4ED9-BE01-C4118E7DB3A5} =>.D-Link Corporation
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] – {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VNC Enterprise Edition E4.5.1 - (.RealVNC Ltd..) [HKLM] – RealVNC_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Mirror Driver 1.8.0 - (.RealVNC Ltd..) [HKLM] – VNCMirror_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Printer Driver 1.6.0 - (.RealVNC Ltd..) [HKLM] – VNCPrinter_is1 =>.RealVNC Ltd.
O42 - Logiciel: WD Drive Utilities - (.Western Digital Technologies, Inc..) [HKLM] – {E61CFDDA-40DD-4400-95CA-12819C50B5C2} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] – {429a42d7-4c55-44d4-b38a-5872a0d70495} =>.Western Digital Technologies, Inc.®
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] – {F1D5FC88-4EE0-4D0B-917B-60E930142FB9} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD SES Driver Setup - (.Western Digital.) [HKLM] – {924A274D-38B6-4930-8859-F3F51CFA8DDD} =>.Western Digital
O42 - Logiciel: WD SmartWare - (.Western Digital Technologies, Inc..) [HKLM] – {6EE644CD-FC7F-424C-83EA-9C0285C4FB7F} =>.Western Digital Technologies, Inc.
O42 - Logiciel: Win7codecs - (.Shark007.) [HKLM] – {8C0CAA7A-3272-4991-A808-2C7559DE3409} =>.Shark007
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM] – {CCF298AF-9CE1-4B26-B251-486E98A34789} =>.Microsoft Corporation
O42 - Logiciel: Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) - (.ENE.) [HKLM] – 7F523D4F8E191139525DC0260B06BF68E4E581EE =>.ENE Technology Inc.®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] – 5B1D8E9CE6F89F5466353F3E5A7084A126505FEA =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] – 261F972493946CC8B32688E5247ADD2EE612DEB9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] – DA556C9045FE4065F487AF1C9B3992A6AD4C8A66 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] – FB8C5A1BB9B0EB1DBE21E5BBBF6942439C4FB2F9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Ralink (netr28u) Net (11/13/2009 3.00.09.0000) - (.Ralink.) [HKLM] – AB8CA567F16EA6E1DF917E5D13C2A15AD9BB4B14 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Ralink Technology, Corp. (netr28) Net (02/09/2010 - (.Ralink Technology, Corp..) [HKLM] – DA9E83E3434B0A377F6C3573D30A3E6E692E31F2 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] – {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} =>.Microsoft Corporation
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] – Windows Media Encoder 9 =>.Microsoft Corporation
O42 - Logiciel: WinRAR archiver - (.win.rar GmbH.) [HKLM] – WinRAR archiver =>.win.rar GmbH
O42 - Logiciel: WinZip 15.0 - (.WinZip Computing, S.L..) [HKLM] – {CD95F661-A5C4-44F5-A6AA-ECDD91C240BE} =>.WinZip Computing, S.L.

—\ HKCU & HKLM Software Keys (134) - 40s
HKLM\SOFTWARE\121_31
HKLM\SOFTWARE<company>
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Ancestry.com
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Atheros =>.Qualcomm Atheros
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Avg =>.AVG Software
HKLM\SOFTWARE\BCL Technologies =>.BCL Technologies
HKLM\SOFTWARE\Broadcom =>.Broadcom
HKLM\SOFTWARE\Canon =>.Canon
HKLM\SOFTWARE\Caphyon =>.Caphyon
HKLM\SOFTWARE\CBSTEST =>.CBS Test
HKLM\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKLM\SOFTWARE\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\DivXNetworks =>.DivXNetworks
HKLM\SOFTWARE\FlashGet Network
HKLM\SOFTWARE\Gabest =>.Gabest
HKLM\SOFTWARE\GEAR Software =>.GEAR Software
HKLM\SOFTWARE\GNU =>.GNU
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\GRETECH =>.Gretech
HKLM\SOFTWARE\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\HTC =>.HTC
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\inKline Global
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\InterVideo =>.InterVideo
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\LAV =>.LAV Inc
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\MSI =>.MSI
HKLM\SOFTWARE\Nero =>.Ahead Corporation
HKLM\SOFTWARE\Nico Mak Computing =>.Nico Mak Computing
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\PlotSoft =>.PlotSoft
HKLM\SOFTWARE\PocketSoft
HKLM\SOFTWARE\PS
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RealVNC =>.RealVNC
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\Riverbed
HKLM\SOFTWARE\RTLSetup =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\StarterBackgroundChanger
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\TuneUp =>.TuneUp
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WDPA =>.WDPA
HKLM\SOFTWARE\webroot =>.Webroot
HKLM\SOFTWARE\Western Digital =>.Western Digital
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Ancestry.com
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\ASProtect =>.ASPack Software
HKCU\SOFTWARE\Avg =>.AVG Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\CanonBJ =>.Canon Inc.
HKCU\SOFTWARE\Caphyon =>.Caphyon
HKCU\SOFTWARE\CDDB =>.Cddb Software
HKCU\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKCU\SOFTWARE\Code Industry
HKCU\SOFTWARE\CyberLink =>.CyberLink Corporation
HKCU\SOFTWARE\dlink
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\FileHippo.com =>.FileHippo.com
HKCU\SOFTWARE\FileOpen =>.FileOpen Systems Inc.
HKCU\SOFTWARE\FreeTime =>.FreeTime Inc
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRETECH =>.Gretech
HKCU\SOFTWARE\HTC =>.HTC
HKCU\SOFTWARE\ihelper =>.Legitimate
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\InstallPath =>.Legitimate
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Lake =>.Lake Sofware
HKCU\SOFTWARE\LAV =>.LAV Inc
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MSI =>.MSI
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nitro =>.Nitro
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\pdfconverter.com =>.pdfconverter.com
HKCU\SOFTWARE\Photobook Designer
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\PIXAJOY Editor
HKCU\SOFTWARE\PlotSoft =>.PlotSoft
HKCU\SOFTWARE\pocketsoft
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RealVNC =>.RealVNC
HKCU\SOFTWARE\Riverbed
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\TeamViewer =>.TeamViewer
HKCU\SOFTWARE\Teiron =>.Teiron
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TuneUp =>.TuneUp
HKCU\SOFTWARE\Western Digital =>.Western Digital
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\cegcejuhat
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Yahoo =>.Yahoo! Inc.

—\ Contents of the Common Files folders (327) - 38s
O43 - CFD: 14/03/2015 - D – C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 27/02/2012 - D – C:\Program Files\AmIcoSingLun =>.Alcor Micro Corporation
O43 - CFD: 27/02/2012 - D – C:\Program Files\Ashampoo =>.Ashampoo GmbH
O43 - CFD: 22/08/2015 - D – C:\Program Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 07/07/2015 - D – C:\Program Files\AVG =>.AVG Software
O43 - CFD: 18/09/2015 - D – C:\Program Files\BCL Technologies =>.BCL Technologies
O43 - CFD: 27/02/2012 - D – C:\Program Files\Broadcom =>.Broadcom Corporation®
O43 - CFD: 28/10/2016 - D – C:\Program Files\Canon =>.Canon Inc.®
O43 - CFD: 28/10/2016 - HD – C:\Program Files\CanonBJ =>.Canon Inc.
O43 - CFD: 04/02/2017 - D – C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - D – C:\Program Files\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 14/11/2014 - D – C:\Program Files\Code Industry
O43 - CFD: 04/02/2017 - D – C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - D – C:\Program Files\CyberLink =>.CyberLink Corporation
O43 - CFD: 27/02/2012 - D – C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 04/02/2017 - [0] D – C:\Program Files\DownloadYoutubeIE
O43 - CFD: 21/11/2010 - D – C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 18/09/2015 - D – C:\Program Files\Family Tree Maker 2012 {0617082F262673EB00DF1F193DE22525}
O43 - CFD: 09/10/2016 - D – C:\Program Files\FileHippo.com =>.Well Known Media Ltd®
O43 - CFD: 28/02/2012 - D – C:\Program Files\FlashGet Network =>.FlashGet
O43 - CFD: 21/08/2012 - D – C:\Program Files\FreeTime =>.FreeTime
O43 - CFD: 09/10/2016 - D – C:\Program Files\Google =>.Google Inc®
O43 - CFD: 28/02/2012 - D – C:\Program Files\GRETECH =>.GRETECH®
O43 - CFD: 17/12/2016 - D – C:\Program Files\GUM8A16.tmp =>.Google Inc®
O43 - CFD: 07/02/2015 - D – C:\Program Files\HTC =>.HTC
O43 - CFD: 12/09/2015 - D – C:\Program Files\inKline Global
O43 - CFD: 12/09/2015 - HD – C:\Program Files\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 13/04/2012 - D – C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 24/07/2016 - D – C:\Program Files\Internet Download Manager =>.Tonec Inc
O43 - CFD: 17/12/2016 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - D – C:\Program Files\IObit =>.IObit
O43 - CFD: 04/02/2017 - D – C:\Program Files\Java =>.Oracle
O43 - CFD: 28/02/2012 - D – C:\Program Files\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 27/02/2012 - D – C:\Program Files\Lenovo =>.Lenovo
O43 - CFD: 30/10/2016 - D – C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 16/04/2012 - D – C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 21/09/2013 - D – C:\Program Files\Microsoft Application Virtualization Client =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - D – C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 05/02/2017 - D – C:\Program Files\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - D – C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - D – C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - D – C:\Program Files\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - D – C:\Program Files\Microsoft Sync Framework =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - D – C:\Program Files\Microsoft Synchronization Services =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - D – C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - D – C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 09/09/2015 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 22/08/2015 - D – C:\Program Files\MSECache =>.Microsoft Corporation
O43 - CFD: 02/09/2012 - [0] D – C:\Program Files\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - D – C:\Program Files\My Photo Creations (Photobookmart Edition) {00B0948F9E29EED75E31BAF47F5061A0D3}
O43 - CFD: 31/01/2014 - D – C:\Program Files\Nero =>.Ahead Corporation
O43 - CFD: 31/01/2014 - D – C:\Program Files\OpenOffice.org 3 =>.SourceForge
O43 - CFD: 22/08/2015 - D – C:\Program Files\Opera =>.Opera Software
O43 - CFD: 03/09/2016 - D – C:\Program Files\PDF Password Remover
O43 - CFD: 25/12/2013 - D – C:\Program Files\Photobook Designer
O43 - CFD: 08/09/2015 - D – C:\Program Files\Pismo File Mount Audit Package =>.Pismo Technic Inc.®
O43 - CFD: 11/10/2014 - D – C:\Program Files\PIXAJOY Editor
O43 - CFD: 14/11/2014 - D – C:\Program Files\PlotSoft =>.PlotSoft
O43 - CFD: 29/09/2013 - D – C:\Program Files\QuickTime
O43 - CFD: 27/02/2012 - D – C:\Program Files\Realtek =>.Realtek
O43 - CFD: 27/02/2012 - D – C:\Program Files\REALTEK PCIE Wireless LAN Driver =>.Realtek Semiconductor Corp.
O43 - CFD: 22/06/2014 - D – C:\Program Files\RealVNC =>.RealVNC
O43 - CFD: 14/07/2009 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - D – C:\Program Files\Riverbed
O43 - CFD: 26/02/2017 - D – C:\Program Files\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - D – C:\Program Files\S-Bar
O43 - CFD: 24/05/2015 - D – C:\Program Files\Save my Tabs
O43 - CFD: 23/05/2015 - D – C:\Program Files\Sidewise Tree Style Tabs
O43 - CFD: 07/02/2015 - D – C:\Program Files\Spirent Communications =>.Spirent Communications
O43 - CFD: 31/01/2014 - D – C:\Program Files\StarterBackgroundChanger
O43 - CFD: 20/10/2015 - D – C:\Program Files\TeamViewer =>.TeamViewer®
O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - D – C:\Program Files\Western Digital =>.Western Digital Technologies, Inc.®
O43 - CFD: 28/02/2012 - D – C:\Program Files\Win7codecs =>.Shark007
O43 - CFD: 14/07/2013 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 23/05/2015 - D – C:\Program Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - D – C:\Program Files\Windows Media Components =>.Microsoft Corporation®
O43 - CFD: 07/12/2016 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - D – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - D – C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - D – C:\Program Files\WinZip =>.WinZip Computing®
O43 - CFD: 21/08/2016 - [0] D – C:\Program Files\Yahoo! =>.Yahoo!
O43 - CFD: 08/09/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 28/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX420 series
O43 - CFD: 28/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities =>.Canon Inc.
O43 - CFD: 21/03/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 28/02/2012 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam =>.CyberLink Corporation
O43 - CFD: 18/09/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
O43 - CFD: 28/02/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
O43 - CFD: 14/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 12/09/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player =>.Gretech Corporation
O43 - CFD: 07/02/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC =>.HTC
O43 - CFD: 28/07/2016 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 04/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 28/02/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 14/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 30/10/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 14/11/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 09/09/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English) =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Photo Creations (Photobookmart Edition)
O43 - CFD: 31/01/2014 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1 =>.SourceForge
O43 - CFD: 14/11/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill =>.PlotSoft L.L.C.
O43 - CFD: 25/12/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobook Designer
O43 - CFD: 08/09/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pismo File Mount Audit Package
O43 - CFD: 12/10/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXAJOY Editor
O43 - CFD: 29/09/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 22/06/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC =>.RealVNC
O43 - CFD: 26/02/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S-Bar
O43 - CFD: 16/04/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint =>.Microsoft Corporation
O43 - CFD: 28/02/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs =>.Shark007
O43 - CFD: 21/10/2015 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steelhead Mobile
O43 - CFD: 07/09/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.WinZip
O43 - CFD: 31/01/2014 - D – C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 =>.GEAR Software, Inc.
O43 - CFD: 14/03/2015 - D – C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 27/02/2012 - D – C:\ProgramData\AmUStor =>.Alocr Micro
O43 - CFD: 01/07/2012 - D – C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 01/07/2012 - D – C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - D – C:\ProgramData\ashampoo =>.Ashampoo GmbH
O43 - CFD: 27/02/2012 - D – C:\ProgramData\Atheros =>.Qualcomm Atheros
O43 - CFD: 03/01/2013 - D – C:\ProgramData\AutoKMS =>HackTool.AutoKMS
O43 - CFD: 07/09/2015 - D – C:\ProgramData\AVG =>.AVG Software
O43 - CFD: 07/09/2015 - D – C:\ProgramData\AVG2015 =>.AVG Software
O43 - CFD: 23/05/2015 - D – C:\ProgramData\Avg_Update_0215pit =>.AVG Software
O43 - CFD: 31/01/2014 - D – C:\ProgramData\Avira =>.Avira Software
O43 - CFD: 30/06/2012 - D – C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 28/10/2016 - [0] D – C:\ProgramData\Canon IJ Network Tool =>.Canon Inc.
O43 - CFD: 28/10/2016 - HD – C:\ProgramData\CanonBJ =>.Canon Inc.
O43 - CFD: 28/10/2016 - HD – C:\ProgramData\CanonIJFAX =>.Canon Inc.
O43 - CFD: 28/10/2016 - D – C:\ProgramData\CanonIJWSpt =>.Canon Inc.
O43 - CFD: 22/06/2014 - D – C:\ProgramData\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 07/09/2015 - D – C:\ProgramData\CismaUva
O43 - CFD: 04/03/2013 - HD – C:\ProgramData\Common Files =>.Microsoft Corporation
O43 - CFD: 19/05/2012 - D – C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 05/10/2013 - D – C:\ProgramData\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 09/10/2016 - D – C:\ProgramData\Google =>.Google
O43 - CFD: 06/10/2014 - D – C:\ProgramData\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - D – C:\ProgramData\HTC =>.HTC
O43 - CFD: 21/10/2015 - D – C:\ProgramData\IObit =>.IObit
O43 - CFD: 21/03/2015 - D – C:\ProgramData\IsolatedStorage =>.id Software
O43 - CFD: 12/09/2015 - D – C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 01/07/2012 - D – C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 21/10/2015 - D – C:\ProgramData\MFAData =>.AVG Software
O43 - CFD: 21/11/2016 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - D – C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 08/09/2015 - D – C:\ProgramData\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 31/01/2014 - D – C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 25/05/2013 - D – C:\ProgramData\Nitro =>.Nitro
O43 - CFD: 04/02/2017 - D – C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 07/09/2015 - D – C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - D – C:\ProgramData\PDVD =>.PDVD
O43 - CFD: 14/11/2014 - [0] D – C:\ProgramData\PlotSoft =>.PlotSoft
O43 - CFD: 21/08/2016 - D – C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - D – C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - D – C:\ProgramData\Riverbed
O43 - CFD: 26/02/2017 - D – C:\ProgramData\RogueKiller =>.Adlice
O43 - CFD: 09/10/2016 - D – C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - [0] D – C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - D – C:\ProgramData\TuneUp Software =>.TuneUp Software
O43 - CFD: 04/05/2012 - D – C:\ProgramData\VirtualizedApplications =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - D – C:\ProgramData\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - D – C:\ProgramData\Win7codecs =>.Shark007
O43 - CFD: 27/02/2012 - D – C:\ProgramData\WinZip =>.WinZip
O43 - CFD: 07/10/2015 - HD – C:\ProgramData{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
O43 - CFD: 14/03/2015 - D – C:\Program Files\Common Files\Adobe =>.Adobe
O43 - CFD: 07/09/2015 - [0] D – C:\Program Files\Common Files\AV =>.Avast
O43 - CFD: 09/09/2015 - D – C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/09/2015 - D – C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 27/02/2012 - D – C:\Program Files\Common Files\Intel =>.Intel Corporation
O43 - CFD: 08/09/2015 - D – C:\Program Files\Common Files\IObit =>.IObit
O43 - CFD: 04/02/2017 - D – C:\Program Files\Common Files\Java =>.Oracle
O43 - CFD: 16/09/2015 - D – C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 07/02/2015 - D – C:\Program Files\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 27/02/2012 - D – C:\Program Files\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 30/10/2014 - D – C:\Program Files\Common Files\PS
O43 - CFD: 14/07/2009 - D – C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Program Files\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - D – C:\Program Files\Common Files\System =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - D – C:\Program Files\Common Files\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - D – C:\Program Files\Common Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 25/02/2014 - D – C:\Users\MSI CR-460\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 08/09/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 07/07/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\AVG2015 =>.AVG Software
O43 - CFD: 01/07/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\BITS =>.BITS
O43 - CFD: 21/11/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\BitTorrent
O43 - CFD: 28/10/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\Canon =>.Canon
O43 - CFD: 19/05/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/10/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\dlink
O43 - CFD: 23/07/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 27/11/2013 - D – C:\Users\MSI CR-460\AppData\Roaming\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\FamilyTreeMaker
O43 - CFD: 05/10/2013 - D – C:\Users\MSI CR-460\AppData\Roaming\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 01/07/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\FlashGet =>.FlashGet
O43 - CFD: 08/07/2014 - D – C:\Users\MSI CR-460\AppData\Roaming\Google =>.Google
O43 - CFD: 01/07/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\HTC =>.HTC
O43 - CFD: 13/04/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\IDM =>.IDM
O43 - CFD: 25/08/2013 - D – C:\Users\MSI CR-460\AppData\Roaming\ihelper
O43 - CFD: 06/10/2013 - D – C:\Users\MSI CR-460\AppData\Roaming\ILOVEPHOTOBOOK v2.5.4
O43 - CFD: 08/09/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\IObit =>.IObit
O43 - CFD: 23/04/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 21/03/2015 - [0] D – C:\Users\MSI CR-460\AppData\Roaming\Media Player Classic =>.Microsoft Corporation
O43 - CFD: 28/08/2016 - SD – C:\Users\MSI CR-460\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 23/05/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 05/10/2013 - D – C:\Users\MSI CR-460\AppData\Roaming\Nitro =>.Nitro
O43 - CFD: 27/11/2013 - D – C:\Users\MSI CR-460\AppData\Roaming\Nitro PDF =>.Nitro PDF
O43 - CFD: 22/08/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 11/10/2014 - D – C:\Users\MSI CR-460\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 01/01/2014 - D – C:\Users\MSI CR-460\AppData\Roaming\Photobook Designer
O43 - CFD: 12/10/2013 - D – C:\Users\MSI CR-460\AppData\Roaming\PIXAJOY Editor
O43 - CFD: 08/09/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\ProductData =>.Microsoft Corporation
O43 - CFD: 22/06/2014 - D – C:\Users\MSI CR-460\AppData\Roaming\RealVNC =>.RealVNC
O43 - CFD: 13/04/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\RGE
O43 - CFD: 18/09/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\Skype =>.Skype
O43 - CFD: 28/10/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 08/09/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 21/06/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 04/02/2017 - D – C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 13/04/2012 - [0] D – C:\Users\MSI CR-460\AppData\Roaming\TP =>.TP
O43 - CFD: 23/05/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\TuneUp Software =>.TuneUp Software
O43 - CFD: 21/03/2015 - D – C:\Users\MSI CR-460\AppData\Roaming\uTorrent
O43 - CFD: 16/04/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 26/02/2017 - D – C:\Users\MSI CR-460\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 04/02/2017 - D – C:\Users\MSI CR-460\AppData\Local\Adobe =>.Adobe
O43 - CFD: 18/09/2015 - D – C:\Users\MSI CR-460\AppData\Local\Ancestry.com
O43 - CFD: 13/04/2012 - D – C:\Users\MSI CR-460\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 07/02/2015 - D – C:\Users\MSI CR-460\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 13/04/2012 - [0] SHD – C:\Users\MSI CR-460\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 03/07/2012 - D – C:\Users\MSI CR-460\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - D – C:\Users\MSI CR-460\AppData\Local\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - D – C:\Users\MSI CR-460\AppData\Local\Avg2015 =>.AVG Software
O43 - CFD: 24/12/2013 - D – C:\Users\MSI CR-460\AppData\Local\cache =>.Legitimate
O43 - CFD: 22/06/2014 - D – C:\Users\MSI CR-460\AppData\Local\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 19/05/2012 - D – C:\Users\MSI CR-460\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 26/02/2017 - [0] D – C:\Users\MSI CR-460\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 28/06/2015 - [0] D – C:\Users\MSI CR-460\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [0] D – C:\Users\MSI CR-460\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [0] SHD – C:\Users\MSI CR-460\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD – C:\Users\MSI CR-460\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD – C:\Users\MSI CR-460\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
O43 - CFD: 23/07/2016 - D – C:\Users\MSI CR-460\AppData\Local\Google =>.Google
O43 - CFD: 13/04/2012 - [0] SHD – C:\Users\MSI CR-460\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - D – C:\Users\MSI CR-460\AppData\Local\HTC MediaHub =>.HTC MediaHub
O43 - CFD: 18/09/2015 - D – C:\Users\MSI CR-460\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 11/08/2012 - D – C:\Users\MSI CR-460\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 14/11/2014 - [0] D – C:\Users\MSI CR-460\AppData\Local\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 13/04/2012 - D – C:\Users\MSI CR-460\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 23/05/2015 - D – C:\Users\MSI CR-460\AppData\Local\MFAData =>.AVG Software
O43 - CFD: 23/05/2015 - D – C:\Users\MSI CR-460\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/08/2016 - D – C:\Users\MSI CR-460\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - D – C:\Users\MSI CR-460\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 13/04/2012 - D – C:\Users\MSI CR-460\AppData\Local\MSI =>.MSI
O43 - CFD: 22/08/2015 - D – C:\Users\MSI CR-460\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 23/07/2016 - D – C:\Users\MSI CR-460\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 21/03/2015 - [0] D – C:\Users\MSI CR-460\AppData\Local\RealVNC =>.RealVNC
O43 - CFD: 01/05/2012 - D – C:\Users\MSI CR-460\AppData\Local\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - D – C:\Users\MSI CR-460\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [0] SHD – C:\Users\MSI CR-460\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - D – C:\Users\MSI CR-460\AppData\Local\TuneUp Software =>.TuneUp Software
O43 - CFD: 20/08/2012 - D – C:\Users\MSI CR-460\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - D – C:\Users\MSI CR-460\AppData\Local\Western Digital =>.Western Digital
O43 - CFD: 07/09/2015 - D – C:\Users\MSI CR-460\AppData\Local\Western_Digital_Technolog =>.Western Digital Technologies
O43 - CFD: 30/10/2014 - [0] D – C:\Users\MSI CR-460\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 23/07/2016 - D – C:\Users\MSI CR-460\AppData\Local\Programs\Google =>.Google
O43 - CFD: 14/07/2009 - RD – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - RD – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 21/08/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory =>.FormatFactory
O43 - CFD: 23/07/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup =>.Google Inc.
O43 - CFD: 28/07/2016 - [0] D – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 14/07/2009 - RD – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 03/09/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Password Remover
O43 - CFD: 24/11/2016 - RD – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - D – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 03/07/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - D – C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D – C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D – C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\Avg2015 =>.AVG Software
O43 - CFD: 25/02/2013 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\Google =>.Google
O43 - CFD: 27/02/2012 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\MediaServer =>.MediaServer
O43 - CFD: 07/06/2015 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\MFAData =>.AVG Software
O43 - CFD: 23/05/2015 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
O43 - CFD: 24/05/2015 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - D – C:\windows\System32\Config\systemprofile\AppData\L ocal\TuneUp Software =>.TuneUp Software
O43 - CFD: 01/07/2012 - D – C:\windows\System32\Config\systemprofile\AppData\R oaming\Apple Computer =>.Apple Inc.
O43 - CFD: 07/07/2015 - D – C:\windows\System32\Config\systemprofile\AppData\R oaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - D – C:\windows\System32\Config\systemprofile\AppData\R oaming\AVG2015 =>.AVG Software
O43 - CFD: 08/09/2015 - D – C:\windows\System32\Config\systemprofile\AppData\R oaming\IObit =>.IObit
O43 - CFD: 24/05/2015 - D – C:\windows\System32\Config\systemprofile\AppData\R oaming\McAfee =>.McAfee
O43 - CFD: 28/02/2012 - SD – C:\windows\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 25/02/2017 - D – C:\windows\System32\Config\systemprofile\AppData\R oaming\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - D – C:\windows\System32\Config\systemprofile\AppData\R oaming\TuneUp Software =>.TuneUp Software

—\ ShellIconOverlayIdentifiers (SIOI) (10) - 0s
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) – C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) – C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) – C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) – C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) – C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) – C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) – C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) – C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

—\ ShareTools MSconfig StartupReg (1) - 0s
O53 - SMSR:HKLM...\startupreg\MSC [Key] . (.Microsoft Corporation - Microsoft Security Client User Interface.) – c:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation

—\ System Drivers List (89) - 75s
O58 - SDL:2013/08/31 01:51:25 RA . (.Cisco Systems, Inc. - Cisco AnyConnect Kernel Driver Framework So.) – C:\windows\System32\drivers\acsock.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\windows\System32\drivers\adp94xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\windows\System32\drivers\adpahci.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) – C:\windows\System32\drivers\adpu320.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\windows\System32\drivers\aliide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) – C:\windows\System32\drivers\amdsata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\windows\System32\drivers\amdsbs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\windows\System32\drivers\amdxata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\windows\System32\drivers\arc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\windows\System32\drivers\arcsas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/06/26 21:37:12 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) – C:\windows\System32\drivers\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2015/08/04 11:33:00 A . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) – C:\windows\System32\drivers\avgtdix.sys [92112] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2009/07/14 02:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) – C:\windows\System32\drivers\b57nd60x.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) – C:\windows\System32\drivers\BrFiltLo.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) – C:\windows\System32\drivers\BrFiltUp.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 04:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) – C:\windows\System32\drivers\BrSerId.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) – C:\windows\System32\drivers\BrSerWdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) – C:\windows\System32\drivers\BrUsbMdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) – C:\windows\System32\drivers\BrUsbSer.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) – C:\windows\System32\drivers\bxvbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2010/08/20 22:49:06 A . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) – C:\windows\System32\drivers\clwvd.sys [92112] =>.CyberLink®
O58 - SDL:2009/07/14 05:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) – C:\windows\System32\drivers\cmdide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2010/11/11 10:11:08 A . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) – C:\windows\System32\drivers\diskperf.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 05:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) – C:\windows\System32\drivers\djsvs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) – C:\windows\System32\drivers\elxstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) – C:\windows\System32\drivers\evbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) – C:\windows\System32\drivers\hcw85cir.sys [92112] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/10/20 04:33:40 A . (.Intel Corporation - Intel(R) Management Engine Interface.) – C:\windows\System32\drivers\HECI.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\windows\System32\drivers\HpSAMD.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/17 11:27:02 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) – C:\windows\System32\drivers\htcnprot.sys [92112] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2009/10/27 07:01:06 A . (.QUALCOMM Incorporated - USB Modem/Serial Device Driver.) – C:\windows\System32\drivers\HtcVComV32.sys [92112] =>.QUALCOMM Incorporated
O58 - SDL:2015/09/08 08:52:09 A . (.REALiX™ - HWiNFO x86 Kernel Driver.) – C:\windows\System32\drivers\HWiNFO32.SYS [92112] =>.Martin Malik - REALiX®
O58 - SDL:2011/03/11 09:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) – C:\windows\System32\drivers\iaStorV.sys [92112] =>.Microsoft Windows®
O58 - SDL:2012/01/27 04:48:06 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) – C:\windows\System32\drivers\idmwfp.sys [92112] =>.Tonec Inc.®
O58 - SDL:2012/03/19 19:27:04 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) – C:\windows\System32\drivers\igdkmd32.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) – C:\windows\System32\drivers\iirsp.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/30 12:11:38 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) – C:\windows\System32\drivers\IntcDAud.sys [92112] =>.Intel(R) Corporation
O58 - SDL:2010/07/28 20:25:02 A . (.Initio Corporation - Initio Default Vendor Specific Device Drive.) – C:\windows\System32\drivers\ivusb.sys [92112] =>.Initio Corporation®
O58 - SDL:2010/10/21 10:57:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) – C:\windows\System32\drivers\L1C62x86.sys [92112] =>.Atheros Communications Inc.®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) – C:\windows\System32\drivers\lsi_fc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\windows\System32\drivers\lsi_sas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\windows\System32\drivers\lsi_sas2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) – C:\windows\System32\drivers\lsi_scsi.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\windows\System32\drivers\mbam.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) – C:\windows\System32\drivers\mbamchameleon.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2017/02/04 07:54:26 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\windows\System32\drivers\MBAMSwissArmy.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) – C:\windows\System32\drivers\megasas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\windows\System32\drivers\MegaSR.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:04 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) – C:\windows\System32\drivers\mwac.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/11/14 05:44:34 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) – C:\windows\System32\drivers\netr28u.sys [92112] =>.Ralink Technology Corp.
O58 - SDL:2009/07/14 05:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) – C:\windows\System32\drivers\nfrd960.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\windows\System32\drivers\nvraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\windows\System32\drivers\nvstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/07/01 01:56:32 A . (.Pismo Technic Inc. - System Extension - Pismo File Mount.) – C:\windows\System32\drivers\pfmfs_178.sys [92112] =>.Pismo Technic Inc.®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) – C:\windows\System32\drivers\ql2300.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) – C:\windows\System32\drivers\ql40xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/07 12:36:30 A . (.Riverbed Technology, Inc - Steelhead Mobile Client.) – C:\windows\System32\drivers\rbtnfd.sys [92112]
O58 - SDL:2011/06/10 02:34:52 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) – C:\windows\System32\drivers\Rt86win7.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/01/04 21:08:58 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) – C:\windows\System32\drivers\rtl8192ce.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/03/15 14:09:16 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) – C:\windows\System32\drivers\RtsUVStor.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 00:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) – C:\windows\System32\drivers\secdrv.sys [92112] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\windows\System32\drivers\sisraid2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\windows\System32\drivers\sisraid4.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) – C:\windows\System32\drivers\stexstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2017/02/26 16:10:05 A . (…) – C:\windows\System32\drivers\TrueSight.sys [92112] =>.Adlice®
O58 - SDL:2017/02/25 12:40:53 A . (.Zaitsev Oleg, 2006 - AVZGuard Driver.) – C:\windows\System32\drivers\ujiyodk3.sys [92112]
O58 - SDL:2012/12/13 10:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) – C:\windows\System32\drivers\usbaapl.sys [92112] =>.Apple, Inc.
O58 - SDL:2017/02/05 13:40:58 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) – C:\windows\System32\drivers\utiyodk3.sys [92112]
O58 - SDL:2009/07/14 05:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\windows\System32\drivers\viaide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/24 20:21:14 A . (.RealVNC Ltd. - VNC Mirror Miniport.) – C:\windows\System32\drivers\vncmirror.sys [92112] =>.RealVNC Ltd.
O58 - SDL:2013/08/31 01:53:13 A . (.Cisco Systems, Inc. - Cisco AnyConnect Secure Mobility Client Vir.) – C:\windows\System32\drivers\vpnva-6.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\windows\System32\drivers\vsmraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/04/30 00:01:06 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) – C:\windows\System32\drivers\wdcsam.sys [92112] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2009/07/14 01:40:41 A . (…) – C:\windows\System32\ANSI.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/10/05 21:31:50 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) – C:\windows\System32\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 01:40:44 A . (…) – C:\windows\System32\country.sys [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:40 A . (…) – C:\windows\System32\HIMEM.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (…) – C:\windows\System32\KEY01.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (…) – C:\windows\System32\KEYBOARD.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:23 A . (…) – C:\windows\System32\NTDOS.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:31 A . (…) – C:\windows\System32\NTDOS404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:35 A . (…) – C:\windows\System32\NTDOS411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:39 A . (…) – C:\windows\System32\NTDOS412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:27 A . (…) – C:\windows\System32\NTDOS804.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:11 A . (…) – C:\windows\System32\NTIO.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:15 A . (…) – C:\windows\System32\NTIO404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:17 A . (…) – C:\windows\System32\NTIO411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:19 A . (…) – C:\windows\System32\NTIO412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:13 A . (…) – C:\windows\System32\NTIO804.SYS [92112] =>.Microsoft Corporation

—\ Last modified or created user files (1) - 35s
O61 - LFC: 2017/02/25 12:16:44 A . (.Alex Dragokas.) – C:\Users\MSI CR-460\Desktop\clearlnk_2.9.0.11.exe [462976]

—\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S

—\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

—\ Search Browser Infection (3) - 3s
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

—\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) – C:\Windows\System32\aelupsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\System32\srvsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\IKEEXT.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) – C:\Windows\System32\audiosrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) – C:\Windows\System32\termsrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\System32\wuaueng.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\System32\seclogon.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\System32\iscsiexe.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) – C:\Windows\System32\mmcss.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\Windows\System32\wercplsupport.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\System32\profsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\System32\schedsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) – C:\Windows\System32\KMSVC.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\System32\wbem\WMIsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\Windows\System32\browser.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\System32\themeservice.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [92112] =>.Microsoft Corporation

—\ Additional Scan (O88) (8) - 0s
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnligehkhogpcngalffdoomehj cbecna =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehmndecgbcffhmfjkenpamdge chcgpe =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda =>Hijacker.Browser
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\U ninstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\U ninstall{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
C:\ProgramData\AutoKMS =>HackTool.AutoKMS

—\ Summary of the elements found (5) - 0s
Redirecting... =>.Superfluous.Linkury
Hijacker Browser, un pirate de navigateur internet. - ZAM =>Hijacker.Browser
Heuristic Suspect, 1 Logiciel Indésirable. - ZAM =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/15...are-quicktime/ =>Riskware.QuickTime
AutoKMS, Application Potentiellement Superflue. - ZAM =>HackTool.AutoKMS

~ Unselected Options: O82,
~ End of the scan, 71591 items in 05mn42s (1078)(0)

**Malnutrition** · 02-26-2017, 02:12 PM

Clean up temp files and reduce startup load with CCleaner.

Note: This tool will clean your browsing history as well.
[ul]
[li]Download CCleaner from here.[/li][li]After install Click Options.[/li][li]Go to monitoring.[/li][li]Uncheck All Monitoring items.[/li][li]Go to advanced – Click close program after cleaning.[/li][li]Go to settings – click run ccleaner when the computer starts.[/li][li]Now that you have ccleaner installed and set-up:[/li][li]Open the program.[/li][li]Go to Tools[/li][li]Go to Startup[/li][li]Now double click each item. To Disable.[/li][li]Leave only your antivirus enabled.[/li][li]Then disable All items in your scheduled task as well.[/li][li]Unless they are related to windows defender.Or your antivirus.[/li][li]Reboot the machine.[/li][/ul]
ZHP Scan.

Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.

Once you have started the program, you will need to click the scanner button.

[IMG alt="EgsT69u" width="602px" height="129px"]https://windowsinstructed.com/wp-content/uploads/2015/06/EgsT69u.png[/IMG]

The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
[URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.

Adware Removal Tool Scan.

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

[MEDIA=imgur]LOr0Gd7[/MEDIA]

Hit Ok.

[MEDIA=imgur]sYFsqHx[/MEDIA]

Hit next make sure to leave all items checked, for removal.

[MEDIA=imgur]8NcZjGc[/MEDIA]

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

**Malnutrition** · 02-26-2017, 02:35 PM

ZHP Fix [MEDIA=imgur]4bd9Ugb[/MEDIA]
[ul]
[li]Disable your antivirus prior to this fix![/li]
[li]Download ZHP-Fix from here.[/li][li]Install it.[/li][li]Click Suivant 5 Times.[/li][li]Then Installer.[/li][li]Then Terminer.[/li][li]Then right clcick the ZHP Fix icon Run as admin.[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li]
[li]Then click on import.[/li][li]Then click GO.[/li][li]Allow completion.[/li][li]A log file will appear on your desktop. [/li]
[li]Post it here in your next reply.[/li][/ul]

Code:

Script ZhpFix
SysRestore
EmptyFlash
EmptyTemp
ProxyFix
EmptyCLSID
[MD5.00000000000000000000000000000000] [APT] [Microsoft\Windows\Autochk\Proxy] (...) -- C:\windows\system32\rundll32.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
G2 - GCE: Preference [User Data\Default] [dnligehkhogpcngalffdoomehjcbecna] Baboom Search =>.Superfluous.Linkury
G2 - GCE: Preference [User Data\Default] [gehmndecgbcffhmfjkenpamdgechcgpe] Baboom Search =>.Superfluous.Linkury
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\121_31
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\TuneUp =>.TuneUp
HKLM\SOFTWARE\yahoo =>.Yahoo! Inc.
HKLM\SOFTWARE\webroot =>.Webroot
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\Yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\AppDataLow\Software\cegcejuhat
HKCU\SOFTWARE\AppDataLow\Software\Yahoo =>.Yahoo! Inc.
O43 - CFD: 04/02/2017 - [0] D -- C:\Program Files\DownloadYoutubeIE
O43 - CFD: 17/12/2016 - [] D -- C:\Program Files\GUM8A16.tmp =>.Google Inc®
O43 - CFD: 08/08/2016 - [] D -- C:\Program Files\IObit =>.IObit
O43 - CFD: 21/08/2016 - [0] D -- C:\Program Files\Yahoo! =>.Yahoo!
O43 - CFD: 03/01/2013 - [] D -- C:\ProgramData\AutoKMS =>HackTool.AutoKMS
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\AVG =>.AVG Software
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\AVG2015 =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\ProgramData\Avg_Update_0215pit =>.AVG Software
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\Avira =>.Avira Software
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\CismaUva
O43 - CFD: 21/10/2015 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 21/10/2015 - [] D -- C:\ProgramData\MFAData =>.AVG Software
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\TuneUp Software =>.TuneUp Software
O43 - CFD: 07/09/2015 - [0] D -- C:\Program Files\Common Files\AV =>.Avast
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files\Common Files\IObit =>.IObit
O43 - CFD: 07/07/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\AVG2015 =>.AVG Software
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\IObit =>.IObit
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\TuneUp Software =>.TuneUp Software
O43 - CFD: 21/03/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\uTorrent
O43 - CFD: 07/07/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Avg2015 =>.AVG Software
O43 - CFD: 06/10/2014 - [] D -- C:\Users\MSI CR-460\AppData\Local\TuneUp Software =>.TuneUp Software
O43 - CFD: 07/07/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Avg2015 =>.AVG Software
O43 - CFD: 07/06/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\MFAData =>.AVG Software
O43 - CFD: 07/07/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\AVG2015 =>.AVG Software
O43 - CFD: 08/09/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\IObit =>.IObit
O43 - CFD: 24/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\McAfee =>.McAfee
O43 - CFD: 06/10/2014 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\TuneUp Software =>.TuneUp Software
O43 - CFD: 06/10/2014 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\TuneUp Software =>.TuneUp Software
O58 - SDL:2015/08/04 11:33:00 A . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\windows\System32\drivers\avgtdix.sys [92112] =>.AVG Technologies CZ, s.r.o.®
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnligehkhogpcngalffdoomehjcbecna =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehmndecgbcffhmfjkenpamdgechcgpe =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda =>Hijacker.Browser
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
C:\ProgramData\AutoKMS =>HackTool.AutoKMS

You need to copy and paste into the ZHP fix app.

Forums - PC Help Forum

https://pchelpforum.net/attachments/upload_2017-1-7_20-3-7-png.1305/

PCHF Forums

**Malnutrition** · 02-27-2017, 11:29 AM

@toreee Do you have an update for us?

**Malnutrition** · 02-28-2017, 01:05 AM

@toreee After you complete the latest steps, if you do have the issue anymore… Please post a screen shot of the exact error.

**Malnutrition** · 03-01-2017, 01:14 PM

@toreee Do you have an update for us?

**Malnutrition** · 03-02-2017, 09:10 AM

Hello @toreee how are you moving along with the instructions? Have you got an update for us?

Please update this thread within 48 hours, or it will be closed. You can however have it re-opened at any time, by sending a private message to a staff member.

**Malnutrition** · 03-06-2017, 04:58 AM

Hello @toreee Thread reopened at your request…

How to remove rundll32.exe virus.

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment