Malware Shows Up With FF and in Legitimate Emails

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • User101
    PCHF Member
    • Sep 2016
    • 103

    #1

    Malware Shows Up With FF and in Legitimate Emails

    #1: Bottom left corner of FF shows:
    1. S3.amazonaws.com
    2. dt.adsafeprotected
    3. Google Analytics

    #2: Malwarebytes says Outlook emails (verified from legitimate senders) are linking to “Maliciuous websites” and is blocking the outbound URLs.

    ZHP text file:


    ~ ZHPDiag v2017.3.2.38 By Nicolas Coolman (2017/03/02)
    [/quote]


    ~ Run by Admin (Administrator) (2017/03/05 07:36:22)
    ~ Web: https://www.nicolascoolman.com
    ~ Blog: https://nicolascoolman.eu/
    ~ Facebook: ZHP
    ~ State version: Version KO
    ~ Mode: Scan
    ~ Report: C:\Users\Simcha\Desktop\ZHPDiag.txt
    ~ Report: C:\Users\Simcha\AppData\Roaming\ZHP\ZHPDiag.txt
    ~ UAC: Deactivate
    ~ System startup: Normal (Normal boot)
    Windows 7 Home Premium, 64-bit (Build 7600) =>.Microsoft Corporation

    —\ Internet Browsers (3) - 0s
    ~ GCIE: Google Chrome v56.0.2924.87
    ~ MFIE: Mozilla Firefox 51.0.1 (x86 en-US)
    ~ MSIE: Internet Explorer v8.0.7600.16385

    —\ Windows Product Information (4) - 3s
    ~ Windows Server License Manager Script : OK
    ~ Licence Script File Génération : OK
    Windows Automatic Updates : KO
    Windows Activation Technologies : OK

    —\ System protection software (3) - 3s
    Avast Pro Antivirus v17.2.2288 (Protection)
    Malwarebytes Anti-Malware version 2.2.1.1043 (Protection)
    ZoneAlarm Security v10.2.081.000 (Protection)

    —\ Surveillance software (2) - 4s
    ~ Adobe Flash Player 24 NPAPI (Surveillance)
    ~ Adobe Reader 9.5.4 (Surveillance)

    —\ Information on the system (6) - 0s
    ~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
    ~ Operating System: 64-bit
    ~ Boot mode: Normal (Normal boot)
    Total RAM: 8352.752 MB (65% free) : OK =>.RAM Value
    System Restore: Activé (Enable)
    System drive C: has 618 GB (65%) free of 938 GB : OK =>.Disk Space

    —\ Connection to the system mode (3) - 0s
    ~ Computer Name: PC05
    ~ User Name: Admin
    ~ Logged in as Administrator

    —\ Enumeration of the disk units (1) - 0s
    ~ Drive C: has 618 GB free of 938 GB (System)

    —\ State of the Windows Security Center (11) - 0s
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
    [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\Explorer] NoActiveDesktopChanges: Modified
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\system] EnableLUA: Modified
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations] Application: OK
    [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
    [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
    [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

    —\ Search Generic System Files (24) - 1s
    [MD5.9AAAEC8DAC27AA17B053E6352AD233AE] - 09/02/2011 - (.Microsoft Corporation - Windows Explorer.) – C:\Windows\Explorer.exe [2870272] =>.Microsoft Corporation
    [MD5.DD81D91FF3B0763C392422865C9AC12E] - 13/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) – C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
    [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 13/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) – C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
    [MD5.E71DB117DBDA6B33646F37936C17D226] - 21/12/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) – C:\Windows\System32\wininet.dll [1197056] =>.Microsoft Corporation
    [MD5.DA3E2A6FA9660CC75B471530CE88453A] - 09/02/2011 - (.Microsoft Corporation - Windows Logon Application.) – C:\Windows\System32\Winlogon.exe [389632] =>.Microsoft Corporation
    [MD5.75341574F21E766748732BDF530C74BD] - 13/07/2009 - (.Microsoft Corporation - Software Licensing Library.) – C:\Windows\System32\sppcomapi.dll [231936] =>.Microsoft Corporation
    [MD5.05A2D26ACF0939A4E97160315F1FA12E] - 13/07/2009 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\System32\dnsapi.dll [356352] =>.Microsoft Corporation
    [MD5.6D5A49D6479EB753C7879F73A4C35E0F] - 13/07/2009 - (.Microsoft Corporation - DNS Client API DLL.) – C:\Windows\Syswow64\dnsapi.dll [269824] =>.Microsoft Corporation
    [MD5.B9384E03479D2506BC924C16A3DB87BC] - 13/07/2009 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) – C:\Windows\System32\drivers\AFD.sys [500224] =>.Microsoft Corporation
    [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 13/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) – C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
    [MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) – C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
    [MD5.83D2D75E1EFB81B3450C18131443F7DB] - 13/07/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) – C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
    [MD5.3F1DC527070ACB87E40AFE46EF6DA749] - 13/07/2009 - (.Microsoft Corporation - DFS Namespace Client Driver.) – C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
    [MD5.0A49913402747A0B67DE940FB42CBDBB] - 13/07/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) – C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
    [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) – C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
    [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) – C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
    [MD5.767A4C3BCF9410C286CED15A2DB17108] - 09/02/2011 - (.Microsoft Corporation - Windows NT SMB Minirdr.) – C:\Windows\System32\drivers\MRxSmb.sys [157696] =>.Microsoft Corporation
    [MD5.9162B273A44AB9DCE5B44362731D062A] - 13/07/2009 - (.Microsoft Corporation - MBT Transport driver.) – C:\Windows\System32\drivers\netBT.sys [259072] =>.Microsoft Corporation
    [MD5.356698A13C4630D5B31C37378D469196] - 13/07/2009 - (.Microsoft Corporation - NT File System Driver.) – C:\Windows\System32\drivers\ntfs.sys [1659984] =>.Microsoft Windows®
    [MD5.0086431C29C35BE1DBC43F52CC273887] - 13/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) – C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
    [MD5.87A6E852A22991580D6D39ADC4790463] - 13/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) – C:\Windows\System32\drivers\Rasl2tp.sys [130048] =>.Microsoft Corporation
    [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) – C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
    [MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - 13/07/2009 - (.Microsoft Corporation - TDI Translation Driver.) – C:\Windows\System32\drivers\tdx.sys [99840] =>.Microsoft Corporation
    [MD5.58F82EED8CA24B461441F9C3E4F0BF5C] - 13/07/2009 - (.Microsoft Corporation - Volume Shadow Copy Driver.) – C:\Windows\System32\drivers\volsnap.sys [294992] =>.Microsoft Windows®

    —\ Non Microsoft non disabled Windows Services (23) - 1s
    O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE =>.SUPERAntiSpyware.com®
    O23 - Service: Acronis Remote Agent Service (AcronisAgent) . (.Acronis - Agent Core.) - C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe =>.Acronis International GmbH®
    O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe =>.Acronis International GmbH®
    O23 - Service: APC Data Service (APC Data Service) . (.Schneider Electric - PowerChute Data Service.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe =>.American Power Conversion®
    O23 - Service: APC UPS Service (APC UPS Service) . (.Schneider Electric - Battery Backup Management Service.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe =>.American Power Conversion®
    O23 - Service: Acronis Removable Storage Management Service (ARSM) . (.Acronis - ARSM.) - C:\Program Files (x86)\Acronis\ARSM\arsm.exe =>.Acronis International GmbH®
    O23 - Service: WebEx Service Host for Support Center (atashost) . (.Cisco WebEx LLC - WebEx Host for Support Center.) - C:\Windows\SysWOW64\atashost.exe =>.Cisco WebEx LLC®
    O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - Avast Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
    O23 - Service: Dell Data Vault (DellDataVault) . (.Dell Inc. - Dell Data Vault Service.) - C:\Program Files\Dell\DellDataVault\DellDataVault.exe =>.Techporch Incorporated®
    O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) . (.Dell Inc. - Dell Data Vault Wizard.) - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe =>.Techporch Incorporated®
    O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) . (.Digital Wave Ltd. - Digital Wave Update Service.) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe =>.Digital Wave Ltd®
    O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
    O23 - Service: ZoneAlarm LTD Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm Browser Security.) - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe =>.Check Point Software Technologies Ltd.®
    O23 - Service: LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe =>.LogMeIn, Inc.®
    O23 - Service: LogMeIn Maintenance Service (LMIMaint) . (.LogMeIn, Inc. - LogMeIn Maintenance Service.) - C:\Program Files (x86)\LogMeIn\x64\ramaint.exe =>.LogMeIn, Inc.®
    O23 - Service: LogMeIn (LogMeIn) . (.LogMeIn, Inc. - LogMeIn.) - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe =>.LogMeIn, Inc.®
    O23 - Service: (MBAMScheduler) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
    O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
    O23 - Service: Acronis Managed Machine Service (MMS) . (.Acronis - Acronis Managed Machine Service.) - C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe =>.Acronis International GmbH®
    O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc. - Service.) - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe =>.Dell Inc®
    O23 - Service: TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 11.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer®
    O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe =>.Check Point Software Technologies Ltd.®
    O23 - Service: X10 Device Network Service (x10nets) . (.X10 - X10 Module.) - C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe =>.X10

    —\ Services not Microsoft (SR=Run, SS=Stop) (40) - 30s
    SR - Auto [08/02/2017] [ 173472] SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE =>.SUPERAntiSpyware.com®
    SR - Auto [08/10/2015] [ 2140656] Acronis Remote Agent Service (AcronisAgent) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe =>.Acronis International GmbH®
    SR - Auto [06/04/2016] [ 1209336] Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe =>.Acronis International GmbH®
    SR - Auto [24/01/2012] [ 21880] APC Data Service (APC Data Service) . (.Schneider Electric.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe =>.American Power Conversion®
    SR - Auto [24/01/2012] [ 705912] APC UPS Service (APC UPS Service) . (.Schneider Electric.) - C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe =>.American Power Conversion®
    SS - Disabl [18/02/2011] [ 37664] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
    SR - Auto [06/04/2016] [ 6087592] Acronis Removable Storage Management Service (ARSM) . (.Acronis.) - C:\Program Files (x86)\Acronis\ARSM\arsm.exe =>.Acronis International GmbH®
    SR - Demand [28/02/2017] [ 7147320] aswbIDSAgent (aswbIDSAgent) . (.AVAST Software s.r.o..) - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe =>.AVAST Software s.r.o.®
    SR - Auto [22/05/2016] [ 149440] WebEx Service Host for Support Center (atashost) . (.Cisco WebEx LLC.) - C:\Windows\SysWOW64\atashost.exe =>.Cisco WebEx LLC®
    SR - Auto [28/02/2017] [ 262736] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe =>.AVAST Software s.r.o.®
    SS - Disabl [07/10/2010] [ 345376] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe =>.Apple Inc.®
    SR - Demand [23/10/2014] [ 289792] BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe =>.Brother Industries, Ltd.
    SR - Auto [11/09/2015] [ 2574168] Dell Data Vault (DellDataVault) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DellDataVault.exe =>.Techporch Incorporated®
    SR - Auto [11/09/2015] [ 201560] Dell Data Vault Wizard (DellDataVaultWiz) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe =>.Techporch Incorporated®
    SR - Auto [31/08/2016] [ 392168] Digital Wave Update Service (DigitalWave.Update.Service) . (.Digital Wave Ltd..) - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe =>.Digital Wave Ltd®
    SS - Disabl [09/06/2009] [ 155648] Dock Login Service (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe =>.Stardock Corporation
    SS - Disabl [09/02/2011] [ 16680] GoToAssist (GoToAssist) . (.Citrix Online, a division of Citrix Systems, Inc..) - C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe =>.Citrix Online®
    SS - Auto [17/12/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
    SS - Demand [17/12/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
    SS - Disabl [03/03/2010] [ 13336] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation®
    SS - Disabl [01/03/2011] [ 934176] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.®
    SR - Auto [30/08/2012] [ 827560] ZoneAlarm LTD Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe =>.Check Point Software Technologies Ltd.®
    SR - Auto [08/02/2017] [ 419336] LMIGuardianSvc (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe =>.LogMeIn, Inc.®
    SR - Auto [08/02/2017] [ 509448] LogMeIn Maintenance Service (LMIMaint) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn\x64\ramaint.exe =>.LogMeIn, Inc.®
    SR - Auto [08/11/2010] [ 407424] LogMeIn (LogMeIn) . (.LogMeIn, Inc..) - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe =>.LogMeIn, Inc.®
    SR - Auto [10/03/2016] [ 1514464] (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
    SR - Auto [10/03/2016] [ 1136608] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
    SR - Auto [06/04/2016] [11495288] Acronis Managed Machine Service (MMS) . (.Acronis.) - C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe =>.Acronis International GmbH®
    SS - Demand [03/02/2017] [ 172488] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
    SS - Disabl [25/08/2010] [ 2823000] Dell DataSafe Online (NOBU) . (.Dell, Inc..) - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe =>.Symantec Corporation®
    SS - Disabl [24/07/2007] [ 185632] Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe =>.Protexis Inc.®
    SS - Disabl [04/09/2010] [ 1116656] RoxMediaDB12OEM (RoxMediaDB12OEM) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe =>.Sonic Solutions®
    SS - Disabl [04/09/2010] [ 219632] Roxio Hard Drive Watcher 12 (RoxWatch12) . (.Sonic Solutions.) - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe =>.Sonic Solutions®
    SS - Disabl [13/01/2011] [ 705856] SoftThinks Agent Service (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE =>.Dell Inc®
    SS - Disabl [26/08/2010] [ 74392] stllssvr (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe =>.MicroVision Development Inc.®
    SR - Auto [26/08/2010] [ 74392] Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc..) - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe =>.Dell Inc®
    SS - Disabl [26/08/2010] [ 74392] Adobe SwitchBoard (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated
    SR - Auto [26/08/2010] [ 74392] TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer®
    SR - Auto [26/08/2010] [ 74392] TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD.) - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe =>.Check Point Software Technologies Ltd.®
    SR - Auto [26/08/2010] [ 74392] X10 Device Network Service (x10nets) . (.X10.) - C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe =>.X10

    —\ Task Planned Automatically (27) - 8s
    [MD5.9CB8D4CF60B6727210821B7189F9B0ED] [APT] [Avast Emergency Update] (.AVAST Software.) – C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [74392] (.Activate.) =>.AVAST Software s.r.o.®
    [MD5.C856B04ABD5A57CA688EF6CC2964DFBD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) – C:\Program Files\CCleaner\CCleaner.exe [74392] (.Activate.) =>.Piriform Ltd®
    [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [74392] (.Activate.) =>.Google Inc®
    [MD5.88FBBB1C601A6BC42054E57C2897FA45] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) – C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [74392] (.Activate.) =>.Google Inc®
    [MD5.4326BAC60CD3E075E2777F2FC709E27E] [APT] [SafeZone scheduled Autoupdate 1447347348] (.Avast Software.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe [74392] (.Activate.) =>.AVAST Software s.r.o.®
    [MD5.5302D99FB38DE4318738BE8EB5504695] [APT] [SUPERAntiSpyware Scheduled Task 225f8507-6f54-4057-99db-efacdfb5399f] (.SUPERAdBlocker.com.) – C:\Program Files\SUPERAntiSpyware\SASTask.exe [74392] (.Activate.) =>.SUPERAntiSpyware.com®
    [MD5.CEBA8DCCD002D4E8F73DD79F6B0DC5D8] [APT] [{1639BDF1-4701-4489-8E1F-55D778EB2E92}] (…) – C:\dell\Drivers\R243163\WIN7\64\EXE\RtlStartInstal l.exe [74392] (.Activate.) =>.Realtek Semiconductor Corp®
    [MD5.00000000000000000000000000000000] [APT] [{541670BA-4500-4BAB-B28F-FEA12D97A8A6}] (…) – D:\setup.exe (.not file.) [74392] (.Activate.)
    [MD5.08089D3904D02FF4B1DE5B17552D211B] [APT] [{556B3944-D10B-4648-A7B5-881FC8BD803F}] (.Corel Corporation.) – C:\Program Files (x86)\WordPerfect Office 12\Programs\wpwin12.exe [74392] (.Activate.) =>.Corel Corporation
    [MD5.08089D3904D02FF4B1DE5B17552D211B] [APT] [{58CC7BE3-4DC5-45CE-BF0A-719BBA4CF305}] (.Corel Corporation.) – C:\Program Files (x86)\WordPerfect Office 12\Programs\wpwin12.exe [74392] (.Activate.) =>.Corel Corporation
    [MD5.00000000000000000000000000000000] [APT] [{F65E2FB5-898F-491F-A24C-3B6AE1F82E7F}] (…) – C:\Users\Simcha\AppData\Local\Microsoft\Windows\Te mporary Internet Files\Content.IE5\SOG86P49\streamtransport_setup[1].exe (.not file.) [74392] (.Activate.)
    [MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [Apple\AppleSoftwareUpdate] (.Apple Inc..) – C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [74392] (.Activate.) =>.Apple Inc.®
    [MD5.C72865DE00C0B7E4B4C3DEBCB347FC36] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) – C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [74392] (.Activate.) =>.AVAST Software s.r.o.®
    O39 - APT: SUPERAntiSpyware Scheduled Task 225f8507-6f54-4057-99db-efacdfb5399f - (.SUPERAdBlocker.com.) – C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 225f8507-6f54-4057-99db-efacdfb5399f.job [74392] =>.SUPERAntiSpyware.com®
    O39 - APT: Avast Emergency Update - (.AVAST Software.) – C:\Windows\System32\Tasks\Avast Emergency Update [74392] =>.AVAST Software s.r.o.®
    O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) – C:\Windows\System32\Tasks\CCleanerSkipUAC [74392] =>.Piriform Ltd®
    O39 - APT: Dell SupportAssistAgent AutoUpdate - (…) – C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate [74392] (.Orphan.) =>.Superfluous.Orphan
    O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineC ore [74392] =>.Google Inc®
    O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) – C:\Windows\System32\Tasks\GoogleUpdateTaskMachineU A [74392] =>.Google Inc®
    O39 - APT: PCDEventLauncherTask - (…) – C:\Windows\System32\Tasks\PCDEventLauncherTask [74392] (.Orphan.) =>.Superfluous.Orphan
    O39 - APT: SafeZone scheduled Autoupdate 1447347348 - (.Avast Software.) – C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1447347348 [74392] =>.AVAST Software s.r.o.®
    O39 - APT: SUPERAntiSpyware Scheduled Task 225f8507-6f54-4057-99db-efacdfb5399f - (.SUPERAdBlocker.com.) – C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 225f8507-6f54-4057-99db-efacdfb5399f [74392] =>.SUPERAntiSpyware.com®
    O39 - APT: {1639BDF1-4701-4489-8E1F-55D778EB2E92} - (…) – C:\Windows\System32\Tasks{1639BDF1-4701-4489-8E1F-55D778EB2E92} [74392] =>.Realtek Semiconductor Corp®
    O39 - APT: {541670BA-4500-4BAB-B28F-FEA12D97A8A6} - (…) – C:\Windows\System32\Tasks{541670BA-4500-4BAB-B28F-FEA12D97A8A6} [74392] (.Orphan.) =>.Superfluous.Orphan
    O39 - APT: {556B3944-D10B-4648-A7B5-881FC8BD803F} - (.Corel Corporation.) – C:\Windows\System32\Tasks{556B3944-D10B-4648-A7B5-881FC8BD803F} [74392] =>.Corel Corporation
    O39 - APT: {58CC7BE3-4DC5-45CE-BF0A-719BBA4CF305} - (.Corel Corporation.) – C:\Windows\System32\Tasks{58CC7BE3-4DC5-45CE-BF0A-719BBA4CF305} [74392] =>.Corel Corporation
    O39 - APT: {F65E2FB5-898F-491F-A24C-3B6AE1F82E7F} - (…) – C:\Windows\System32\Tasks{F65E2FB5-898F-491F-A24C-3B6AE1F82E7F} [74392] (.Orphan.) =>.Superfluous.Orphan

    —\ Auto loading programs from Registry and folders (20) - 0s
    O4 - HKLM..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) – C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe =>.Acronis International GmbH®
    O4 - HKLM..\Run: [TrayMonitor.exe] . (.Acronis - Acronis Backup Tray Monitor.) – C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe =>.Acronis International GmbH®
    O4 - HKLM..\Run: [ISW] . (.Check Point Software Technologies - ZoneAlarm Browser Security.) – C:\Program Files\CheckPoint\ZAForceField\ForceField.exe =>.Check Point Software Technologies Ltd.®
    O4 - HKLM..\Run: [LogMeIn GUI] . (.LogMeIn, Inc. - LogMeIn Desktop Application.) – C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe =>.LogMeIn, Inc.®
    O4 - HKCU..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) – C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe =>.SUPERAntiSpyware.com®
    O4 - HKLM..\Wow6432Node\Run: [ZoneAlarm] . (.Check Point Software Technologies LTD - ZoneAlarm.) – C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe =>.Check Point Software Technologies Ltd.®
    O4 - HKLM..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - AvLaunch component.) – C:\Program Files\AVAST Software\Avast\AvLaunch.exe =>.AVAST Software s.r.o.®
    O4 - HKLM..\Wow6432Node\Run: [AcronisTibMounterMonitor] . (.Acronis International GmbH - Acronis TIB Mounter Monitor.) – C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe =>.ACRONIS INTERNATIONAL GMBH®
    O4 - HKLM..\Wow6432Node\Run: [BackupAndRecoveryMonitor.exe] . (.Acronis - Acronis Backup Monitor.) – C:\Program Files (x86)\Acronis\BackupAndRecovery\BackupAndRecoveryM onitor.exe =>.Acronis International GmbH®
    O4 - HKLM..\Wow6432Node\Run: [Display] . (.Schneider Electric - Startup Notification Module.) – C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe =>.American Power Conversion®
    O4 - HKLM..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) – C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe =>.Brother Industries, Ltd.
    O4 - HKLM..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) – C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe =>.Brother Industries, Ltd.
    O4 - HKLM..\Wow6432Node\Run: [BrHelp] . (.Brother Industries, Ltd. - Brother Help Application.) – C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe =>.Brother Industries, Ltd.
    O4 - HKUS.DEFAULT..\Run: [ZoneAlarm Windows 10 Upgrader] C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\u npacked==win10=update_win10.zip\upgrade.exe (.not file.)
    O4 - HKUS\S-1-5-18..\Run: [ZoneAlarm Windows 10 Upgrader] C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\u npacked==win10=update_win10.zip\upgrade.exe (.not file.)
    O4 - HKUS\S-1-5-19..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) – C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-20..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) – C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-19..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-20..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) – C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
    O4 - HKUS\S-1-5-21-1877506799-1620552117-407713368-1000..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) – C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe =>.SUPERAntiSpyware.com®

    —\ Process running (45) - 1s
    [MD5.FEB6282AFF403EBBCA47A503937CB6A1] - (.Check Point Software Technologies LTD - TrueVector Service.) – C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447440] [PID.1176] =>.Check Point Software Technologies Ltd.®
    [MD5.5258A3572C59D8CAA4D5FDD9EF13674E] - (.AVAST Software - Avast Service.) – C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736] [PID.1488] =>.AVAST Software s.r.o.®
    [MD5.EEF0D7308C247294389B566A7830B211] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) – C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [827560] [PID.1536] =>.Check Point Software Technologies Ltd.®
    [MD5.ECDCC164B9694B8A1C9EB443094BA0D0] - (.Check Point Software Technologies - ZoneAlarm Browser Security.) – C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [1127592] [PID.1608] =>.Check Point Software Technologies Ltd.®
    [MD5.98E06CAC2C508118450095E581202230] - (.SUPERAntiSpyware.com - Core Service.) – C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472] [PID.1244] =>.SUPERAntiSpyware.com®
    [MD5.51C7D1D993147802F38F2D0F793A3AB1] - (.Acronis - Agent Core.) – C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe [2140656] [PID.1336] =>.Acronis International GmbH®
    [MD5.123E122AF0E946508F8475E18E82B6E5] - (.Acronis - Acronis Scheduler 2.) – C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1209336] [PID.2024] =>.Acronis International GmbH®
    [MD5.C7F8C8080B055B3DE9A8141DFD8E308A] - (.Schneider Electric - Battery Backup Management Service.) – C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912] [PID.1188] =>.American Power Conversion®
    [MD5.4C6447FA847302486C314F95E569A7B4] - (.Acronis - ARSM.) – C:\Program Files (x86)\Acronis\ARSM\arsm.exe [6087592] [PID.1356] =>.Acronis International GmbH®
    [MD5.B4DEC7FDEF4C29B5D9493558D1028521] - (.Acronis - Acronis Scheduler Helper.) – C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391056] [PID.2032] =>.Acronis International GmbH®
    [MD5.3E1F87D4E69DFBDDC599774082B42933] - (.Cisco WebEx LLC - WebEx Host for Support Center.) – C:\Windows\SysWOW64\atashost.exe [149440] [PID.2200] =>.Cisco WebEx LLC®
    [MD5.3F67A20D02EF74C112A42FD7746C8E2E] - (.Digital Wave Ltd. - Digital Wave Update Service.) – C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168] [PID.2288] =>.Digital Wave Ltd®
    [MD5.D9A00A0A365C9A60FB1D73AC6200FC78] - (.LogMeIn, Inc. - LMIGuardianSvc.) – C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419336] [PID.2444] =>.LogMeIn, Inc.®
    [MD5.C5E1EBAF396AEBDA4A1CDBF9B51096B5] - (.LogMeIn, Inc. - LogMeIn Maintenance Service.) – C:\Program Files (x86)\LogMeIn\x64\ramaint.exe [509448] [PID.2548] =>.LogMeIn, Inc.®
    [MD5.9611577752E293259C7DCE19E9026362] - (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464] [PID.3008] =>.Malwarebytes Corporation®
    [MD5.F1A89A34388B5626F1548D393B23ECB1] - (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608] [PID.3124] =>.Malwarebytes Corporation®
    [MD5.8E98E3EC16D2641005B4748CD330FB45] - (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [9926112] [PID.3244] =>.Malwarebytes Corporation®
    [MD5.6574266EAD3ABD127F2A5506D026FED1] - (.TeamViewer GmbH - TeamViewer 11.) – C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7496464] [PID.3880] =>.TeamViewer®
    [MD5.7E47C328FC4768CB8BEAFBCFAFA70362] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976] [PID.4044] =>.Microsoft Corporation®
    [MD5.5A0C788C5BC5F2C993CB60940ADCF95E] - (.X10 - X10 Module.) – C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480] [PID.2264] =>.X10
    [MD5.70A176BF2ED362862944C371838262F8] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [222592] [PID.2260] =>.Microsoft Corporation®
    [MD5.107AB19CC1D40B9D04537F6EEAAC34C9] - (.Schneider Electric - PowerChute Data Service.) – C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880] [PID.3600] =>.American Power Conversion®
    [MD5.D3760BC17E1755091B7120CF32DBF56B] - (.LogMeIn, Inc. - LogMeIn.) – C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424] [PID.3380] =>.LogMeIn, Inc.®
    [MD5.5C1954F5DAE5AF201C920628BAAB21D9] - (.Acronis - Acronis Backup Tray Monitor.) – C:\Program Files (x86)\Acronis\TrayMonitor\TrayMonitor.exe [1503408] [PID.2928] =>.Acronis International GmbH®
    [MD5.B46CEDCCBB8EC7D07A696A2F7C399F42] - (.Acronis - Acronis Managed Machine Service.) – C:\Program Files (x86)\Acronis\BackupAndRecovery\mms.exe [11495288] [PID.4164] =>.Acronis International GmbH®
    [MD5.223A96BAC91792E1A954BFEB49FBE02C] - (.LogMeIn, Inc. - LogMeIn Desktop Application.) – C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928] [PID.4284] =>.LogMeIn, Inc.®
    [MD5.1DD91AE56A07B57DE293344413D29B08] - (.SUPERAntiSpyware - SUPERAntiSpyware Application.) – C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE [7946144] [PID.4448] =>.SUPERAntiSpyware.com®
    [MD5.E8A5904789AE437A86DC1E50381E4223] - (.Check Point Software Technologies LTD - ZoneAlarm.) – C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73392] [PID.4540] =>.Check Point Software Technologies Ltd.®
    [MD5.F16E8A2AD8FD2E62C5DC6F71B577F56E] - (.Acronis International GmbH - Acronis TIB Mounter Monitor.) – C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [408456] [PID.4480] =>.ACRONIS INTERNATIONAL GMBH®
    [MD5.9AABCE77F29BD880C117C44D75D2C723] - (.Brother Industries, Ltd. - Status Monitor Application.) – C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376] [PID.4648] =>.Brother Industries, Ltd.
    [MD5.5946A32650C1A8F47868F1BD9FDAFBCC] - (.AVAST Software - Avast Antivirus.) – C:\Program Files\AVAST Software\Avast\AvastUI.exe [9434656] [PID.4748] =>.AVAST Software s.r.o.®
    [MD5.F448DDC69CDAA391DBA26C3BCDD67DDA] - (.Brother Industries, Ltd. - Brother Help Application.) – C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968] [PID.976] =>.Brother Industries, Ltd.
    [MD5.C6000EC96513C55B6A606C75D62C9B01] - (.Brother Industries, Ltd. - ControlCenter Main Process.) – C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe [583168] [PID.4792] =>.Brother Industries, Ltd.
    [MD5.57846C1D03BAF2F67848125339A7CEB6] - (.AVAST Software s.r.o. - Avast Behavior Shield.) – C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320] [PID.4076] =>.AVAST Software s.r.o.®
    [MD5.C32E458C8DDB46220C2D9C7807EC1A3F] - (.Schneider Electric - PowerChute System Tray Power Icon.) – C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe [673144] [PID.4368] =>.American Power Conversion®
    [MD5.C4CF61CFEA5FEFC23A7DC6C3275642D1] - (.Brother Industries, Ltd. - BrYNCSvc.) – C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792] [PID.5248] =>.Brother Industries, Ltd.
    [MD5.1F7E75D9E9723A94D0BE0C96FBAB15F4] - (.Brother Industries, Ltd. - ControlCenter UX System.) – C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe [1543168] [PID.5876] =>.Brother Industries, Ltd.
    [MD5.32DF9FBF2D4DDDAC0667779097EB502D] - (.TeamViewer GmbH - TeamViewer 11.) – C:\Program Files (x86)\TeamViewer\TeamViewer.exe [23569680] [PID.5884] =>.TeamViewer®
    [MD5.78BEDE9F9D3EA18C34E197152E655999] - (.TeamViewer GmbH - TeamViewer 11.) – C:\Program Files (x86)\TeamViewer\tv_w32.exe [240912] [PID.3108] =>.TeamViewer®
    [MD5.0A85258809A07BFD9712FC54E99556F2] - (.TeamViewer GmbH - TeamViewer 11.) – C:\Program Files (x86)\TeamViewer\tv_x64.exe [275728] [PID.3680] =>.TeamViewer®
    [MD5.1E4C17073DBAD618FA63DEFC74E481BE] - (.Dell Inc. - Dell Data Vault Wizard.) – C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201560] [PID.6376] =>.Techporch Incorporated®
    [MD5.B75D72683E471D128203A5A73A6F3772] - (.Dell Inc. - Service.) – C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAge nt.exe [21160] [PID.1876] =>.Dell Inc®
    [MD5.A5EF2FD6F37F1D52E5164FDCB71B92E1] - (.Dell Inc. - Dell Data Vault Service.) – C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2574168] [PID.7148] =>.Techporch Incorporated®
    [MD5.2EF2B10E5F65FB054D2D54BDA54D230B] - (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe [517576] [PID.6368] =>.Mozilla Corporation®
    [MD5.AA5ABDAFAA8D1A2FB36C016328200BF9] - (.Nicolas Coolman - ZHPDiag.) – C:\Users\Simcha\Desktop\ZHPDiag3.exe [2707456] [PID.4456] =>.Nicolas Coolman

    —\ Google Chrome, Start,Search,Extensions (10) - 1s
    G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security =>.Avast Software s.r.o
    G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
    G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

    —\ Mozilla Firefox,Plugins,Start,Search,Extensions (10) - 2s
    P2 - EXT FILE: (.Daniel Dawson danielcdawson@gmail. - Saved Password Editor.) – C:\Users\Simcha\AppData\Roaming\Mozilla\Firefox\Pr ofiles\m6riq23i.default\extensions\savedpasswordeditor@daniel.dawson.xpi =>.Daniel Dawson danielcdawson@gmail.
    P2 - EXT FILE: (.Avast Online Security - Avast Browser Security and Web Reputat.) – C:\Users\Simcha\AppData\Roaming\Mozilla\Firefox\Pr ofiles\m6riq23i.default\extensions\wrc@avast.com.xpi =>.Avast Online Security
    P2 - EXT FILE: (.Password Exporter - Export and import your saved passwords.) – C:\Users\Simcha\AppData\Roaming\Mozilla\Firefox\Pr ofiles\m6riq23i.default\extensions{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi =>.Password Exporter
    P2 - EXT FILE: (.Greg Yardley - BetterPrivacy.) – C:\Users\Simcha\AppData\Roaming\Mozilla\Firefox\Pr ofiles\m6riq23i.default\extensions{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi =>.Greg Yardley
    P2 - EXT FILE: (…) – C:\Users\Simcha\AppData\Roaming\Mozilla\Firefox\Pr ofiles\m6riq23i.default\searchplugins\filezilla-wiki-en.xml
    P2 - EXT: (…) – C:\Users\Simcha\AppData\Roaming\Mozilla\Extensions {ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
    P2 - EXT: (.DVDVideoSoft Ltd. - DVDVideoSoft YouTube MP3 and Video Download.) – C:\Users\Simcha\AppData\Roaming\Mozilla\Firefox\Pr ofiles\m6riq23i.default\extensions{B64D9B05-48E1-4CEB-BF58-E0643994E900} =>.DVDVideoSoft Ltd.
    P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) – C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_ 221.dll =>.Adobe Systems Incorporated
    P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) – C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc.
    P2 - FPN: [HKLM] [@checkpoint.com/FFApi] - (.Copyright (C) 2010.) – C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\b in\npFFApi.dll

    —\ Internet Explorer Extensions, Start, Search (18) - 0s
    R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com =>.Google Inc.
    R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
    R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/ =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
    R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
    R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
    R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
    R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

    —\ Internet Explorer, Proxy Management (7) - 0s
    R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local;127.0.0.1:9421; =>Hijacker.Proxy
    R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyEnable = 0
    R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,MigrateProxy = 1
    R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,EnableHttp1_1 = 1
    R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyHttp1.1 = 1
    R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings,AutoConfigProxy = wininet.dll
    R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Para meters\Internet\ManualProxies

    —\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
    F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
    F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
    F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerfo rmance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

    —\ Hosts file redirection (1) - 0s
    ~ Le fichier hôte est sain (The hosts file is clean) (21)

    —\ Browser Helper Object (BHO) (5) - 1s
    O2 - BHO: ZoneAlarm Security Engine Registrar [64Bits] - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm Browser Security.) – C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\b in\TrustCheckerIEPlugin.dll =>.Check Point Software Technologies Ltd.®
    O2 - BHO: avast! Online Security [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) – C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll =>.AVAST Software s.r.o.®
    O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) – C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®
    O2 - BHO: Java™ Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java™ Platform SE binary.) – C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll =>.Sun Microsystems, Inc.®
    O2 - BHO: DVDVideoSoft.WebPageAdjuster [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} (.Orphan.)

    —\ Global shortcuts Startup (526) - 73s
    O4 - GS\Desktop [Acronis Agent User]: ActiveHome Pro.lnk . (.X10 Wireless Technology, Inc. - Active Home Professional.) C:\Program Files (x86)\ActiveHome Pro\ActiveHm.exe =>.X10 Wireless Technology, Inc.
    O4 - GS\Desktop [Acronis Agent User]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - .) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems, Incorporated
    O4 - GS\Desktop [Acronis Agent User]: Aiseesoft DVD Ripper.exe - Shortcut.lnk . (.Aiseesoft - Aiseesoft DVD Ripper.) C:\SMD\Utils\Aiseesoft DVD Ripper\Aiseesoft DVD Ripper.exe =>.Aiseesoft
    O4 - GS\Desktop [Acronis Agent User]: AJC01.rdp - Shortcut.lnk . (…) C:\Users\Simcha\Documents\AJC01.rdp
    O4 - GS\Desktop [Acronis Agent User]: Any Video Converter.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Acronis Agent User]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Acronis Agent User]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\SMD\Utils\Audacity\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Acronis Agent User]: Avast Scan Report.lnk . (…) C:\ProgramData\AVAST Software\Avast\report
    O4 - GS\Desktop [Acronis Agent User]: Core FTP LE.lnk . (.Core FTP - Core FTP client.) C:\Program Files (x86)\CoreFTP\coreftp.exe =>.Core FTP
    O4 - GS\Desktop [Acronis Agent User]: Custom WP Templates - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12\Custom WP Templates
    O4 - GS\Desktop [Acronis Agent User]: DailymotionDownload.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Acronis Agent User]: DiskCheckup.lnk . (.PassMark ™ Software - www.passmark.com - DiskCheckup.) C:\SMD\Sysutil\DiskCheckup\DiskCheckup\DiskCheckup .exe =>.PassMark Software Pty Ltd®
    O4 - GS\Desktop [Acronis Agent User]: DVDVideoSoft - Shortcut (2).lnk . (…) C:\Program Files (x86)\DVDVideoSoft
    O4 - GS\Desktop [Acronis Agent User]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Acronis Agent User]: DVDVideoSoft YTVDownloader.lnk . (.Digital Wave Ltd - Free YouTube Download.) C:\SMD\Vid Tools2\DVDVideoSoft-New\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Acronis Agent User]: Elements (O) - Shortcut.lnk . (…) O:\
    O4 - GS\Desktop [Acronis Agent User]: Favorites - Shortcut.lnk . (…) C:\Users\Simcha\Favorites
    O4 - GS\Desktop [Acronis Agent User]: filezilla.exe - Shortcut.lnk . (.FileZilla Project - FileZilla FTP Client.) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe =>.Open Source Developer, Tim Kosse®
    O4 - GS\Desktop [Acronis Agent User]: Free AVI MPEG WMV MP4 FLV Video Joiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User]: Free YouTube Download.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeDownload.) C:\SMD\Vid Tools\OLDFree YouTube Download\FreeYouTubeDownload.exe =>.DVDVideoSoft Ltd.
    O4 - GS\Desktop [Acronis Agent User]: Free YouTube Downloader - Downloaded Files.lnk . (…) C:\Users\Simcha\Documents\Downloads\Free YouTube Downloader
    O4 - GS\Desktop [Acronis Agent User]: FreeAVIMPEGWMVMP4FLVVideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User]: iexplore.exe - Shortcut.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Acronis Agent User]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Acronis Agent User]: IrfanView 64 Thumbnails.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe /thumbs
    O4 - GS\Desktop [Acronis Agent User]: IrfanView 64.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe
    O4 - GS\Desktop [Acronis Agent User]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
    O4 - GS\Desktop [Acronis Agent User]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Acronis Agent User]: KEDITW 1.6.1.lnk . (.Mansfield Software Group, Inc. - KEDIT for Windows Executable.) C:\Program Files (x86)\Kedit16\KEDITW32.exe {16C3BC3A3343955534F402136FB00488}
    O4 - GS\Desktop [Acronis Agent User]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User]: PerfectExpert - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t
    O4 - GS\Desktop [Acronis Agent User]: photo2sketch.lnk . (…) C:\SMD\Utils\PhotoSketch - Using\Photo to Sketch\photo2sketch.exe
    O4 - GS\Desktop [Acronis Agent User]: Programs - Shortcut.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs
    O4 - GS\Desktop [Acronis Agent User]: SafeZone Browser.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe /sfzonebrowser =>.AVAST Software s.r.o.®
    O4 - GS\Desktop [Acronis Agent User]: Scan - Shortcut.lnk . (…) C:\Users\Simcha\Pictures\ControlCenter4\Scan =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User]: Simcha Downloads.lnk . (…) C:\Users\Simcha\Downloads
    O4 - GS\Desktop [Acronis Agent User]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Desktop [Acronis Agent User]: SMD - Shortcut (2).lnk . (…) C:\SMD
    O4 - GS\Desktop [Acronis Agent User]: SolveigMM AVI Trimmer + MKV.lnk . (.Solveig Multimedia - .) C:\SMD\Vid Tools2\Trimmer\SMM_AVITrimmer.exe {6D7045372E285AD557F0452BDC9648C3} =>.Solveig Multimedia
    O4 - GS\Desktop [Acronis Agent User]: Std Default Downloads.lnk . (…) C:\Download
    O4 - GS\Desktop [Acronis Agent User]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User]: Tipard DVD Ripper.exe - Shortcut.lnk . (.Tipard - Tipard DVD Ripper.) C:\SMD\Utils3\Tipard DVD Ripper\Tipard DVD Ripper.exe =>.LongEasy Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User]: Video Converter- Using.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Acronis Agent User]: VideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User]: WinX_DVD_ CURRENT.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Vid Tools2\WinX DVD\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Plati num.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Acronis Agent User]: WinX_DVD_Ripper_Platinum Rel 6.5 - Shortcut.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils3\WinX_DVD_Ripper_Platinum 6.5.0\WinX_DVD_Ripper_Platinum.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Acronis Agent User]: WinX_DVD_Ripper_PlatinumRel 7.5.12.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils\Utilities-A\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinu m.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Acronis Agent User]: WinZip 15.0.lnk . (.WinZip Computing, S.L. - WinZip.) C:\Program Files (x86)\WinZip\WINZIP32.EXE =>.WinZip Computing®
    O4 - GS\Desktop [Acronis Agent User]: WMP.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User]: WordPerfect.lnk . (.InstallShield Software Corp. - InstallShield.) C:\Windows\Installer{AF19F291-F22F-4798-9662-525305AE9E48}\WPShortcut.exe =>.InstallShield Software Corp.
    O4 - GS\Desktop [Acronis Agent User]: WP12 - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12
    O4 - GS\Desktop [Acronis Agent User]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Simcha\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
    O4 - GS\Desktop [Acronis Agent User]: ZTreeWin.lnk . (.Zedtek, Inc. - ZTreeWin.) C:\ZTreeWin\ZTW64.EXE {172B680297B7E07A4365CC85AE48CCCA}
    O4 - GS\Quicklaunch [Acronis Agent User]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\Quicklaunch [Acronis Agent User]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\Quicklaunch [Acronis Agent User]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Acronis Agent User]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Acronis Agent User]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\sendTo [Acronis Agent User]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
    O4 - GS\TaskBar [Acronis Agent User]: Acronis Backup installer.lnk . (.Acronis - Acronis Backup installer.) C:\Users\Simcha\Downloads\Acronis\AcronisBackup_11 .7N_44190_en-US.exe =>.Acronis International GmbH®
    O4 - GS\TaskBar [Acronis Agent User]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Acronis Agent User]: Free Dailymotion Download.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Acronis Agent User]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\TaskBar [Acronis Agent User]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\TaskBar [Acronis Agent User]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
    O4 - GS\TaskBar [Acronis Agent User]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
    O4 - GS\Startup [Acronis Agent User]: OS (C) - Shortcut.lnk . (.Authors - .) C:\
    O4 - GS\Startup [Acronis Agent User]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Programs [Acronis Agent User]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Acronis Agent User]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Acronis Agent User]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Acronis Agent User 2]: ActiveHome Pro.lnk . (.X10 Wireless Technology, Inc. - Active Home Professional.) C:\Program Files (x86)\ActiveHome Pro\ActiveHm.exe =>.X10 Wireless Technology, Inc.
    O4 - GS\Desktop [Acronis Agent User 2]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - .) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems, Incorporated
    O4 - GS\Desktop [Acronis Agent User 2]: Aiseesoft DVD Ripper.exe - Shortcut.lnk . (.Aiseesoft - Aiseesoft DVD Ripper.) C:\SMD\Utils\Aiseesoft DVD Ripper\Aiseesoft DVD Ripper.exe =>.Aiseesoft
    O4 - GS\Desktop [Acronis Agent User 2]: AJC01.rdp - Shortcut.lnk . (…) C:\Users\Simcha\Documents\AJC01.rdp
    O4 - GS\Desktop [Acronis Agent User 2]: Any Video Converter.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Acronis Agent User 2]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Acronis Agent User 2]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\SMD\Utils\Audacity\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Acronis Agent User 2]: Avast Scan Report.lnk . (…) C:\ProgramData\AVAST Software\Avast\report
    O4 - GS\Desktop [Acronis Agent User 2]: Core FTP LE.lnk . (.Core FTP - Core FTP client.) C:\Program Files (x86)\CoreFTP\coreftp.exe =>.Core FTP
    O4 - GS\Desktop [Acronis Agent User 2]: Custom WP Templates - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12\Custom WP Templates
    O4 - GS\Desktop [Acronis Agent User 2]: DailymotionDownload.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: DiskCheckup.lnk . (.PassMark ™ Software - www.passmark.com - DiskCheckup.) C:\SMD\Sysutil\DiskCheckup\DiskCheckup\DiskCheckup .exe =>.PassMark Software Pty Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: DVDVideoSoft - Shortcut (2).lnk . (…) C:\Program Files (x86)\DVDVideoSoft
    O4 - GS\Desktop [Acronis Agent User 2]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: DVDVideoSoft YTVDownloader.lnk . (.Digital Wave Ltd - Free YouTube Download.) C:\SMD\Vid Tools2\DVDVideoSoft-New\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: Elements (O) - Shortcut.lnk . (…) O:\
    O4 - GS\Desktop [Acronis Agent User 2]: Favorites - Shortcut.lnk . (…) C:\Users\Simcha\Favorites
    O4 - GS\Desktop [Acronis Agent User 2]: filezilla.exe - Shortcut.lnk . (.FileZilla Project - FileZilla FTP Client.) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe =>.Open Source Developer, Tim Kosse®
    O4 - GS\Desktop [Acronis Agent User 2]: Free AVI MPEG WMV MP4 FLV Video Joiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: Free YouTube Download.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeDownload.) C:\SMD\Vid Tools\OLDFree YouTube Download\FreeYouTubeDownload.exe =>.DVDVideoSoft Ltd.
    O4 - GS\Desktop [Acronis Agent User 2]: Free YouTube Downloader - Downloaded Files.lnk . (…) C:\Users\Simcha\Documents\Downloads\Free YouTube Downloader
    O4 - GS\Desktop [Acronis Agent User 2]: FreeAVIMPEGWMVMP4FLVVideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: iexplore.exe - Shortcut.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Acronis Agent User 2]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Acronis Agent User 2]: IrfanView 64 Thumbnails.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe /thumbs
    O4 - GS\Desktop [Acronis Agent User 2]: IrfanView 64.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe
    O4 - GS\Desktop [Acronis Agent User 2]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
    O4 - GS\Desktop [Acronis Agent User 2]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Acronis Agent User 2]: KEDITW 1.6.1.lnk . (.Mansfield Software Group, Inc. - KEDIT for Windows Executable.) C:\Program Files (x86)\Kedit16\KEDITW32.exe {16C3BC3A3343955534F402136FB00488}
    O4 - GS\Desktop [Acronis Agent User 2]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User 2]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User 2]: PerfectExpert - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t
    O4 - GS\Desktop [Acronis Agent User 2]: photo2sketch.lnk . (…) C:\SMD\Utils\PhotoSketch - Using\Photo to Sketch\photo2sketch.exe
    O4 - GS\Desktop [Acronis Agent User 2]: Programs - Shortcut.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs
    O4 - GS\Desktop [Acronis Agent User 2]: SafeZone Browser.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe /sfzonebrowser =>.AVAST Software s.r.o.®
    O4 - GS\Desktop [Acronis Agent User 2]: Scan - Shortcut.lnk . (…) C:\Users\Simcha\Pictures\ControlCenter4\Scan =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User 2]: Simcha Downloads.lnk . (…) C:\Users\Simcha\Downloads
    O4 - GS\Desktop [Acronis Agent User 2]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Desktop [Acronis Agent User 2]: SMD - Shortcut (2).lnk . (…) C:\SMD
    O4 - GS\Desktop [Acronis Agent User 2]: SolveigMM AVI Trimmer + MKV.lnk . (.Solveig Multimedia - .) C:\SMD\Vid Tools2\Trimmer\SMM_AVITrimmer.exe {6D7045372E285AD557F0452BDC9648C3} =>.Solveig Multimedia
    O4 - GS\Desktop [Acronis Agent User 2]: Std Default Downloads.lnk . (…) C:\Download
    O4 - GS\Desktop [Acronis Agent User 2]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User 2]: Tipard DVD Ripper.exe - Shortcut.lnk . (.Tipard - Tipard DVD Ripper.) C:\SMD\Utils3\Tipard DVD Ripper\Tipard DVD Ripper.exe =>.LongEasy Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: Video Converter- Using.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Acronis Agent User 2]: VideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Acronis Agent User 2]: WinX_DVD_ CURRENT.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Vid Tools2\WinX DVD\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Plati num.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Acronis Agent User 2]: WinX_DVD_Ripper_Platinum Rel 6.5 - Shortcut.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils3\WinX_DVD_Ripper_Platinum 6.5.0\WinX_DVD_Ripper_Platinum.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Acronis Agent User 2]: WinX_DVD_Ripper_PlatinumRel 7.5.12.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils\Utilities-A\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinu m.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Acronis Agent User 2]: WinZip 15.0.lnk . (.WinZip Computing, S.L. - WinZip.) C:\Program Files (x86)\WinZip\WINZIP32.EXE =>.WinZip Computing®
    O4 - GS\Desktop [Acronis Agent User 2]: WMP.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Acronis Agent User 2]: WordPerfect.lnk . (.InstallShield Software Corp. - InstallShield.) C:\Windows\Installer{AF19F291-F22F-4798-9662-525305AE9E48}\WPShortcut.exe =>.InstallShield Software Corp.
    O4 - GS\Desktop [Acronis Agent User 2]: WP12 - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12
    O4 - GS\Desktop [Acronis Agent User 2]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Simcha\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
    O4 - GS\Desktop [Acronis Agent User 2]: ZTreeWin.lnk . (.Zedtek, Inc. - ZTreeWin.) C:\ZTreeWin\ZTW64.EXE {172B680297B7E07A4365CC85AE48CCCA}
    O4 - GS\Quicklaunch [Acronis Agent User 2]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\Quicklaunch [Acronis Agent User 2]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\Quicklaunch [Acronis Agent User 2]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Acronis Agent User 2]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Acronis Agent User 2]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\sendTo [Acronis Agent User 2]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
    O4 - GS\TaskBar [Acronis Agent User 2]: Acronis Backup installer.lnk . (.Acronis - Acronis Backup installer.) C:\Users\Simcha\Downloads\Acronis\AcronisBackup_11 .7N_44190_en-US.exe =>.Acronis International GmbH®
    O4 - GS\TaskBar [Acronis Agent User 2]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Acronis Agent User 2]: Free Dailymotion Download.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Acronis Agent User 2]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\TaskBar [Acronis Agent User 2]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\TaskBar [Acronis Agent User 2]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
    O4 - GS\TaskBar [Acronis Agent User 2]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
    O4 - GS\Startup [Acronis Agent User 2]: OS (C) - Shortcut.lnk . (.Authors - .) C:\
    O4 - GS\Startup [Acronis Agent User 2]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Programs [Acronis Agent User 2]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Acronis Agent User 2]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Acronis Agent User 2]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Admin]: ActiveHome Pro.lnk . (.X10 Wireless Technology, Inc. - Active Home Professional.) C:\Program Files (x86)\ActiveHome Pro\ActiveHm.exe =>.X10 Wireless Technology, Inc.
    O4 - GS\Desktop [Admin]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - .) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems, Incorporated
    O4 - GS\Desktop [Admin]: Aiseesoft DVD Ripper.exe - Shortcut.lnk . (.Aiseesoft - Aiseesoft DVD Ripper.) C:\SMD\Utils\Aiseesoft DVD Ripper\Aiseesoft DVD Ripper.exe =>.Aiseesoft
    O4 - GS\Desktop [Admin]: AJC01.rdp - Shortcut.lnk . (…) C:\Users\Simcha\Documents\AJC01.rdp
    O4 - GS\Desktop [Admin]: Any Video Converter.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Admin]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Admin]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\SMD\Utils\Audacity\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Admin]: Avast Scan Report.lnk . (…) C:\ProgramData\AVAST Software\Avast\report
    O4 - GS\Desktop [Admin]: Core FTP LE.lnk . (.Core FTP - Core FTP client.) C:\Program Files (x86)\CoreFTP\coreftp.exe =>.Core FTP
    O4 - GS\Desktop [Admin]: Custom WP Templates - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12\Custom WP Templates
    O4 - GS\Desktop [Admin]: DailymotionDownload.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Admin]: DiskCheckup.lnk . (.PassMark ™ Software - www.passmark.com - DiskCheckup.) C:\SMD\Sysutil\DiskCheckup\DiskCheckup\DiskCheckup .exe =>.PassMark Software Pty Ltd®
    O4 - GS\Desktop [Admin]: DVDVideoSoft - Shortcut (2).lnk . (…) C:\Program Files (x86)\DVDVideoSoft
    O4 - GS\Desktop [Admin]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Admin]: DVDVideoSoft YTVDownloader.lnk . (.Digital Wave Ltd - Free YouTube Download.) C:\SMD\Vid Tools2\DVDVideoSoft-New\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Admin]: Elements (O) - Shortcut.lnk . (…) O:\
    O4 - GS\Desktop [Admin]: Favorites - Shortcut.lnk . (…) C:\Users\Simcha\Favorites
    O4 - GS\Desktop [Admin]: filezilla.exe - Shortcut.lnk . (.FileZilla Project - FileZilla FTP Client.) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe =>.Open Source Developer, Tim Kosse®
    O4 - GS\Desktop [Admin]: Free AVI MPEG WMV MP4 FLV Video Joiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Admin]: Free YouTube Download.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeDownload.) C:\SMD\Vid Tools\OLDFree YouTube Download\FreeYouTubeDownload.exe =>.DVDVideoSoft Ltd.
    O4 - GS\Desktop [Admin]: Free YouTube Downloader - Downloaded Files.lnk . (…) C:\Users\Simcha\Documents\Downloads\Free YouTube Downloader
    O4 - GS\Desktop [Admin]: FreeAVIMPEGWMVMP4FLVVideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Admin]: iexplore.exe - Shortcut.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Admin]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Admin]: IrfanView 64 Thumbnails.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe /thumbs
    O4 - GS\Desktop [Admin]: IrfanView 64.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe
    O4 - GS\Desktop [Admin]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
    O4 - GS\Desktop [Admin]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Admin]: KEDITW 1.6.1.lnk . (.Mansfield Software Group, Inc. - KEDIT for Windows Executable.) C:\Program Files (x86)\Kedit16\KEDITW32.exe {16C3BC3A3343955534F402136FB00488}
    O4 - GS\Desktop [Admin]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Admin]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Admin]: PerfectExpert - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t
    O4 - GS\Desktop [Admin]: photo2sketch.lnk . (…) C:\SMD\Utils\PhotoSketch - Using\Photo to Sketch\photo2sketch.exe
    O4 - GS\Desktop [Admin]: Programs - Shortcut.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs
    O4 - GS\Desktop [Admin]: SafeZone Browser.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe /sfzonebrowser =>.AVAST Software s.r.o.®
    O4 - GS\Desktop [Admin]: Scan - Shortcut.lnk . (…) C:\Users\Simcha\Pictures\ControlCenter4\Scan =>.Microsoft Corporation
    O4 - GS\Desktop [Admin]: Simcha Downloads.lnk . (…) C:\Users\Simcha\Downloads
    O4 - GS\Desktop [Admin]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Desktop [Admin]: SMD - Shortcut (2).lnk . (…) C:\SMD
    O4 - GS\Desktop [Admin]: SolveigMM AVI Trimmer + MKV.lnk . (.Solveig Multimedia - .) C:\SMD\Vid Tools2\Trimmer\SMM_AVITrimmer.exe {6D7045372E285AD557F0452BDC9648C3} =>.Solveig Multimedia
    O4 - GS\Desktop [Admin]: Std Default Downloads.lnk . (…) C:\Download
    O4 - GS\Desktop [Admin]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Admin]: Tipard DVD Ripper.exe - Shortcut.lnk . (.Tipard - Tipard DVD Ripper.) C:\SMD\Utils3\Tipard DVD Ripper\Tipard DVD Ripper.exe =>.LongEasy Co., Ltd®
    O4 - GS\Desktop [Admin]: Video Converter- Using.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Admin]: VideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Admin]: WinX_DVD_ CURRENT.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Vid Tools2\WinX DVD\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Plati num.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Admin]: WinX_DVD_Ripper_Platinum Rel 6.5 - Shortcut.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils3\WinX_DVD_Ripper_Platinum 6.5.0\WinX_DVD_Ripper_Platinum.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Admin]: WinX_DVD_Ripper_PlatinumRel 7.5.12.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils\Utilities-A\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinu m.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Admin]: WinZip 15.0.lnk . (.WinZip Computing, S.L. - WinZip.) C:\Program Files (x86)\WinZip\WINZIP32.EXE =>.WinZip Computing®
    O4 - GS\Desktop [Admin]: WMP.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Admin]: WordPerfect.lnk . (.InstallShield Software Corp. - InstallShield.) C:\Windows\Installer{AF19F291-F22F-4798-9662-525305AE9E48}\WPShortcut.exe =>.InstallShield Software Corp.
    O4 - GS\Desktop [Admin]: WP12 - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12
    O4 - GS\Desktop [Admin]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Simcha\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
    O4 - GS\Desktop [Admin]: ZTreeWin.lnk . (.Zedtek, Inc. - ZTreeWin.) C:\ZTreeWin\ZTW64.EXE {172B680297B7E07A4365CC85AE48CCCA}
    O4 - GS\Quicklaunch [Admin]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\Quicklaunch [Admin]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\Quicklaunch [Admin]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Admin]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Admin]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\sendTo [Admin]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
    O4 - GS\TaskBar [Admin]: Acronis Backup installer.lnk . (.Acronis - Acronis Backup installer.) C:\Users\Simcha\Downloads\Acronis\AcronisBackup_11 .7N_44190_en-US.exe =>.Acronis International GmbH®
    O4 - GS\TaskBar [Admin]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Admin]: Free Dailymotion Download.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Admin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\TaskBar [Admin]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\TaskBar [Admin]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
    O4 - GS\TaskBar [Admin]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
    O4 - GS\Startup [Admin]: OS (C) - Shortcut.lnk . (.Authors - .) C:\
    O4 - GS\Startup [Admin]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Programs [Admin]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Admin]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Admin]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Administrator]: ActiveHome Pro.lnk . (.X10 Wireless Technology, Inc. - Active Home Professional.) C:\Program Files (x86)\ActiveHome Pro\ActiveHm.exe =>.X10 Wireless Technology, Inc.
    O4 - GS\Desktop [Administrator]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - .) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems, Incorporated
    O4 - GS\Desktop [Administrator]: Aiseesoft DVD Ripper.exe - Shortcut.lnk . (.Aiseesoft - Aiseesoft DVD Ripper.) C:\SMD\Utils\Aiseesoft DVD Ripper\Aiseesoft DVD Ripper.exe =>.Aiseesoft
    O4 - GS\Desktop [Administrator]: AJC01.rdp - Shortcut.lnk . (…) C:\Users\Simcha\Documents\AJC01.rdp
    O4 - GS\Desktop [Administrator]: Any Video Converter.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Administrator]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Administrator]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\SMD\Utils\Audacity\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Administrator]: Avast Scan Report.lnk . (…) C:\ProgramData\AVAST Software\Avast\report
    O4 - GS\Desktop [Administrator]: Core FTP LE.lnk . (.Core FTP - Core FTP client.) C:\Program Files (x86)\CoreFTP\coreftp.exe =>.Core FTP
    O4 - GS\Desktop [Administrator]: Custom WP Templates - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12\Custom WP Templates
    O4 - GS\Desktop [Administrator]: DailymotionDownload.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Administrator]: DiskCheckup.lnk . (.PassMark ™ Software - www.passmark.com - DiskCheckup.) C:\SMD\Sysutil\DiskCheckup\DiskCheckup\DiskCheckup .exe =>.PassMark Software Pty Ltd®
    O4 - GS\Desktop [Administrator]: DVDVideoSoft - Shortcut (2).lnk . (…) C:\Program Files (x86)\DVDVideoSoft
    O4 - GS\Desktop [Administrator]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Administrator]: DVDVideoSoft YTVDownloader.lnk . (.Digital Wave Ltd - Free YouTube Download.) C:\SMD\Vid Tools2\DVDVideoSoft-New\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Administrator]: Elements (O) - Shortcut.lnk . (…) O:\
    O4 - GS\Desktop [Administrator]: Favorites - Shortcut.lnk . (…) C:\Users\Simcha\Favorites
    O4 - GS\Desktop [Administrator]: filezilla.exe - Shortcut.lnk . (.FileZilla Project - FileZilla FTP Client.) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe =>.Open Source Developer, Tim Kosse®
    O4 - GS\Desktop [Administrator]: Free AVI MPEG WMV MP4 FLV Video Joiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Administrator]: Free YouTube Download.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeDownload.) C:\SMD\Vid Tools\OLDFree YouTube Download\FreeYouTubeDownload.exe =>.DVDVideoSoft Ltd.
    O4 - GS\Desktop [Administrator]: Free YouTube Downloader - Downloaded Files.lnk . (…) C:\Users\Simcha\Documents\Downloads\Free YouTube Downloader
    O4 - GS\Desktop [Administrator]: FreeAVIMPEGWMVMP4FLVVideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Administrator]: iexplore.exe - Shortcut.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Administrator]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Administrator]: IrfanView 64 Thumbnails.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe /thumbs
    O4 - GS\Desktop [Administrator]: IrfanView 64.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe
    O4 - GS\Desktop [Administrator]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
    O4 - GS\Desktop [Administrator]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Administrator]: KEDITW 1.6.1.lnk . (.Mansfield Software Group, Inc. - KEDIT for Windows Executable.) C:\Program Files (x86)\Kedit16\KEDITW32.exe {16C3BC3A3343955534F402136FB00488}
    O4 - GS\Desktop [Administrator]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Administrator]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Administrator]: PerfectExpert - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t
    O4 - GS\Desktop [Administrator]: photo2sketch.lnk . (…) C:\SMD\Utils\PhotoSketch - Using\Photo to Sketch\photo2sketch.exe
    O4 - GS\Desktop [Administrator]: Programs - Shortcut.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs
    O4 - GS\Desktop [Administrator]: SafeZone Browser.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe /sfzonebrowser =>.AVAST Software s.r.o.®
    O4 - GS\Desktop [Administrator]: Scan - Shortcut.lnk . (…) C:\Users\Simcha\Pictures\ControlCenter4\Scan =>.Microsoft Corporation
    O4 - GS\Desktop [Administrator]: Simcha Downloads.lnk . (…) C:\Users\Simcha\Downloads
    O4 - GS\Desktop [Administrator]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Desktop [Administrator]: SMD - Shortcut (2).lnk . (…) C:\SMD
    O4 - GS\Desktop [Administrator]: SolveigMM AVI Trimmer + MKV.lnk . (.Solveig Multimedia - .) C:\SMD\Vid Tools2\Trimmer\SMM_AVITrimmer.exe {6D7045372E285AD557F0452BDC9648C3} =>.Solveig Multimedia
    O4 - GS\Desktop [Administrator]: Std Default Downloads.lnk . (…) C:\Download
    O4 - GS\Desktop [Administrator]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Administrator]: Tipard DVD Ripper.exe - Shortcut.lnk . (.Tipard - Tipard DVD Ripper.) C:\SMD\Utils3\Tipard DVD Ripper\Tipard DVD Ripper.exe =>.LongEasy Co., Ltd®
    O4 - GS\Desktop [Administrator]: Video Converter- Using.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Administrator]: VideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Administrator]: WinX_DVD_ CURRENT.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Vid Tools2\WinX DVD\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Plati num.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Administrator]: WinX_DVD_Ripper_Platinum Rel 6.5 - Shortcut.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils3\WinX_DVD_Ripper_Platinum 6.5.0\WinX_DVD_Ripper_Platinum.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Administrator]: WinX_DVD_Ripper_PlatinumRel 7.5.12.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils\Utilities-A\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinu m.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Administrator]: WinZip 15.0.lnk . (.WinZip Computing, S.L. - WinZip.) C:\Program Files (x86)\WinZip\WINZIP32.EXE =>.WinZip Computing®
    O4 - GS\Desktop [Administrator]: WMP.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Administrator]: WordPerfect.lnk . (.InstallShield Software Corp. - InstallShield.) C:\Windows\Installer{AF19F291-F22F-4798-9662-525305AE9E48}\WPShortcut.exe =>.InstallShield Software Corp.
    O4 - GS\Desktop [Administrator]: WP12 - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12
    O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Simcha\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
    O4 - GS\Desktop [Administrator]: ZTreeWin.lnk . (.Zedtek, Inc. - ZTreeWin.) C:\ZTreeWin\ZTW64.EXE {172B680297B7E07A4365CC85AE48CCCA}
    O4 - GS\Quicklaunch [Administrator]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Administrator]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
    O4 - GS\TaskBar [Administrator]: Acronis Backup installer.lnk . (.Acronis - Acronis Backup installer.) C:\Users\Simcha\Downloads\Acronis\AcronisBackup_11 .7N_44190_en-US.exe =>.Acronis International GmbH®
    O4 - GS\TaskBar [Administrator]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Administrator]: Free Dailymotion Download.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
    O4 - GS\TaskBar [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
    O4 - GS\Startup [Administrator]: OS (C) - Shortcut.lnk . (.Authors - .) C:\
    O4 - GS\Startup [Administrator]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Programs [Administrator]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Administrator]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Guest]: ActiveHome Pro.lnk . (.X10 Wireless Technology, Inc. - Active Home Professional.) C:\Program Files (x86)\ActiveHome Pro\ActiveHm.exe =>.X10 Wireless Technology, Inc.
    O4 - GS\Desktop [Guest]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - .) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems, Incorporated
    O4 - GS\Desktop [Guest]: Aiseesoft DVD Ripper.exe - Shortcut.lnk . (.Aiseesoft - Aiseesoft DVD Ripper.) C:\SMD\Utils\Aiseesoft DVD Ripper\Aiseesoft DVD Ripper.exe =>.Aiseesoft
    O4 - GS\Desktop [Guest]: AJC01.rdp - Shortcut.lnk . (…) C:\Users\Simcha\Documents\AJC01.rdp
    O4 - GS\Desktop [Guest]: Any Video Converter.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Guest]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Guest]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\SMD\Utils\Audacity\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [Guest]: Avast Scan Report.lnk . (…) C:\ProgramData\AVAST Software\Avast\report
    O4 - GS\Desktop [Guest]: Core FTP LE.lnk . (.Core FTP - Core FTP client.) C:\Program Files (x86)\CoreFTP\coreftp.exe =>.Core FTP
    O4 - GS\Desktop [Guest]: Custom WP Templates - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12\Custom WP Templates
    O4 - GS\Desktop [Guest]: DailymotionDownload.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Guest]: DiskCheckup.lnk . (.PassMark ™ Software - www.passmark.com - DiskCheckup.) C:\SMD\Sysutil\DiskCheckup\DiskCheckup\DiskCheckup .exe =>.PassMark Software Pty Ltd®
    O4 - GS\Desktop [Guest]: DVDVideoSoft - Shortcut (2).lnk . (…) C:\Program Files (x86)\DVDVideoSoft
    O4 - GS\Desktop [Guest]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Guest]: DVDVideoSoft YTVDownloader.lnk . (.Digital Wave Ltd - Free YouTube Download.) C:\SMD\Vid Tools2\DVDVideoSoft-New\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [Guest]: Elements (O) - Shortcut.lnk . (…) O:\
    O4 - GS\Desktop [Guest]: Favorites - Shortcut.lnk . (…) C:\Users\Simcha\Favorites
    O4 - GS\Desktop [Guest]: filezilla.exe - Shortcut.lnk . (.FileZilla Project - FileZilla FTP Client.) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe =>.Open Source Developer, Tim Kosse®
    O4 - GS\Desktop [Guest]: Free AVI MPEG WMV MP4 FLV Video Joiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Guest]: Free YouTube Download.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeDownload.) C:\SMD\Vid Tools\OLDFree YouTube Download\FreeYouTubeDownload.exe =>.DVDVideoSoft Ltd.
    O4 - GS\Desktop [Guest]: Free YouTube Downloader - Downloaded Files.lnk . (…) C:\Users\Simcha\Documents\Downloads\Free YouTube Downloader
    O4 - GS\Desktop [Guest]: FreeAVIMPEGWMVMP4FLVVideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Guest]: iexplore.exe - Shortcut.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Guest]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [Guest]: IrfanView 64 Thumbnails.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe /thumbs
    O4 - GS\Desktop [Guest]: IrfanView 64.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe
    O4 - GS\Desktop [Guest]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
    O4 - GS\Desktop [Guest]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [Guest]: KEDITW 1.6.1.lnk . (.Mansfield Software Group, Inc. - KEDIT for Windows Executable.) C:\Program Files (x86)\Kedit16\KEDITW32.exe {16C3BC3A3343955534F402136FB00488}
    O4 - GS\Desktop [Guest]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Guest]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Guest]: PerfectExpert - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t
    O4 - GS\Desktop [Guest]: photo2sketch.lnk . (…) C:\SMD\Utils\PhotoSketch - Using\Photo to Sketch\photo2sketch.exe
    O4 - GS\Desktop [Guest]: Programs - Shortcut.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs
    O4 - GS\Desktop [Guest]: SafeZone Browser.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe /sfzonebrowser =>.AVAST Software s.r.o.®
    O4 - GS\Desktop [Guest]: Scan - Shortcut.lnk . (…) C:\Users\Simcha\Pictures\ControlCenter4\Scan =>.Microsoft Corporation
    O4 - GS\Desktop [Guest]: Simcha Downloads.lnk . (…) C:\Users\Simcha\Downloads
    O4 - GS\Desktop [Guest]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Desktop [Guest]: SMD - Shortcut (2).lnk . (…) C:\SMD
    O4 - GS\Desktop [Guest]: SolveigMM AVI Trimmer + MKV.lnk . (.Solveig Multimedia - .) C:\SMD\Vid Tools2\Trimmer\SMM_AVITrimmer.exe {6D7045372E285AD557F0452BDC9648C3} =>.Solveig Multimedia
    O4 - GS\Desktop [Guest]: Std Default Downloads.lnk . (…) C:\Download
    O4 - GS\Desktop [Guest]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Guest]: Tipard DVD Ripper.exe - Shortcut.lnk . (.Tipard - Tipard DVD Ripper.) C:\SMD\Utils3\Tipard DVD Ripper\Tipard DVD Ripper.exe =>.LongEasy Co., Ltd®
    O4 - GS\Desktop [Guest]: Video Converter- Using.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [Guest]: VideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [Guest]: WinX_DVD_ CURRENT.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Vid Tools2\WinX DVD\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Plati num.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Guest]: WinX_DVD_Ripper_Platinum Rel 6.5 - Shortcut.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils3\WinX_DVD_Ripper_Platinum 6.5.0\WinX_DVD_Ripper_Platinum.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Guest]: WinX_DVD_Ripper_PlatinumRel 7.5.12.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils\Utilities-A\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinu m.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [Guest]: WinZip 15.0.lnk . (.WinZip Computing, S.L. - WinZip.) C:\Program Files (x86)\WinZip\WINZIP32.EXE =>.WinZip Computing®
    O4 - GS\Desktop [Guest]: WMP.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
    O4 - GS\Desktop [Guest]: WordPerfect.lnk . (.InstallShield Software Corp. - InstallShield.) C:\Windows\Installer{AF19F291-F22F-4798-9662-525305AE9E48}\WPShortcut.exe =>.InstallShield Software Corp.
    O4 - GS\Desktop [Guest]: WP12 - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12
    O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Simcha\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
    O4 - GS\Desktop [Guest]: ZTreeWin.lnk . (.Zedtek, Inc. - ZTreeWin.) C:\ZTreeWin\ZTW64.EXE {172B680297B7E07A4365CC85AE48CCCA}
    O4 - GS\Quicklaunch [Guest]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Guest]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
    O4 - GS\TaskBar [Guest]: Acronis Backup installer.lnk . (.Acronis - Acronis Backup installer.) C:\Users\Simcha\Downloads\Acronis\AcronisBackup_11 .7N_44190_en-US.exe =>.Acronis International GmbH®
    O4 - GS\TaskBar [Guest]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Guest]: Free Dailymotion Download.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
    O4 - GS\TaskBar [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
    O4 - GS\Startup [Guest]: OS (C) - Shortcut.lnk . (.Authors - .) C:\
    O4 - GS\Startup [Guest]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Programs [Guest]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Guest]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [LogMeInRemoteUser]: ActiveHome Pro.lnk . (.X10 Wireless Technology, Inc. - Active Home Professional.) C:\Program Files (x86)\ActiveHome Pro\ActiveHm.exe =>.X10 Wireless Technology, Inc.
    O4 - GS\Desktop [LogMeInRemoteUser]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - .) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems, Incorporated
    O4 - GS\Desktop [LogMeInRemoteUser]: Aiseesoft DVD Ripper.exe - Shortcut.lnk . (.Aiseesoft - Aiseesoft DVD Ripper.) C:\SMD\Utils\Aiseesoft DVD Ripper\Aiseesoft DVD Ripper.exe =>.Aiseesoft
    O4 - GS\Desktop [LogMeInRemoteUser]: AJC01.rdp - Shortcut.lnk . (…) C:\Users\Simcha\Documents\AJC01.rdp
    O4 - GS\Desktop [LogMeInRemoteUser]: Any Video Converter.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [LogMeInRemoteUser]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [LogMeInRemoteUser]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\SMD\Utils\Audacity\audacity.exe =>.The Audacity Team
    O4 - GS\Desktop [LogMeInRemoteUser]: Avast Scan Report.lnk . (…) C:\ProgramData\AVAST Software\Avast\report
    O4 - GS\Desktop [LogMeInRemoteUser]: Core FTP LE.lnk . (.Core FTP - Core FTP client.) C:\Program Files (x86)\CoreFTP\coreftp.exe =>.Core FTP
    O4 - GS\Desktop [LogMeInRemoteUser]: Custom WP Templates - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12\Custom WP Templates
    O4 - GS\Desktop [LogMeInRemoteUser]: DailymotionDownload.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: DiskCheckup.lnk . (.PassMark ™ Software - www.passmark.com - DiskCheckup.) C:\SMD\Sysutil\DiskCheckup\DiskCheckup\DiskCheckup .exe =>.PassMark Software Pty Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: DVDVideoSoft - Shortcut (2).lnk . (…) C:\Program Files (x86)\DVDVideoSoft
    O4 - GS\Desktop [LogMeInRemoteUser]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: DVDVideoSoft YTVDownloader.lnk . (.Digital Wave Ltd - Free YouTube Download.) C:\SMD\Vid Tools2\DVDVideoSoft-New\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe =>.Digital Wave Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: Elements (O) - Shortcut.lnk . (…) O:\
    O4 - GS\Desktop [LogMeInRemoteUser]: Favorites - Shortcut.lnk . (…) C:\Users\Simcha\Favorites
    O4 - GS\Desktop [LogMeInRemoteUser]: filezilla.exe - Shortcut.lnk . (.FileZilla Project - FileZilla FTP Client.) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe =>.Open Source Developer, Tim Kosse®
    O4 - GS\Desktop [LogMeInRemoteUser]: Free AVI MPEG WMV MP4 FLV Video Joiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: Free YouTube Download.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeDownload.) C:\SMD\Vid Tools\OLDFree YouTube Download\FreeYouTubeDownload.exe =>.DVDVideoSoft Ltd.
    O4 - GS\Desktop [LogMeInRemoteUser]: Free YouTube Downloader - Downloaded Files.lnk . (…) C:\Users\Simcha\Documents\Downloads\Free YouTube Downloader
    O4 - GS\Desktop [LogMeInRemoteUser]: FreeAVIMPEGWMVMP4FLVVideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: iexplore.exe - Shortcut.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [LogMeInRemoteUser]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Desktop [LogMeInRemoteUser]: IrfanView 64 Thumbnails.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe /thumbs
    O4 - GS\Desktop [LogMeInRemoteUser]: IrfanView 64.lnk . (…) C:\Program Files (x86)\IrfanView\i_view64.exe
    O4 - GS\Desktop [LogMeInRemoteUser]: IrfanView.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe =>.Irfan Skiljan®
    O4 - GS\Desktop [LogMeInRemoteUser]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Desktop [LogMeInRemoteUser]: KEDITW 1.6.1.lnk . (.Mansfield Software Group, Inc. - KEDIT for Windows Executable.) C:\Program Files (x86)\Kedit16\KEDITW32.exe {16C3BC3A3343955534F402136FB00488}
    O4 - GS\Desktop [LogMeInRemoteUser]: Microsoft Office Excel 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe =>.Microsoft Corporation
    O4 - GS\Desktop [LogMeInRemoteUser]: Microsoft Office Word 2003.lnk . (…) C:\Windows\Installer{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe =>.Microsoft Corporation
    O4 - GS\Desktop [LogMeInRemoteUser]: PerfectExpert - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t
    O4 - GS\Desktop [LogMeInRemoteUser]: photo2sketch.lnk . (…) C:\SMD\Utils\PhotoSketch - Using\Photo to Sketch\photo2sketch.exe
    O4 - GS\Desktop [LogMeInRemoteUser]: Programs - Shortcut.lnk . (…) C:\ProgramData\Microsoft\Windows\Start Menu\Programs
    O4 - GS\Desktop [LogMeInRemoteUser]: SafeZone Browser.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe /sfzonebrowser =>.AVAST Software s.r.o.®
    O4 - GS\Desktop [LogMeInRemoteUser]: Scan - Shortcut.lnk . (…) C:\Users\Simcha\Pictures\ControlCenter4\Scan =>.Microsoft Corporation
    O4 - GS\Desktop [LogMeInRemoteUser]: Simcha Downloads.lnk . (…) C:\Users\Simcha\Downloads
    O4 - GS\Desktop [LogMeInRemoteUser]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Desktop [LogMeInRemoteUser]: SMD - Shortcut (2).lnk . (…) C:\SMD
    O4 - GS\Desktop [LogMeInRemoteUser]: SolveigMM AVI Trimmer + MKV.lnk . (.Solveig Multimedia - .) C:\SMD\Vid Tools2\Trimmer\SMM_AVITrimmer.exe {6D7045372E285AD557F0452BDC9648C3} =>.Solveig Multimedia
    O4 - GS\Desktop [LogMeInRemoteUser]: Std Default Downloads.lnk . (…) C:\Download
    O4 - GS\Desktop [LogMeInRemoteUser]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
    O4 - GS\Desktop [LogMeInRemoteUser]: Tipard DVD Ripper.exe - Shortcut.lnk . (.Tipard - Tipard DVD Ripper.) C:\SMD\Utils3\Tipard DVD Ripper\Tipard DVD Ripper.exe =>.LongEasy Co., Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: Video Converter- Using.lnk . (.Anvsoft - Any Video Converter.) C:\SMD\Utils\AnyVideoConverter\Any Video Converter\AVCFree.exe =>.Anvsoft Inc.®
    O4 - GS\Desktop [LogMeInRemoteUser]: VideoJoiner.lnk . (…) C:\SMD\Vid Tools2\Free AVI MPEG WMV MP4 FLV Video Joiner\FreeAVIMPEGWMVMP4FLVVideoJoiner.exe =>.Tsingsoft Imagination Information Technology Co., Ltd®
    O4 - GS\Desktop [LogMeInRemoteUser]: WinX_DVD_ CURRENT.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Vid Tools2\WinX DVD\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Plati num.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [LogMeInRemoteUser]: WinX_DVD_Ripper_Platinum Rel 6.5 - Shortcut.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils3\WinX_DVD_Ripper_Platinum 6.5.0\WinX_DVD_Ripper_Platinum.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [LogMeInRemoteUser]: WinX_DVD_Ripper_PlatinumRel 7.5.12.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils\Utilities-A\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Platinu m.exe =>.Digiarty, Inc.®
    O4 - GS\Desktop [LogMeInRemoteUser]: WinZip 15.0.lnk . (.WinZip Computing, S.L. - WinZip.) C:\Program Files (x86)\WinZip\WINZIP32.EXE =>.WinZip Computing®
    O4 - GS\Desktop [LogMeInRemoteUser]: WMP.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
    O4 - GS\Desktop [LogMeInRemoteUser]: WordPerfect.lnk . (.InstallShield Software Corp. - InstallShield.) C:\Windows\Installer{AF19F291-F22F-4798-9662-525305AE9E48}\WPShortcut.exe =>.InstallShield Software Corp.
    O4 - GS\Desktop [LogMeInRemoteUser]: WP12 - Shortcut.lnk . (…) C:\Users\Simcha\AppData\Roaming\Corel\PerfectExper t\12
    O4 - GS\Desktop [LogMeInRemoteUser]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Simcha\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
    O4 - GS\Desktop [LogMeInRemoteUser]: ZTreeWin.lnk . (.Zedtek, Inc. - ZTreeWin.) C:\ZTreeWin\ZTW64.EXE {172B680297B7E07A4365CC85AE48CCCA}
    O4 - GS\Quicklaunch [LogMeInRemoteUser]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\Quicklaunch [LogMeInRemoteUser]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\Quicklaunch [LogMeInRemoteUser]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [LogMeInRemoteUser]: Launch Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE /recycle =>.Microsoft Corporation®
    O4 - GS\Quicklaunch [LogMeInRemoteUser]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\sendTo [LogMeInRemoteUser]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
    O4 - GS\TaskBar [LogMeInRemoteUser]: Acronis Backup installer.lnk . (.Acronis - Acronis Backup installer.) C:\Users\Simcha\Downloads\Acronis\AcronisBackup_11 .7N_44190_en-US.exe =>.Acronis International GmbH®
    O4 - GS\TaskBar [LogMeInRemoteUser]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [LogMeInRemoteUser]: Free Dailymotion Download.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\TaskBar [LogMeInRemoteUser]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\TaskBar [LogMeInRemoteUser]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\TaskBar [LogMeInRemoteUser]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
    O4 - GS\TaskBar [LogMeInRemoteUser]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
    O4 - GS\Startup [LogMeInRemoteUser]: OS (C) - Shortcut.lnk . (.Authors - .) C:\
    O4 - GS\Startup [LogMeInRemoteUser]: Simcha’s Group - Shortcut.lnk . (…) C:\SMD\Simcha’s Group
    O4 - GS\Programs [LogMeInRemoteUser]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [LogMeInRemoteUser]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [LogMeInRemoteUser]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\CommonDesktop [Public]: Acronis Backup 11.7.lnk . (.Acronis - Acronis Backup Management Console.) C:\Program Files (x86)\Acronis\BackupAndRecoveryConsole\ManagementC onsole.exe =>.Acronis International GmbH®
    O4 - GS\CommonDesktop [Public]: Adobe Reader 9.lnk . (.Adobe Systems Incorporated - Adobe Reader 9.5.) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
    O4 - GS\CommonDesktop [Public]: Avast Pro Antivirus.lnk . (.AVAST Software - Avast Antivirus.) C:\Program Files\AVAST Software\Avast\AvastUI.exe =>.AVAST Software s.r.o.®
    O4 - GS\CommonDesktop [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
    O4 - GS\CommonDesktop [Public]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\CommonDesktop [Public]: Brother Creative Center.lnk . (…) C:\Program Files (x86)\Brother\CreativeCenter\Brother Creative Center.url
    O4 - GS\CommonDesktop [Public]: Brother Utilities.lnk . (.Brother Industries, Ltd. - BrLauncher.) C:\Program Files (x86)\Brother\BrLauncher\BrLauncher.exe =>.Brother Industries, Ltd.
    O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - .) C:\Program Files (x86)\CCleaner\CCleaner64.exe =>.Piriform Ltd
    O4 - GS\CommonDesktop [Public]: Debut Video Capture Software.lnk . (.NCH Software - Debut Video Capture Software.) C:\Program Files (x86)\NCH Software\Debut\debut.exe =>.NCH Software®
    O4 - GS\CommonDesktop [Public]: DVDVideoSoft Free Studio.lnk . (.Digital Wave Ltd - Free Studio.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe =>.Digital Wave Ltd®
    O4 - GS\CommonDesktop [Public]: eBay.lnk . (.eBay Inc. - Browser Launcher.) C:\Program Files (x86)\eBay\Browser Launcher.exe http://rover.ebay.com/ =>.eBay Inc.
    O4 - GS\CommonDesktop [Public]: FastStone Image Viewer.lnk . (.FastStone Soft - FastStone Image Viewer.) C:\SMD\Vid Tools2\FastStoneViewer\FastStone Image Viewer\FSViewer.exe =>.FastStone Soft
    O4 - GS\CommonDesktop [Public]: Free Dailymotion Download.lnk . (.DVDVideoSoft Ltd. - FreeDailymotionDownload.) C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe =>.Digital Wave Ltd®
    O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\CommonDesktop [Public]: IrfanView Thumbnails.lnk . (.Irfan Skiljan - IrfanView 32-bit.) C:\Program Files (x86)\IrfanView\i_view32.exe /thumbs =>.Irfan Skiljan®
    O4 - GS\CommonDesktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) C:\Program Files (x86)\iTunes\iTunes.exe =>.Apple Inc.®
    O4 - GS\CommonDesktop [Public]: KEDIT for Windows.lnk . (…) C:\SMD\Kedit161\KEDITW32.exe
    O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
    O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\CommonDesktop [Public]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation®
    O4 - GS\CommonDesktop [Public]: Removal Tool.lnk . (.9-lab LLC - 9-lab Malware Removal Tool.) C:\Program Files\9-lab\Removal Tool\rmtool.exe =>.9-Lab®
    O4 - GS\CommonDesktop [Public]: SUPERAntiSpyware Professional.lnk . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe =>.SUPERAntiSpyware.com®
    O4 - GS\CommonDesktop [Public]: TeamViewer 11 Host.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer®
    O4 - GS\CommonDesktop [Public]: VideoPad Video Editor.lnk . (.NCH Software - VideoPad Video Editor.) C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe =>.NCH Software®
    O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\SMD\Vid Tools\VLC\vlc.exe =>.VideoLAN®
    O4 - GS\CommonDesktop [Public]: WinX DVD Ripper Platinum 7.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Utils\Utils2\WinX_DVD_Ripper_Platinum\WinX_ DVD_Ripper_Platinum.exe =>.Digiarty, Inc.®
    O4 - GS\CommonDesktop [Public]: WinX DVD Ripper Platinum.lnk . (.Digiarty Software, Inc. - WinX DVD Ripper Platinum.) C:\SMD\Vid Tools2\WinX DVD\WinX_DVD_Ripper_Platinum\WinX_DVD_Ripper_Plati num.exe =>.Digiarty, Inc.®
    O4 - GS\CommonDesktop [Public]: ZoneAlarm Security.lnk . (.Check Point Software Technologies LTD - ZoneAlarm.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe =>.Check Point Software Technologies Ltd.®
    O4 - GS\Programs [Public]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O4 - GS\Programs [Public]: join.me.lnk . (.LogMeIn, Inc. - join.me.) C:\Users\Simcha\AppData\Local\join.me\join.me.exe =>.LogMeIn, Inc.®
    O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\system32\cmd.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\system32\notepad.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
    O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
    O4 - GS\Startup [Public]: APC UPS Status.lnk . (.Schneider Electric - Startup Notification Module.) C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe =>.American Power Conversion®
    O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\system32\calc.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\system32\mblctr.exe /open =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows host process (Rundll32).) C:\Windows\system32\rundll32.exe %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCent er LaunchedBy_StartMenuShortcut =>.Microsoft Corporation
    O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\system32\charmap.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\Windows\system32\perfmon.exe /res =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (…) C:\Windows\system32\taskschd.msc /s =>..Microsoft Corporation
    O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
    O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
    O4 - GS\ProgramsCommon [Public]: Adobe Bridge CS5.lnk . (.Adobe Systems, Inc. - Adobe Bridge CS5.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe =>.Adobe Systems Incorporated®
    O4 - GS\ProgramsCommon [Public]: Adobe Device Central CS5.lnk . (.Adobe Systems Inc. - Adobe Device Central CS5.) C:\Program Files (x86)\Adobe\Adobe Device Central CS5\DeviceCentral.exe =>.Adobe Systems Inc.
    O4 - GS\ProgramsCommon [Public]: Adobe ExtendScript Toolkit CS5.lnk . (.Adobe Systems Incorporated - ExtendScript Toolkit CS5 and Debugger (32 b.) C:\Program Files (x86)\Adobe\Adobe Utilities - CS5\ExtendScript Toolkit CS5\ExtendScript Toolkit.exe =>.Adobe Systems Incorporated®
    O4 - GS\ProgramsCommon [Public]: Adobe Extension Manager CS5.lnk . (.Adobe Systems Incorporated - Adobe Extension Manager CS5.) C:\Program Files (x86)\Adobe\Adobe Extension Manager CS5\Adobe Extension Manager CS5.exe =>.Adobe Systems Incorporated®
    O4 - GS\ProgramsCommon [Public]: Adobe Help.lnk . (…) C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe
    O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated®
    O4 - GS\ProgramsCommon [Public]: Adobe Photoshop CS5.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe =>.Adobe Systems Incorporated®
    O4 - GS\ProgramsCommon [Public]: Adobe Reader 9.lnk . (…) C:\Windows\Installer{AC76BA86-7AD7-1033-7B44-A95000000001}\SC_Reader.ico =>.Adobe Inc.
    O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (…) C:\Windows\Installer{C41300B9-185D-475E-BFEC-39EF732F19B1}\AppleSoftwareUpdateIco.exe =>.Apple Inc.
    O4 - GS\ProgramsCommon [Public]: Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe =>.The Audacity Team
    O4 - GS\ProgramsCommon [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) C:\SMD\Utils\Audacity\audacity.exe =>.The Audacity Team
    O4 - GS\ProgramsCommon [Public]: Avast SafeZone Browser.lnk . (.Avast Software - Avast SafeZone Browser.) C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software s.r.o.®
    O4 - GS\ProgramsCommon [Public]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\Advisor\BelarcAdvisor.exe {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O4 - GS\ProgramsCommon [Public]: Debut Video Capture Software.lnk . (.NCH Software - Debut Video Capture Software.) C:\Program Files (x86)\NCH Software\Debut\debut.exe =>.NCH Software®
    O4 - GS\ProgramsCommon [Public]: Dell Help Documentation.lnk . (.Dell Inc. - .) C:\Program Files (x86)\Dell Inc\Dell Edoc Viewer\EDocs.exe =>.Dell Inc.
    O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O4 - GS\ProgramsCommon [Public]: KEDIT for Windows.lnk . (…) C:\SMD\Kedit161\KEDITW32.exe
    O4 - GS\ProgramsCommon [Public]: LogMeIn Client.lnk . (.LogMeIn, Inc. - LogMeIn Client.) C:\Program Files (x86)\LogMeIn Ignition\LMIIgnition.exe =>.LogMeIn, Inc.®
    O4 - GS\ProgramsCommon [Public]: LogMeIn Control Panel.lnk . (.LogMeIn, Inc. - LogMeIn Control Panel.) C:\Program Files (x86)\LogMeIn\x64\LogMeInToolkit.exe =>.LogMeIn, Inc.®
    O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
    O4 - GS\ProgramsCommon [Public]: Microsoft Office 2010.lnk . (…) C:\Windows\Installer{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe =>.Microsoft Corporation®
    O4 - GS\ProgramsCommon [Public]: Microsoft Office PowerPoint Viewer 2007.lnk . (…) C:\Windows\Installer{95120000-00AF-0409-0000-0000000FF1CE}\ppvwicon.exe =>.Microsoft Corporation®
    O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O4 - GS\ProgramsCommon [Public]: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe =>.Mozilla Corporation®
    O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files (x86)\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
    O4 - GS\ProgramsCommon [Public]: TeamViewer 11 Host.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer®
    O4 - GS\ProgramsCommon [Public]: VideoPad Video Editor.lnk . (.NCH Software - VideoPad Video Editor.) C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe =>.NCH Software®
    O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\Windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
    O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - .) C:\Program Files (x86)\DVD Maker\DVDMaker.exe =>.Microsoft Corporation
    O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\Windows\system32\WFS.exe =>.Microsoft Corporation
    O4 - GS\ProgramsCommon [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation®
    O4 - GS\ProgramsCommon [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe =>.Microsoft Corporation®
    O4 - GS\ProgramsCommon [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
    O4 - GS\ProgramsCommon [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
    O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
    O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation

    —\ Lop.com/Domain Hijackers (2) - 0s
    O17 - HKLM\System\CCS\Services\Tcpip..{1396F9F1-AF76-43CD-A872-2B40013661F7}: NameServer = 192.168.1.1 =>.Local IP Adress
    O17 - HKLM\System\CCS\Services\Tcpip..{223C8A2A-1F78-4BD3-A228-9FCB809537EF}: NameServer = 192.168.1.1 =>.Local IP Adress

    —\ Extra protocols (33) - 1s
    O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
    O18 - Handler: belarc [64Bits] - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} . (.Belarc, Inc. - Belarc VoilaX Control.) – C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll {57DD26EC90E61323C437981C6B0DF9F8} =>.Belarc, Inc.
    O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
    O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
    O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
    O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) – C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
    O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
    O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) – C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
    O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Windows\System32\itss.dll =>.Microsoft Corporation
    O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) – C:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL =>.Microsoft Corporation
    O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) – C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
    O18 - Handler: mso-offdap [64Bits] - {3D9F03FA-7A94-11D3-BE81-0050048385D1} . (.Microsoft Corporation - Microsoft Office XP Web Components.) – C:\Program Files (x86)\Common Files\microsoft shared\Web Components\10\OWC10.DLL =>.Microsoft Corporation®
    O18 - Handler: mso-offdap11 [64Bits] - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) – C:\Program Files (x86)\Common Files\microsoft shared\Web Components\11\OWC11.DLL =>.Microsoft Corporation®
    O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
    O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) – C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll =>.Skype Technologies SA®
    O18 - Handler: skype4com [64Bits] - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) – C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll =>.Skype Technologies SA®
    O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) – C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
    O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) – C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
    O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) – C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
    O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) – C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
    O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
    O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
    O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) – C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
    O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) – C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
    O18 - Filter: text/xml [64Bits] - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) – C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL =>.Microsoft Corporation®

    —\ Software installed (170) - 15s
    O42 - Logiciel: 9-lab Removal Tool - (..) [HKLM][64Bits] – 9-lab Removal Tool =>.9-Lab®
    O42 - Logiciel: Acronis Backup 11.7 Agent Core - (.Acronis.) [HKLM][64Bits] – {356FE63D-CA4B-4BC5-A5A5-59F72A4F1FAA} =>.Acronis
    O42 - Logiciel: Acronis Backup 11.7 Agent for Windows - (.Acronis.) [HKLM][64Bits] – {E8C647FB-369D-4216-879C-0CDF28407179} =>.Acronis
    O42 - Logiciel: Acronis Backup 11.7 Bootable Media Builder - (.Acronis.) [HKLM][64Bits] – {549CF6BC-463B-43F0-87F2-F33B7B56DA8E} =>.Acronis
    O42 - Logiciel: Acronis Backup 11.7 Command-Line Tool - (.Acronis.) [HKLM][64Bits] – {EFA9148A-BA06-4956-9BF5-CC9A6602FBFB} =>.Acronis
    O42 - Logiciel: Acronis Backup 11.7 Management Console - (.Acronis.) [HKLM][64Bits] – {676B4047-27B3-4A70-B6DA-06FBFB22822F} =>.Acronis
    O42 - Logiciel: Acronis Backup 11.7 Tray Monitor - (.Acronis.) [HKLM][64Bits] – {4EF5A0DF-7A55-4341-A07D-0FB6144181E5} =>.Acronis
    O42 - Logiciel: ActiveHome Pro - (..) [HKLM][64Bits] – ActiveHomePro
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {78DFDC88-FA40-408F-8397-1D7908A6DA21} =>.Adobe Systems Incorporated
    O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe AIR =>.Adobe Systems Incorporated®
    O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7} =>.Adobe Systems Incorporated
    O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] – chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated
    O42 - Logiciel: Adobe Flash Player 20 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
    O42 - Logiciel: Adobe Flash Player 24 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] – Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
    O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} =>.Adobe Systems Incorporated
    O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] – com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485D F8CE.1 =>.Adobe Systems Incorporated
    O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {15FEDA5F-141C-4127-8D7E-B962D1742728} =>.Adobe Systems Incorporated®
    O42 - Logiciel: Adobe Reader 9.5.4 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-7AD7-1033-7B44-A95000000001} =>.Adobe Systems Incorporated
    O42 - Logiciel: Aiseesoft DVD Ripper 6.2.18 - (..) [HKLM][64Bits] – {D6BAD6AB-D3D9-46ad-B2C4-5A969006CE48}_is1
    O42 - Logiciel: Any Video Converter 5.7.6 - (.Any-Video-Converter.com.) [HKLM][64Bits] – Any Video Converter_is1 =>.Anvsoft Inc.®
    O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] – {2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386} =>.Apple Inc.
    O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] – {8F473675-D702-45F9-8EBC-342B40C17BF5} =>.Apple Inc.
    O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] – {C41300B9-185D-475E-BFEC-39EF732F19B1} =>.Apple Inc.
    O42 - Logiciel: Audacity 1.3.14 (Unicode) - (.Audacity Team.) [HKLM][64Bits] – Audacity 1.3 Beta (Unicode)_is1 =>.Audacity Team
    O42 - Logiciel: Audacity 2.0.3 - (.Audacity Team.) [HKLM][64Bits] – Audacity_is1 =>.Audacity Team
    O42 - Logiciel: Avast Pro Antivirus - (.AVAST Software.) [HKLM][64Bits] – Avast Antivirus =>.AVAST Software s.r.o.®
    O42 - Logiciel: Belarc Advisor 8.2 - (.Belarc Inc..) [HKLM][64Bits] – Belarc Advisor =>.Belarc Inc.
    O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] – {E4F5E48E-7155-4CF9-88CD-7F377EC9AC54} =>.Apple Inc.
    O42 - Logiciel: BrLauncher - (.Brother Industries Ltd..) [HKLM][64Bits] – {9483AB22-92AA-4161-9E79-DE77B71949DA} =>.Brother Industries Ltd.
    O42 - Logiciel: BrLogRx - (.Brother Industries Ltd..) [HKLM][64Bits] – {E9A086F3-E0CB-4E91-AABE-586D99788BC3} =>.Brother Industries Ltd.
    O42 - Logiciel: Brother PCFax Driver - (.Brother Industries Ltd..) [HKLM][64Bits] – {56BA05BD-7A67-4EF8-85A7-8C6528AEE2AC} =>.Brother Industries Ltd.
    O42 - Logiciel: Brother Printer Driver - (.Brother Industries Ltd..) [HKLM][64Bits] – {C52796C4-1E9B-4CF0-BCD1-DB776FCC0ECA} =>.Brother Industries Ltd.
    O42 - Logiciel: Brother Scanner Driver - (.Brother Industries Ltd..) [HKLM][64Bits] – {462036DD-8713-43B8-B93A-36DA775F48BD} =>.Brother Industries Ltd.
    O42 - Logiciel: BrotherHelpInstaller - (.Brother.) [HKLM][64Bits] – {4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8} =>.Brother
    O42 - Logiciel: BrSupportTools - (.Brother Industries Ltd..) [HKLM][64Bits] – {F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C} =>.Brother Industries Ltd.
    O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] – CCleaner =>.Piriform Ltd®
    O42 - Logiciel: Cisco WebEx Meetings - (.Cisco WebEx LLC.) [HKLM][64Bits] – ActiveTouchMeetingClient =>.Cisco WebEx LLC®
    O42 - Logiciel: Citrix Online Launcher - (.Citrix.) [HKLM][64Bits] – {678753E6-E526-4AE5-A144-00240772543A} =>.Citrix
    O42 - Logiciel: Consumer In-Home Service Agreement - (.Dell Inc..) [HKLM][64Bits] – {F47C37A4-7189-430A-B81D-739FF8A7A554} =>.Dell Inc.
    O42 - Logiciel: ControlCenter4 - (.Brother Insutries Ltd..) [HKLM][64Bits] – {C5744F42-FDC4-4CC2-B4A8-47C9AA9553B4} =>.Brother Insutries Ltd.
    O42 - Logiciel: ControlCenter4 CSDK - (.Brother Insutries Ltd..) [HKLM][64Bits] – {1BAE50D4-5F2A-4E34-BD81-B4555109F7C2} =>.Brother Insutries Ltd.
    O42 - Logiciel: Core FTP LE - (..) [HKLM][64Bits] – CoreFTP
    O42 - Logiciel: Corel WordPerfect Office - iFilter 64 Bit - (.Corel Corporation.) [HKLM][64Bits] – {1B45B85C-99E8-4523-8FB3-0248B3DECFC8} =>.Corel Corporation
    O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] – {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
    O42 - Logiciel: Debut Video Capture Software - (.NCH Software.) [HKLM][64Bits] – Debut =>.NCH Software®
    O42 - Logiciel: Dell Data Vault - (.Dell Inc..) [HKLM][64Bits] – {2E55EEFD-2162-4A7D-9158-EDB0305603A6} =>.Dell Inc.
    O42 - Logiciel: Dell DataSafe Local Backup - (.Dell.) [HKLM][64Bits] – {0ED7EE95-6A97-47AA-AD73-152C08A15B04} =>.Dell
    O42 - Logiciel: Dell DataSafe Local Backup - Support Software - (.Dell.) [HKLM][64Bits] – {A9668246-FB70-4103-A1E3-66C9BC2EFB49} =>.Dell
    O42 - Logiciel: Dell DataSafe Online - (.Dell.) [HKLM][64Bits] – {7EC66A95-AC2D-4127-940B-0445A526AB2F} =>.Dell
    O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM][64Bits] – {C73A3942-84C8-4597-9F9B-EE227DCBA758} =>.Stardock Corporation
    O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM][64Bits] – Dell Dock =>.Stardock Corporation®
    O42 - Logiciel: Dell Edoc Viewer - (.Dell Inc.) [HKLM][64Bits] – {8EBA8727-ADC2-477B-9D9A-1A1836BE4E05} =>.Dell Inc
    O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM][64Bits] – {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045} =>.Dell Inc.
    O42 - Logiciel: Dell SupportAssist - (.Dell.) [HKLM][64Bits] – PC-Doctor for Windows =>.Dell Inc®
    O42 - Logiciel: Dell SupportAssistAgent - (.Dell.) [HKLM][64Bits] – {287348C8-8B47-4C36-AF28-441A3B7D8722} =>.Dell
    O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] – 58d94f3ce2c27db0 =>.Dell Inc.®
    O42 - Logiciel: DeviceDetect - (.Brother Industries Ltd..) [HKLM][64Bits] – {0B226409-96A6-47F0-84D8-89223B6F9479} =>.Brother Industries Ltd.
    O42 - Logiciel: DirectX 9 Runtime - (.Sonic Solutions.) [HKLM][64Bits] – {AF9E97C1-7431-426D-A8D5-ABE40995C0B1} =>.Sonic Solutions
    O42 - Logiciel: DiskCheckup v3.3 - (.PassMark Software.) [HKLM][64Bits] – DiskCheckup_is1 =>.PassMark Software
    O42 - Logiciel: eBay - (.eBay Inc..) [HKLM][64Bits] – {A8B88634-7F90-402F-B66A-86429755F6A5} =>.eBay Inc.
    O42 - Logiciel: FastStone Image Viewer 5.5 - (.FastStone Soft.) [HKLM][64Bits] – FastStone Image Viewer =>.FastStone Soft
    O42 - Logiciel: FileZilla Client 3.14.1 - (.Tim Kosse.) [HKLM][64Bits] – FileZilla Client =>.Tim Kosse
    O42 - Logiciel: Free AVI MPEG WMV MP4 FLV Video Joiner 5.1.2 - (.MediaRightSoft, Inc..) [HKLM][64Bits] – Free AVI MPEG WMV MP4 FLV Video Joiner_is1
    O42 - Logiciel: Free Dailymotion Download - (.Digital Wave Ltd.) [HKLM][64Bits] – Free Dailymotion Download_is1 =>.Digital Wave Ltd®
    O42 - Logiciel: Free Studio - (.DVDVideoSoft Ltd..) [HKLM][64Bits] – Free Studio_is1 =>.Digital Wave Ltd®
    O42 - Logiciel: Free YouTube Downloader 3.3.115 - (.HOW Inc..) [HKLM][64Bits] – {A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1 =>.HOW Inc.
    O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] – Google Chrome =>.Google Inc®
    O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] – {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
    O42 - Logiciel: GoToAssist 8.0.0.514 - (..) [HKLM][64Bits] – GoToAssist =>.Citrix Online®
    O42 - Logiciel: GPL Ghostscript - (.Artifex Software Inc..) [HKLM][64Bits] – GPL Ghostscript 9.18 =>.Artifex Software Inc.
    O42 - Logiciel: HowToGuide - (.Brother Industries Ltd..) [HKLM][64Bits] – {36580EEB-4EDF-4880-BBD4-097E2C645ECD} =>.Brother Industries Ltd.
    O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] – {F8A9085D-4C7A-41a9-8A77-C8998A96C421} =>.Intel Corporation®
    O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] – HDMI =>.Intel Corporation®
    O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] – {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} =>.Intel Corporation®
    O42 - Logiciel: Internet Explorer - (.Microsoft Corporation.) [HKLM][64Bits] – {AA31EA7B-7917-4000-949B-38E91F848A25} =>.Microsoft Corporation
    O42 - Logiciel: IrfanView (remove only) - (.Irfan Skiljan.) [HKLM][64Bits] – IrfanView =>.Irfan Skiljan
    O42 - Logiciel: IrfanView 4.44 (64-bit) - (.Irfan Skiljan.) [HKLM][64Bits] – IrfanView64 =>.Irfan Skiljan
    O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] – {B24A47E5-F196-461E-A7A4-AADB72CB19DD} =>.Apple Inc.
    O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM][64Bits] – {4A03706F-666A-4037-7777-5F2748764D10} =>.Sun Microsystems, Inc.
    O42 - Logiciel: Java™ 6 Update 22 (64-bit) - (.Oracle.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F86416022FF} =>.Oracle
    O42 - Logiciel: Java™ 6 Update 24 - (.Oracle.) [HKLM][64Bits] – {26A24AE4-039D-4CA4-87B4-2F83216022FF} =>.Oracle
    O42 - Logiciel: join.me - (.LogMeIn, Inc..) [HKCU][64Bits] – JoinMe =>.LogMeIn, Inc.®
    O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] – {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
    O42 - Logiciel: KEDIT for Windows 1.6.1 - (.Mansfield Software Group, Inc..) [HKLM][64Bits] – KEDIT for Windows
    O42 - Logiciel: LogMeIn - (.LogMeIn, Inc..) [HKLM][64Bits] – {D3AE96EE-2876-4B3F-847C-D3A4AD689E43} =>.LogMeIn, Inc.
    O42 - Logiciel: LogMeIn Client - (.LogMeIn, Inc..) [HKLM][64Bits] – {D2300C4F-CC9B-4D00-BC53-B4C806A6C7AB} =>.LogMeIn, Inc.
    O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] – Malwarebytes Anti-Malware_is1 =>.Malwarebytes
    O42 - Logiciel: MediaInfo 0.7.53 - (.MediaArea.net.) [HKLM][64Bits] – MediaInfo {00FB6841B530E64E523F2FCEE41565F123} =>.MediaArea.net
    O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM][64Bits] – {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.Microsoft Corporation
    O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM][64Bits] – {50816F92-1652-4A7C-B9BC-48F682742C4B} =>.Microsoft Corporation
    O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] – {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation
    O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] – {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
    O42 - Logiciel: Mozilla Firefox 51.0.1 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Firefox 51.0.1 (x86 en-US) =>.Mozilla Corporation®
    O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] – MozillaMaintenanceService =>.Mozilla
    O42 - Logiciel: Mozilla Thunderbird 45.6.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] – Mozilla Thunderbird 45.6.0 (x86 en-US) =>.Mozilla Corporation®
    O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] – {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
    O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM][64Bits] – {D0B44725-3666-492D-BEF6-587A14BD9BD9} =>.Microsoft
    O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] – {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
    O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] – {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
    O42 - Logiciel: NetworkRepairTool - (.Brother Insutries Ltd..) [HKLM][64Bits] – {4694AD3E-D4A2-4D98-9848-662A0475E872} =>.Brother Insutries Ltd.
    O42 - Logiciel: PC-FAXReceive - (.Brother Insutries Ltd..) [HKLM][64Bits] – {8DB92891-74BB-464E-BCF8-6D6A9C2132AC} =>.Brother Insutries Ltd.
    O42 - Logiciel: PCFaxTx - (.Brother Industries Ltd..) [HKLM][64Bits] – {4D52CAB8-06E6-4511-B29C-E2F36B52AE12} =>.Brother Industries Ltd.
    O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {A78FE97A-C0C8-49CE-89D0-EDD524A17392} =>.Adobe Systems Incorporated
    O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] – {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D} =>.Frank Heindörfer, Philip Chinery
    O42 - Logiciel: PhotoShowExpress - (.Sonic Solutions.) [HKLM][64Bits] – {3250260C-7A95-4632-893B-89657EB5545B} =>.Sonic Solutions
    O42 - Logiciel: PowerChute Personal Edition 3.0.2 - (.Schneider Electric.) [HKLM][64Bits] – {8ED262EE-FC73-47A9-BB86-D92223246881} =>.Schneider Electric
    O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] – {57752979-A1C9-4C02-856B-FBB27AC4E02C} =>Riskware.QuickTime
    O42 - Logiciel: RBVirtualFolder64Inst - (.Roxio, Inc..) [HKLM][64Bits] – {9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D} =>.Roxio, Inc.
    O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] – {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
    O42 - Logiciel: RemoteSetup - (.Brother Industries Ltd..) [HKLM][64Bits] – {B6CE4633-EA3F-4856-9BCC-9B8702E076FE} =>.Brother Industries Ltd.
    O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM][64Bits] – {A121EEDE-C68F-461D-91AA-D48BA226AF1C} =>.Roxio
    O42 - Logiciel: Roxio BackOnTrack - (.Roxio.) [HKLM][64Bits] – {5A06423A-210C-49FB-950E-CB0EB8C5CEC7} =>.Roxio
    O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] – {7746BFAA-2B5D-4FFD-A0E8-4558F4668105} =>.Roxio
    O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM][64Bits] – {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87} =>.Sonic Solutions®
    O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] – {6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC} =>.Sonic Solutions®
    O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] – {EF56258E-0326-48C5-A86C-3BAC26FC15DF} =>.Roxio
    O42 - Logiciel: Roxio Creator Starter - (.Roxio.) [HKLM][64Bits] – {F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878} =>.Roxio
    O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM][64Bits] – {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} =>.Roxio
    O42 - Logiciel: Roxio File Backup - (.Roxio.) [HKLM][64Bits] – {60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB} =>.Roxio
    O42 - Logiciel: SafeZone Stable 3.55.2393.561 - (.Avast Software.) [HKLM][64Bits] – SafeZone 3.55.2393.561 =>.AVAST Software s.r.o.®
    O42 - Logiciel: ScannerUtilityInstaller - (.Brother.) [HKLM][64Bits] – {5B645FE2-19E9-4B15-B5B2-3D8766F6FA27} =>.Brother
    O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM][64Bits] – {981029E0-7FC9-4CF3-AB39-6F133621921A} =>.Skype Technologies S.A.
    O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM][64Bits] – {D103C4BA-F905-437A-8049-DB24763BBE36} =>.Skype Technologies S.A.
    O42 - Logiciel: SolveigMM AVI Trimmer - (.Solveig Multimedia.) [HKLM][64Bits] – SolveigMM AVI Trimmer 2.0.1210.11 =>.Solveig Multimedia
    O42 - Logiciel: Sonic CinePlayer Decoder Pack - (.Sonic Solutions.) [HKLM][64Bits] – {9A00EC4E-27E1-42C4-98DD-662F32AC8870} =>.Sonic Solutions
    O42 - Logiciel: Sothink DVD Ripper - (.SourceTec Software Co., LTD.) [HKLM][64Bits] – {185E5BA3-64B1-4BE2-8326-923D3483CA83}_is1 =>.SourceTec Software Co., LTD
    O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] – {AC76BA86-7AD7-5464-3428-900000000004} =>.Adobe Systems Incorporated
    O42 - Logiciel: SpywareBlaster 5.4 - (.BrightFort LLC.) [HKLM][64Bits] – SpywareBlaster_is1 =>.BrightFort LLC
    O42 - Logiciel: StatusMonitor - (.Brother Insutries Ltd..) [HKLM][64Bits] – {86D16055-3C14-44C6-BCD7-5514B83BAD34} =>.Brother Insutries Ltd.
    O42 - Logiciel: StreamTransport version: 1.0.2.2171 - (..) [HKLM][64Bits] – {FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1
    O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM][64Bits] – {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} =>.SUPERAntiSpyware.com®
    O42 - Logiciel: TeamViewer 11 Host - (.TeamViewer.) [HKLM][64Bits] – TeamViewer =>.TeamViewer®
    O42 - Logiciel: UsbRepairTool - (.Brother Insutries Ltd..) [HKLM][64Bits] – {523276A4-5779-4105-9163-CA1CF94EC533} =>.Brother Insutries Ltd.
    O42 - Logiciel: VCatcher - (..) [HKLM][64Bits] – VCatcher_is1
    O42 - Logiciel: VideoPad Video Editor - (.NCH Software.) [HKLM][64Bits] – VideoPad =>.NCH Software®
    O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] – VLC media player =>.VideoLAN
    O42 - Logiciel: WinRAR archiver - (.RarLab.) [HKLM][64Bits] – WinRAR archiver =>.RarLab
    O42 - Logiciel: WinX DVD Ripper Platinum 7.5.19 - (.Digiarty Software, Inc..) [HKLM][64Bits] – WinX DVD Ripper Platinum_is1 =>.Digiarty, Inc.®
    O42 - Logiciel: WinZip 15.0 - (.WinZip Computing, S.L..) [HKLM][64Bits] – {CD95F661-A5C4-44F5-A6AA-ECDD91C240C0} =>.WinZip Computing, S.L.
    O42 - Logiciel: WordPerfect Lightning - (.Corel Corporation.) [HKLM][64Bits] – {67ED9603-CB76-4338-B7B0-690FE144C4DA} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Lightning - IPM - (.Corel Corporation.) [HKLM][64Bits] – {4873CC58-69D8-490D-9E5C-001DC2EE2020} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Lightning - Messages - (.Corel Corporation.) [HKLM][64Bits] – {4873CC58-69D8-490D-9E5C-001DC2EE2010} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Lightning - MSOM - (.Corel Corporation.) [HKLM][64Bits] – {F6EE49FD-B736-4888-A05A-115F3B1160FA} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office 12 - (.Corel Corporation.) [HKLM][64Bits] – {AF19F291-F22F-4798-9662-525305AE9E48} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - (.Corel Corporation.) [HKLM][64Bits] – _{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579} =>.Corel Corporation®
    O42 - Logiciel: WordPerfect Office X5 - (.Corel Corporation.) [HKLM][64Bits] – {B62C4524-41B5-4E65-952B-36AEC51E3F55} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Common - (.Corel Corporation.) [HKLM][64Bits] – {17C5A285-F7B6-492B-8F3B-343D02B84D75} =>.Corel Corporation
    O42 - Logiciel: Wordperfect Office X5 - EN - (.Corel Corporation.) [HKLM][64Bits] – {E539B721-4458-4EFC-8BD0-04D4842051AE} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Filters - (.Corel Corporation.) [HKLM][64Bits] – {E67732DE-3387-4F1E-BDDA-2D0C08BC025B} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Graphics - (.Corel Corporation.) [HKLM][64Bits] – {6E4B1E42-A831-44B4-A705-D006F68560EC} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - IPM - (.Corel Corporation.) [HKLM][64Bits] – {19B4CD07-1919-4002-B28F-A5D2027026E0} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - LegalTools - (.Corel Corporation.) [HKLM][64Bits] – {D7643510-C1AE-44AD-B0F9-0665C4D73BFD} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Migration Manager - (.Corel Corporation.) [HKLM][64Bits] – {1F0D7D15-8A36-4AE4-8573-70BEA7DF379D} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Oxford - (.Corel Corporation.) [HKLM][64Bits] – {6C13C708-FF28-4991-84E6-5526A0EE677B} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - PerfectExperts EN - (.Corel Corporation.) [HKLM][64Bits] – {64459BD5-3AE8-4689-B7B0-D57B667D8399} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - PR - (.Corel Corporation.) [HKLM][64Bits] – {378BAC91-3AE8-45F0-90E4-4F81E3EAEBC5} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - QP - (.Corel Corporation.) [HKLM][64Bits] – {DAEDCD3D-B981-4F10-B17B-764753EDAF9F} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Setup Files - (.Corel Corporation.) [HKLM][64Bits] – {DE6DE4A1-0343-4DBE-9DC2-E667AA03F579} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Sharepoint - (.Corel Corporation.) [HKLM][64Bits] – {A6FD1334-FD75-4951-935D-08F8C7E4C6B0} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Skins - (.Corel Corporation.) [HKLM][64Bits] – {D4167D08-0F61-4F44-BC3F-26B4960745C4} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - System EN - (.Corel Corporation.) [HKLM][64Bits] – {71D2F8EE-9D45-4D95-A6F6-F6433C2B94B5} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - Templates - (.Corel Corporation.) [HKLM][64Bits] – {CD5C6C29-E6CB-4DF3-B45F-A04087B1C294} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - WP - (.Corel Corporation.) [HKLM][64Bits] – {EC61C6D9-159B-4B14-AAF3-AF33FCFA50DD} =>.Corel Corporation
    O42 - Logiciel: WordPerfect Office X5 - WT - (. Corel Corporation.) [HKLM][64Bits] – {13EBF9E8-82FF-47D0-A324-534B79EF7F71} =>. Corel Corporation
    O42 - Logiciel: YTD Video Downloader 5.1.0 - (.GreenTree Applications SRL.) [HKLM][64Bits] – {1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
    O42 - Logiciel: ZoneAlarm Firewall - (.Check Point Software Technologies Ltd..) [HKLM][64Bits] – {075A7877-02CA-4B15-8534-1211712A8E79} =>.Check Point Software Technologies Ltd.
    O42 - Logiciel: ZoneAlarm Free Firewall - (.Check Point.) [HKLM][64Bits] – ZoneAlarm Free Firewall =>.Check Point Software Technologies Ltd.®
    O42 - Logiciel: ZoneAlarm LTD Toolbar - (.Check Point Software Technologies.) [HKLM][64Bits] – ZoneAlarm LTD Toolbar =>.Check Point Software Technologies
    O42 - Logiciel: ZoneAlarm Security - (.Check Point Software Technologies Ltd..) [HKLM][64Bits] – {1BD9E24B-DB16-491C-8092-F158664BB9F6} =>.Check Point Software Technologies Ltd.
    O42 - Logiciel: ZTreeWin (remove only) - (..) [HKLM][64Bits] – ZTreeWin

    —\ HKCU & HKLM Software Keys (163) - 15s
    HKLM\SOFTWARE\Wow6432Node\Acronis =>.Acronis
    HKLM\SOFTWARE\Wow6432Node\ActiveTouch
    HKLM\SOFTWARE\Wow6432Node\Adobe =>.Adobe
    HKLM\SOFTWARE\Wow6432Node\AdwCleaner =>.Malwarebytes
    HKLM\SOFTWARE\Wow6432Node\AMI =>.AMI
    HKLM\SOFTWARE\Wow6432Node\APC
    HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. =>.Apple Computer, Inc.
    HKLM\SOFTWARE\Wow6432Node\Apple Inc. =>.Apple Inc.
    HKLM\SOFTWARE\Wow6432Node\Artifex
    HKLM\SOFTWARE\Wow6432Node\AVAST Software =>.AVAST Software
    HKLM\SOFTWARE\Wow6432Node\Belarc =>.Belarc
    HKLM\SOFTWARE\Wow6432Node\Borland =>.Borland
    HKLM\SOFTWARE\Wow6432Node\Brother =>.Brother
    HKLM\SOFTWARE\Wow6432Node\CheckPoint =>.CheckPoint
    HKLM\SOFTWARE\Wow6432Node\Citrix =>.Citrix
    HKLM\SOFTWARE\Wow6432Node\Conduit =>.Superfluous.Conduit
    HKLM\SOFTWARE\Wow6432Node\Corel =>.Corel
    HKLM\SOFTWARE\Wow6432Node\Cyberlink =>.CyberLink Corporation
    HKLM\SOFTWARE\Wow6432Node\Debug =>.Legitimate
    HKLM\SOFTWARE\Wow6432Node\Dell =>.Dell
    HKLM\SOFTWARE\Wow6432Node\DigitalWave =>.DigitalWave Corporation
    HKLM\SOFTWARE\Wow6432Node\DVDVideoSoft =>.DVDVideoSoft
    HKLM\SOFTWARE\Wow6432Node\Eset =>.ESET
    HKLM\SOFTWARE\Wow6432Node\FastStone Image Viewer =>.FastStone Soft
    HKLM\SOFTWARE\Wow6432Node\FileZilla 3 =>.FileZilla
    HKLM\SOFTWARE\Wow6432Node\FileZilla Client =>.Tim Kosse
    HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader =>.DawnArk, Inc
    HKLM\SOFTWARE\Wow6432Node\FTPWare
    HKLM\SOFTWARE\Wow6432Node\Google =>.Google
    HKLM\SOFTWARE\Wow6432Node\GPL Ghostscript =>.GPL Ghostscript
    HKLM\SOFTWARE\Wow6432Node\HaaliMkx =>.Haali Media
    HKLM\SOFTWARE\Wow6432Node\illiminable =>.illiminable
    HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
    HKLM\SOFTWARE\Wow6432Node\IrfanView =>.Irfan Skiljan
    HKLM\SOFTWARE\Wow6432Node\JavaSoft =>.JavaSoft
    HKLM\SOFTWARE\Wow6432Node\JreMetrics =>.JreMetrics
    HKLM\SOFTWARE\Wow6432Node\Kodak =>.Kodak
    HKLM\SOFTWARE\Wow6432Node\L&H
    HKLM\SOFTWARE\Wow6432Node\Licenses =>.Microsoft Corporation
    HKLM\SOFTWARE\Wow6432Node\LogMeIn Ignition =>.LogMeIn Entreprise
    HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
    HKLM\SOFTWARE\Wow6432Node\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
    HKLM\SOFTWARE\Wow6432Node\Malwarebytes’ Anti-Malware (Trial) =>.Malwarebytes
    HKLM\SOFTWARE\Wow6432Node\McAfee =>.McAfee Inc.
    HKLM\SOFTWARE\Wow6432Node\McAfeeInstaller =>.McAfee Inc.
    HKLM\SOFTWARE\Wow6432Node\MicroVision =>.MicroVision Developement
    HKLM\SOFTWARE\Wow6432Node\MimarSinan =>.Mimar Sinan
    HKLM\SOFTWARE\Wow6432Node\Moyea
    HKLM\SOFTWARE\Wow6432Node\Mozilla =>.Mozilla
    HKLM\SOFTWARE\Wow6432Node\mozilla.org =>.mozilla.org
    HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
    HKLM\SOFTWARE\Wow6432Node\NCH Software =>.NCH Software
    HKLM\SOFTWARE\Wow6432Node\NCH Swift Sound =>.NCH Swift Sound
    HKLM\SOFTWARE\Wow6432Node\Nico Mak Computing =>.Nico Mak Computing
    HKLM\SOFTWARE\Wow6432Node\ODBC =>.DB Connectivity Solutions
    HKLM\SOFTWARE\Wow6432Node\PC-Doctor =>.PC-Doctor Inc.
    HKLM\SOFTWARE\Wow6432Node\PDFCreator =>.pdfforge GmbH
    HKLM\SOFTWARE\Wow6432Node\Protexis =>.Protexis Inc.
    HKLM\SOFTWARE\Wow6432Node\Roxio =>.Roxio
    HKLM\SOFTWARE\Wow6432Node\Silicon Graphics
    HKLM\SOFTWARE\Wow6432Node\Skype =>.Skype
    HKLM\SOFTWARE\Wow6432Node\SoftThinks =>.SoftThinks
    HKLM\SOFTWARE\Wow6432Node\Solveig Multimedia =>.Solveig Multimedia
    HKLM\SOFTWARE\Wow6432Node\Sonic =>.Sonic
    HKLM\SOFTWARE\Wow6432Node\SourceTec =>.SourceTec
    HKLM\SOFTWARE\Wow6432Node\SpywareBlaster =>.Javacool Software
    HKLM\SOFTWARE\Wow6432Node\TeamViewer =>.TeamViewer
    HKLM\SOFTWARE\Wow6432Node\The Silicon Realms Toolworks =>.The Silicon Realms Toolworks
    HKLM\SOFTWARE\Wow6432Node\TVInstallTemp =>.TeamViewer GmbH
    HKLM\SOFTWARE\Wow6432Node\VDownloader
    HKLM\SOFTWARE\Wow6432Node\VideoLAN =>.VideoLAN
    HKLM\SOFTWARE\Wow6432Node\Volatile =>.Microsoft Corporation
    HKLM\SOFTWARE\Wow6432Node\WebEx =>.Cisco Systems, Inc.
    HKLM\SOFTWARE\Wow6432Node\Windows =>.Microsoft Corporation
    HKLM\SOFTWARE\Wow6432Node\WinRAR =>.WinRAR
    HKLM\SOFTWARE\Wow6432Node\Zone Labs =>.Zone Labs
    HKLM\SOFTWARE\Wow6432Node\ZTreeWin
    HKLM\SOFTWARE\Wow6432Node\RegisteredApplications =>.Microsoft Corporation
    HKCU\SOFTWARE\9-lab =>.9-lab
    HKCU\SOFTWARE\Acronis =>.Acronis
    HKCU\SOFTWARE\Adobe =>.Adobe
    HKCU\SOFTWARE\Aiseesoft Studio =>.Aiseesoft Studio
    HKCU\SOFTWARE\Anvsoft =>.AnvSoft Inc
    HKCU\SOFTWARE\APC
    HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
    HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
    HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
    HKCU\SOFTWARE\ASProtect =>.ASPack Software
    HKCU\SOFTWARE\Audacity =>.Audacity
    HKCU\SOFTWARE\Auslogics =>.Auslogics
    HKCU\SOFTWARE\AVAST Software =>.AVAST Software
    HKCU\SOFTWARE\Belarc =>.Belarc
    HKCU\SOFTWARE\Brother =>.Brother
    HKCU\SOFTWARE\CheckPoint =>.CheckPoint
    HKCU\SOFTWARE\Citrix =>.Citrix
    HKCU\SOFTWARE\Conduit =>.Superfluous.Conduit
    HKCU\SOFTWARE\Corel =>.Corel
    HKCU\SOFTWARE\Cyberlink =>.CyberLink Corporation
    HKCU\SOFTWARE\Dell =>.Dell
    HKCU\SOFTWARE\DVDFab =>.Fengtao
    HKCU\SOFTWARE\DVDVideoSoft =>.DVDVideoSoft
    HKCU\SOFTWARE\ej-technologies =>.ej-technologies
    HKCU\SOFTWARE\ESET =>.ESET
    HKCU\SOFTWARE\FTPWare
    HKCU\SOFTWARE\Gabest =>.Gabest
    HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
    HKCU\SOFTWARE\GNU =>.GNU
    HKCU\SOFTWARE\Google =>.Google
    HKCU\SOFTWARE\GPL Ghostscript =>.GPL Ghostscript
    HKCU\SOFTWARE\GreenTree Applications =>.Superfluous.GreenTreeApp
    HKCU\SOFTWARE\HOW Inc. =>.HOW Inc.
    HKCU\SOFTWARE\InstallPath =>.Legitimate
    HKCU\SOFTWARE\InstallShield =>.InstallShield
    HKCU\SOFTWARE\Intel =>.Intel
    HKCU\SOFTWARE\JavaSoft =>.JavaSoft
    HKCU\SOFTWARE\join.me =>.LogMeIn Entreprise
    HKCU\SOFTWARE\LAV =>.LAV Inc
    HKCU\SOFTWARE\Licenses =>.Microsoft Corporation
    HKCU\SOFTWARE\LogMeIn =>.LogMeIn Entreprise
    HKCU\SOFTWARE\Macromedia =>.Macromedia
    HKCU\SOFTWARE\Macrovision =>.Macrovision
    HKCU\SOFTWARE\Malwarebytes’ Anti-Malware =>.Malwarebytes’ Anti-Malware
    HKCU\SOFTWARE\Mansfield Software Group
    HKCU\SOFTWARE\Motive
    HKCU\SOFTWARE\Mozilla =>.Mozilla
    HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
    HKCU\SOFTWARE\MPC-HC =>.MPC-HC Team
    HKCU\SOFTWARE\NCH Software =>.NCH Software
    HKCU\SOFTWARE\NCH Swift Sound =>.NCH Swift Sound
    HKCU\SOFTWARE\Netscape =>.Netscape
    HKCU\SOFTWARE\Nico Mak Computing =>.Nico Mak Computing
    HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
    HKCU\SOFTWARE\Opera Software =>.Opera Software
    HKCU\SOFTWARE\PDFCreator =>.pdfforge GmbH
    HKCU\SOFTWARE\Piriform =>.Piriform
    HKCU\SOFTWARE\Protexis =>.Protexis Inc.
    HKCU\SOFTWARE\QtProject =>.QtProject
    HKCU\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
    HKCU\SOFTWARE\Roxio =>.Roxio
    HKCU\SOFTWARE\Skype =>.Skype
    HKCU\SOFTWARE\Solveig Multimedia =>.Solveig Multimedia
    HKCU\SOFTWARE\Sonic =>.Sonic
    HKCU\SOFTWARE\SourceTec =>.SourceTec
    HKCU\SOFTWARE\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
    HKCU\SOFTWARE\TeamViewer =>.TeamViewer
    HKCU\SOFTWARE\The Silicon Realms Toolworks =>.The Silicon Realms Toolworks
    HKCU\SOFTWARE\Thunderbird =>.Thunderbird
    HKCU\SOFTWARE\Trolltech =>.Trolltech
    HKCU\SOFTWARE\VCatcher =>.VCatcher Team
    HKCU\SOFTWARE\WinRAR =>.WinRAR
    HKCU\SOFTWARE\WinRAR SFX =>.RarLab
    HKCU\SOFTWARE\WinZip Computing =>.WinZip Computing
    HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
    HKCU\SOFTWARE\X10 =>.X10
    HKCU\SOFTWARE\YahooPartnerToolbar =>Toolbar.YahooPartner
    HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
    HKCU\SOFTWARE\Zone Labs =>.Zone Labs
    HKCU\SOFTWARE\Zugo =>PUP.Optional.Zugo
    HKCU\SOFTWARE\AppDataLow\ISWVolatile =>.Legitimate
    HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
    HKCU\SOFTWARE\AppDataLow\Software\Conduit =>.Superfluous.Conduit
    HKCU\SOFTWARE\AppDataLow\Software\Monitored =>.Legitimate
    HKCU\SOFTWARE\AppDataLow\Software\settings =>.Samsung Electronics

    —\ Contents of the Common Files folders (361) - 18s
    O43 - CFD: 01/03/2017 - D – C:\Program Files\9-lab =>.9-Lab®
    O43 - CFD: 20/02/2011 - D – C:\Program Files\Adobe =>.Adobe Systems Incorporated®
    O43 - CFD: 12/11/2015 - D – C:\Program Files\AVAST Software =>.AVAST Software s.r.o.®
    O43 - CFD: 20/02/2011 - D – C:\Program Files\Bonjour =>.Apple Inc.
    O43 - CFD: 31/05/2015 - D – C:\Program Files\CCleaner =>.Piriform Ltd
    O43 - CFD: 21/04/2011 - D – C:\Program Files\CheckPoint =>.Check Point Software Technologies Ltd.®
    O43 - CFD: 15/11/2015 - D – C:\Program Files\Common Files =>.Microsoft Corporation
    O43 - CFD: 24/12/2015 - D – C:\Program Files\Dell =>.Dell
    O43 - CFD: 09/02/2011 - D – C:\Program Files\Dell Inc =>.Dell Inc.
    O43 - CFD: 24/12/2015 - D – C:\Program Files\Dell Support Center =>.Dell Inc.
    O43 - CFD: 14/07/2009 - D – C:\Program Files\DVD Maker =>.Aone Software
    O43 - CFD: 10/02/2016 - D – C:\Program Files\gs =>.GS
    O43 - CFD: 07/02/2016 - D – C:\Program Files\Internet Explorer =>.Microsoft Corporation
    O43 - CFD: 06/03/2011 - D – C:\Program Files\iPod =>.Apple Inc.®
    O43 - CFD: 06/03/2011 - D – C:\Program Files\iTunes =>.Apple Inc.
    O43 - CFD: 09/02/2011 - D – C:\Program Files\Java =>.Oracle
    O43 - CFD: 20/03/2016 - D – C:\Program Files\Kedit16 {16C3BC3A3343955534F402136FB00488}
    O43 - CFD: 29/01/2012 - D – C:\Program Files\MediaInfo =>.Jérôme Martinez
    O43 - CFD: 09/02/2011 - D – C:\Program Files\Microsoft Games =>.Microsoft Corporation
    O43 - CFD: 16/12/2012 - D – C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files\MSBuild =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files\Realtek =>.Realtek
    O43 - CFD: 14/07/2009 - D – C:\Program Files\Reference Assemblies =>.Microsoft Corporation
    O43 - CFD: 18/02/2011 - D – C:\Program Files\Roxio =>.Roxio
    O43 - CFD: 08/02/2017 - D – C:\Program Files\SUPERAntiSpyware =>.SUPERAntiSpyware
    O43 - CFD: 14/07/2009 - [0] HD – C:\Program Files\Uninstall Information =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows Defender =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows Journal =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files\Windows Live =>.Microsoft Corporation
    O43 - CFD: 18/02/2011 - D – C:\Program Files\Windows Mail =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files\Windows Media Player =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows NT =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files\Windows Sidebar =>.Microsoft Corporation
    O43 - CFD: 05/10/2014 - D – C:\Program Files (x86)\Acronis =>.Acronis
    O43 - CFD: 03/03/2017 - D – C:\Program Files (x86)\ActiveHome Pro
    O43 - CFD: 09/04/2013 - D – C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated®
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\Adobe Media Player =>.Adobe Inc.
    O43 - CFD: 18/10/2011 - D – C:\Program Files (x86)\APC =>.American Power Conversion®
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\Apple Software Update =>.Apple Inc.
    O43 - CFD: 20/02/2012 - D – C:\Program Files (x86)\Audacity 1.3 Beta (Unicode) =>.Audacity
    O43 - CFD: 10/03/2012 - D – C:\Program Files (x86)\Auslogics =>.Auslogics
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\Belarc =>.Belarc, Inc.
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\Bonjour =>.Apple Inc.
    O43 - CFD: 09/06/2016 - D – C:\Program Files (x86)\Brother =>.Brother
    O43 - CFD: 29/02/2016 - D – C:\Program Files (x86)\Browny02 =>.Brother Industries, Ltd.
    O43 - CFD: 11/11/2012 - D – C:\Program Files (x86)\CheckPoint =>.Check Point Software Technologies Ltd.®
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Citrix =>.Citrix
    O43 - CFD: 03/12/2015 - D – C:\Program Files (x86)\Common Files =>.Microsoft Corporation
    O43 - CFD: 07/06/2015 - [0] D – C:\Program Files (x86)\Conduit
    O43 - CFD: 29/02/2016 - D – C:\Program Files (x86)\ControlCenter4 =>.Brother Industries, Ltd
    O43 - CFD: 29/02/2016 - D – C:\Program Files (x86)\ControlCenter4 CSDK =>.Nuance Communications, Inc.®
    O43 - CFD: 15/11/2016 - D – C:\Program Files (x86)\CoreFTP
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\Corel =>.Corel Corporation
    O43 - CFD: 24/12/2015 - D – C:\Program Files (x86)\Dell =>.Dell
    O43 - CFD: 06/03/2011 - D – C:\Program Files (x86)\Dell DataSafe Local Backup =>.Dell Inc.
    O43 - CFD: 17/01/2017 - D – C:\Program Files (x86)\DVDVideoSoft =>.DVDVideoSoft
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\eBay =>.eBay
    O43 - CFD: 13/03/2016 - D – C:\Program Files (x86)\FileZilla FTP Client =>.Tim Kosse
    O43 - CFD: 04/01/2015 - D – C:\Program Files (x86)\Free Codec Pack =>.Free Codec Pack
    O43 - CFD: 02/12/2015 - D – C:\Program Files (x86)\FreeCodecPack =>.Free Codec Pack
    O43 - CFD: 17/12/2015 - D – C:\Program Files (x86)\Google =>.Google Inc®
    O43 - CFD: 10/02/2016 - D – C:\Program Files (x86)\gs =>.GS
    O43 - CFD: 16/05/2011 - HD – C:\Program Files (x86)\InstallShield Installation Information =>.InstallShield Software
    O43 - CFD: 24/12/2015 - D – C:\Program Files (x86)\Intel =>.Intel Corporation
    O43 - CFD: 25/01/2016 - D – C:\Program Files (x86)\Internet Explorer =>.Microsoft Corporation
    O43 - CFD: 21/12/2016 - D – C:\Program Files (x86)\IrfanView =>.Irfan skiljan
    O43 - CFD: 06/03/2011 - D – C:\Program Files (x86)\iTunes =>.Apple Inc.
    O43 - CFD: 18/02/2011 - D – C:\Program Files (x86)\Java =>.Oracle
    O43 - CFD: 02/11/2016 - D – C:\Program Files (x86)\Kedit16 {16C3BC3A3343955534F402136FB00488}
    O43 - CFD: 23/03/2015 - D – C:\Program Files (x86)\Lame for Audacity =>.Audacity
    O43 - CFD: 08/02/2017 - D – C:\Program Files (x86)\LogMeIn =>.LogMeIn
    O43 - CFD: 09/12/2015 - D – C:\Program Files (x86)\LogMeIn Ignition =>.LogMeIn Entreprise
    O43 - CFD: 04/05/2016 - D – C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes
    O43 - CFD: 18/02/2011 - [0] D – C:\Program Files (x86)\Microsoft =>.Microsoft Corporation
    O43 - CFD: 21/02/2011 - D – C:\Program Files (x86)\Microsoft ActiveSync =>.Microsoft Corporation
    O43 - CFD: 21/02/2011 - D – C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation
    O43 - CFD: 16/12/2012 - D – C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
    O43 - CFD: 21/02/2011 - D – C:\Program Files (x86)\Microsoft Visual Studio =>.Microsoft Corporation
    O43 - CFD: 07/03/2011 - D – C:\Program Files (x86)\Microsoft Works =>.Microsoft Corporation
    O43 - CFD: 21/02/2011 - D – C:\Program Files (x86)\Microsoft.NET =>.Microsoft Corporation
    O43 - CFD: 03/02/2017 - D – C:\Program Files (x86)\Mozilla Firefox =>.Mozilla
    O43 - CFD: 04/02/2017 - D – C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla
    O43 - CFD: 16/01/2017 - D – C:\Program Files (x86)\Mozilla Thunderbird =>.Mozilla
    O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\MSBuild =>.Microsoft Corporation
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\MSECache =>.Microsoft Corporation
    O43 - CFD: 18/02/2011 - [0] D – C:\Program Files (x86)\MSXML 4.0 =>.Microsoft Corporation
    O43 - CFD: 10/02/2014 - D – C:\Program Files (x86)\NCH Software =>.NCH Software
    O43 - CFD: 29/02/2016 - D – C:\Program Files (x86)\PC-FAXReceive =>.PC Soft
    O43 - CFD: 13/06/2013 - D – C:\Program Files (x86)\PDFCreator =>.Philip Chinery
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\QuickTime
    O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Reference Assemblies =>.Microsoft Corporation
    O43 - CFD: 29/02/2016 - D – C:\Program Files (x86)\RemoteSetup
    O43 - CFD: 18/02/2011 - D – C:\Program Files (x86)\Roxio =>.Roxio
    O43 - CFD: 09/02/2011 - RD – C:\Program Files (x86)\Skype =>.Skype
    O43 - CFD: 07/03/2011 - D – C:\Program Files (x86)\StreamTransport
    O43 - CFD: 10/02/2017 - D – C:\Program Files (x86)\TeamViewer =>.TeamViewer®
    O43 - CFD: 13/07/2009 - [0] HD – C:\Program Files (x86)\Uninstall Information =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\WildTangent =>.WildTangent
    O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows Defender =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Windows Live =>.Microsoft Corporation
    O43 - CFD: 18/02/2011 - D – C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows NT =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows Portable Devices =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - D – C:\Program Files (x86)\Windows Sidebar =>.Microsoft Corporation
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\WinRAR =>.WinRAR
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\WinZip =>.WinZip Computing®
    O43 - CFD: 07/03/2011 - D – C:\Program Files (x86)\WordPerfect Office 12
    O43 - CFD: 01/03/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
    O43 - CFD: 09/02/2011 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
    O43 - CFD: 09/08/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis =>.Acronis
    O43 - CFD: 21/04/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActiveHome Pro
    O43 - CFD: 13/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe =>.Adobe
    O43 - CFD: 18/08/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft =>.Aiseesoft
    O43 - CFD: 04/01/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft =>.AnvSoft Inc
    O43 - CFD: 11/01/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APC
    O43 - CFD: 18/12/2016 - [0] D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics =>.Auslogics
    O43 - CFD: 26/02/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software =>.AVAST Software
    O43 - CFD: 29/02/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother =>.Brother
    O43 - CFD: 19/08/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
    O43 - CFD: 11/11/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point =>.Check Point
    O43 - CFD: 24/12/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell =>.Dell
    O43 - CFD: 09/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe =>.Dell Inc.
    O43 - CFD: 09/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell DataSafe Online =>.Dell Inc.
    O43 - CFD: 06/04/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty =>.Digiarty
    O43 - CFD: 08/04/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCheckup
    O43 - CFD: 17/01/2017 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft =>.DVDVideoSoft
    O43 - CFD: 18/01/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer =>.FastStone Soft
    O43 - CFD: 22/11/2015 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client =>.Tim Kosse
    O43 - CFD: 30/05/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free AVI MPEG WMV MP4 FLV Video Joiner =>.FreeAudioVideo Software
    O43 - CFD: 01/03/2017 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
    O43 - CFD: 10/02/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript =>.Ghostscript Team
    O43 - CFD: 09/02/2011 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel =>.Intel Corporation
    O43 - CFD: 04/03/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView =>.Irfan skiljan
    O43 - CFD: 06/03/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes =>.Apple Inc.
    O43 - CFD: 13/07/2009 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
    O43 - CFD: 04/05/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
    O43 - CFD: 21/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
    O43 - CFD: 16/12/2012 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
    O43 - CFD: 04/06/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator =>.Philip Chinery
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    O43 - CFD: 18/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator Starter =>.Roxio
    O43 - CFD: 09/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
    O43 - CFD: 04/06/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia =>.Solveig Multimedia
    O43 - CFD: 09/08/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sothink DVD Ripper
    O43 - CFD: 18/01/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster =>.Javacool Software
    O43 - CFD: 11/01/2016 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
    O43 - CFD: 07/03/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamTransport
    O43 - CFD: 09/03/2016 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware =>.SUPERAntiSpyware
    O43 - CFD: 14/07/2009 - [0] RHD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
    O43 - CFD: 27/04/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VCatcher
    O43 - CFD: 04/06/2013 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
    O43 - CFD: 30/01/2014 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLan Team
    O43 - CFD: 09/02/2011 - RD – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live =>.Microsoft Corporation
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.WinZip
    O43 - CFD: 08/03/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office 12
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WordPerfect Office X5
    O43 - CFD: 01/03/2017 - D – C:\ProgramData\9-lab =>.9-lab
    O43 - CFD: 09/08/2016 - D – C:\ProgramData\Acronis =>.Acronis
    O43 - CFD: 11/08/2011 - D – C:\ProgramData\Active Home Professional
    O43 - CFD: 10/03/2013 - D – C:\ProgramData\Adobe =>.Adobe
    O43 - CFD: 18/08/2011 - D – C:\ProgramData\Aiseesoft Studio =>.Aiseesoft Studio
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Apple =>.Apple Inc.
    O43 - CFD: 06/03/2011 - D – C:\ProgramData\Apple Computer =>.Apple Inc.
    O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Application Data =>.Microsoft Corporation
    O43 - CFD: 12/02/2017 - D – C:\ProgramData\AVAST Software =>.AVAST Software
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Borland =>.Borland
    O43 - CFD: 29/02/2016 - D – C:\ProgramData\Brother =>.Brother
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\CheckPoint =>.CheckPoint
    O43 - CFD: 29/02/2016 - D – C:\ProgramData\ControlCenter4 =>.Brother Industries, Ltd
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\Corel =>.Corel Corporation
    O43 - CFD: 19/06/2013 - D – C:\ProgramData\CyberLink =>.CyberLink Corporation
    O43 - CFD: 24/12/2015 - D – C:\ProgramData\Dell =>.Dell
    O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Desktop =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Documents =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Favorites =>.Microsoft Corporation
    O43 - CFD: 09/08/2016 - [0] D – C:\ProgramData\firebird =>.Legitimate
    O43 - CFD: 07/03/2011 - D – C:\ProgramData\InstallShield =>.InstallShield
    O43 - CFD: 10/03/2013 - D – C:\ProgramData\Licenses =>.Microsoft Corporation
    O43 - CFD: 05/03/2017 - D – C:\ProgramData\LogMeIn =>.LogMeIn
    O43 - CFD: 09/02/2011 - D – C:\ProgramData\Macrovision =>.Macrovision
    O43 - CFD: 04/05/2016 - D – C:\ProgramData\Malwarebytes =>.Malwarebytes
    O43 - CFD: 07/03/2011 - D – C:\ProgramData\McAfee =>.McAfee
    O43 - CFD: 24/11/2015 - SD – C:\ProgramData\Microsoft =>.Microsoft Corporation
    O43 - CFD: 05/12/2016 - D – C:\ProgramData\Motive
    O43 - CFD: 18/11/2012 - D – C:\ProgramData\Mozilla =>.Mozilla Corporation
    O43 - CFD: 10/02/2014 - D – C:\ProgramData\NCH Software =>.NCH Software
    O43 - CFD: 24/12/2015 - D – C:\ProgramData\PC-Doctor for Windows =>.PC-Doctor Inc.
    O43 - CFD: 24/12/2015 - D – C:\ProgramData\PCDr =>.PC-Doctor Inc.
    O43 - CFD: 29/02/2016 - D – C:\ProgramData\PCFaxRx =>.PC Soft
    O43 - CFD: 26/09/2016 - D – C:\ProgramData\PCFaxTx =>.PC Soft
    O43 - CFD: 09/02/2011 - D – C:\ProgramData\PhotoShow Shared Assets =>.Superfluous.SimpleStar
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\regid.1986-12.com.adobe =>.Adobe Inc.
    O43 - CFD: 27/02/2017 - D – C:\ProgramData\Roxio =>.Roxio
    O43 - CFD: 09/02/2011 - D – C:\ProgramData\Skype =>.Skype
    O43 - CFD: 09/12/2016 - D – C:\ProgramData\Sonic =>.Sonic
    O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Start Menu =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\ProgramData\Sun =>.Oracle
    O43 - CFD: 02/05/2011 - D – C:\ProgramData\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
    O43 - CFD: 24/12/2015 - [0] D – C:\ProgramData\SupportAssistAgent =>.Games Software
    O43 - CFD: 17/04/2016 - AD – C:\ProgramData\TEMP =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\ProgramData\Templates =>.Microsoft Corporation
    O43 - CFD: 18/02/2011 - D – C:\ProgramData\Uninstall =>.Unknow
    O43 - CFD: 22/05/2016 - D – C:\ProgramData\WebEx =>.Cisco Systems, Inc.
    O43 - CFD: 01/03/2017 - D – C:\ProgramData\WildTangent =>.WildTangent
    O43 - CFD: 20/02/2011 - D – C:\ProgramData\WinZip =>.WinZip
    O43 - CFD: 20/02/2011 - [0] D – C:\ProgramData\WordPerfect Office X5
    O43 - CFD: 03/03/2017 - D – C:\ProgramData\X10 Settings
    O43 - CFD: 09/02/2011 - HDC – C:\ProgramData{04A07C23-5821-4F25-BF46-1188636AE238}
    O43 - CFD: 20/02/2011 - D – C:\ProgramData{93E26451-CD9A-43A5-A2FA-C42392EA4001} =>.GEAR Software, Inc.
    O43 - CFD: 24/12/2015 - HDC – C:\ProgramData{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
    O43 - CFD: 09/08/2016 - D – C:\Program Files (x86)\Common Files\Acronis =>.Acronis
    O43 - CFD: 10/03/2013 - D – C:\Program Files (x86)\Common Files\Adobe =>.Adobe
    O43 - CFD: 24/12/2015 - D – C:\Program Files (x86)\Common Files\Adobe AIR =>.Adobe Inc.
    O43 - CFD: 06/03/2011 - D – C:\Program Files (x86)\Common Files\Apple =>.Apple Inc.
    O43 - CFD: 03/12/2015 - D – C:\Program Files (x86)\Common Files\AV =>.Avast
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\Common Files\Borland Shared =>.Borland
    O43 - CFD: 07/03/2011 - D – C:\Program Files (x86)\Common Files\Corel =>.Corel Corporation
    O43 - CFD: 21/02/2011 - D – C:\Program Files (x86)\Common Files\DESIGNER =>.Designer
    O43 - CFD: 17/01/2017 - D – C:\Program Files (x86)\Common Files\DVDVideoSoft =>.DVDVideoSoft
    O43 - CFD: 18/10/2011 - D – C:\Program Files (x86)\Common Files\InstallShield =>.InstallShield
    O43 - CFD: 18/02/2011 - D – C:\Program Files (x86)\Common Files\Java =>.Oracle
    O43 - CFD: 21/02/2011 - D – C:\Program Files (x86)\Common Files\L&H
    O43 - CFD: 07/03/2011 - D – C:\Program Files (x86)\Common Files\mcafee =>.McAfee
    O43 - CFD: 07/03/2011 - D – C:\Program Files (x86)\Common Files\microsoft shared =>.Microsoft Corporation
    O43 - CFD: 20/02/2011 - D – C:\Program Files (x86)\Common Files\Protexis =>.Protexis Inc.
    O43 - CFD: 18/02/2011 - D – C:\Program Files (x86)\Common Files\PX Storage Engine =>.Sonic Solutions
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Common Files\Roxio Shared =>.Roxio
    O43 - CFD: 13/07/2009 - D – C:\Program Files (x86)\Common Files\Services =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Common Files\Skype =>.Skype
    O43 - CFD: 04/06/2013 - D – C:\Program Files (x86)\Common Files\Solveig Multimedia =>.Solveig Multimedia
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Common Files\Sonic Shared =>.Sonic
    O43 - CFD: 13/07/2009 - D – C:\Program Files (x86)\Common Files\SpeechEngines =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Common Files\SureThing Shared =>.MicroVision Developement
    O43 - CFD: 21/02/2011 - D – C:\Program Files (x86)\Common Files\System =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Program Files (x86)\Common Files\Windows Live =>.Microsoft Corporation
    O43 - CFD: 21/04/2011 - D – C:\Program Files (x86)\Common Files\X10 =>.X10
    O43 - CFD: 01/03/2017 - D – C:\Users\Simcha\AppData\Roaming\9-lab =>.9-lab
    O43 - CFD: 21/04/2011 - D – C:\Users\Simcha\AppData\Roaming\Acronis =>.Acronis
    O43 - CFD: 21/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Adobe =>.Adobe
    O43 - CFD: 22/04/2012 - D – C:\Users\Simcha\AppData\Roaming\All Free Video Joiner
    O43 - CFD: 04/01/2015 - D – C:\Users\Simcha\AppData\Roaming\Anvsoft =>.AnvSoft Inc
    O43 - CFD: 20/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Apple Computer =>.Apple Inc.
    O43 - CFD: 20/01/2017 - D – C:\Users\Simcha\AppData\Roaming\Audacity =>.Audacity
    O43 - CFD: 18/12/2016 - [0] D – C:\Users\Simcha\AppData\Roaming\Auslogics =>.Auslogics
    O43 - CFD: 04/11/2013 - D – C:\Users\Simcha\AppData\Roaming\AVAST Software =>.AVAST Software
    O43 - CFD: 29/02/2016 - RD – C:\Users\Simcha\AppData\Roaming\Brother =>.Brother
    O43 - CFD: 11/11/2012 - D – C:\Users\Simcha\AppData\Roaming\CheckPoint =>.CheckPoint
    O43 - CFD: 02/03/2016 - D – C:\Users\Simcha\AppData\Roaming\ControlCenter4 =>.Brother Industries, Ltd
    O43 - CFD: 15/11/2016 - D – C:\Users\Simcha\AppData\Roaming\CoreFTP
    O43 - CFD: 27/03/2013 - D – C:\Users\Simcha\AppData\Roaming\Corel =>.Corel Corporation
    O43 - CFD: 19/06/2013 - D – C:\Users\Simcha\AppData\Roaming\CyberLink =>.CyberLink Corporation
    O43 - CFD: 24/12/2015 - D – C:\Users\Simcha\AppData\Roaming\Dell =>.Dell
    O43 - CFD: 18/08/2011 - D – C:\Users\Simcha\AppData\Roaming\Digiarty =>.Digiarty
    O43 - CFD: 03/03/2017 - D – C:\Users\Simcha\AppData\Roaming\dvdcss =>.VideoLan Team
    O43 - CFD: 27/02/2017 - D – C:\Users\Simcha\AppData\Roaming\DVDVideoSoft =>.DVDVideoSoft
    O43 - CFD: 01/09/2012 - D – C:\Users\Simcha\AppData\Roaming\DVDVideoSoftIEHelp ers
    O43 - CFD: 04/02/2017 - D – C:\Users\Simcha\AppData\Roaming\FileZilla =>.FileZilla
    O43 - CFD: 30/05/2013 - D – C:\Users\Simcha\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner =>.FreeAudioVideo Software
    O43 - CFD: 28/02/2017 - D – C:\Users\Simcha\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
    O43 - CFD: 04/01/2015 - D – C:\Users\Simcha\AppData\Roaming\HandBrake =>.Handbrake
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Identities =>.Microsoft Corporation
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Intel Corporation =>.Intel Corporation
    O43 - CFD: 20/12/2016 - D – C:\Users\Simcha\AppData\Roaming\IrfanView =>.Irfan skiljan
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Macromedia =>.Macromedia
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Macrovision =>.Macrovision
    O43 - CFD: 04/05/2016 - [0] D – C:\Users\Simcha\AppData\Roaming\Malwarebytes =>.Malwarebytes
    O43 - CFD: 14/07/2009 - [0] D – C:\Users\Simcha\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
    O43 - CFD: 01/02/2017 - SD – C:\Users\Simcha\AppData\Roaming\Microsoft =>.Microsoft Corporation
    O43 - CFD: 22/05/2016 - D – C:\Users\Simcha\AppData\Roaming\Mozilla =>.Mozilla Corporation
    O43 - CFD: 10/02/2014 - D – C:\Users\Simcha\AppData\Roaming\NCH Software =>.NCH Software
    O43 - CFD: 26/09/2016 - D – C:\Users\Simcha\AppData\Roaming\PC-FAX TX =>.Konica Minolta
    O43 - CFD: 24/12/2015 - D – C:\Users\Simcha\AppData\Roaming\PCDr =>.PC-Doctor Inc.
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Roxio =>.Roxio
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Roxio Log Files =>.Roxio
    O43 - CFD: 09/08/2011 - D – C:\Users\Simcha\AppData\Roaming\SourceTec =>.SourceTec
    O43 - CFD: 02/05/2011 - D – C:\Users\Simcha\AppData\Roaming\SUPERAntiSpyware.c om =>.SUPERAntiSpyware.com
    O43 - CFD: 24/11/2016 - D – C:\Users\Simcha\AppData\Roaming\Thunderbird =>.Thunderbird
    O43 - CFD: 21/05/2011 - D – C:\Users\Simcha\AppData\Roaming\VDownloader =>.Vitzo
    O43 - CFD: 04/03/2017 - D – C:\Users\Simcha\AppData\Roaming\vlc =>.VideoLan Team
    O43 - CFD: 09/11/2011 - D – C:\Users\Simcha\AppData\Roaming\WinRAR =>.WinRAR
    O43 - CFD: 18/12/2016 - D – C:\Users\Simcha\AppData\Roaming\yWorks =>.yWorks
    O43 - CFD: 05/03/2017 - D – C:\Users\Simcha\AppData\Roaming\ZHP =>.Nicolas Coolman
    O43 - CFD: 01/03/2017 - D – C:\Users\Simcha\AppData\Local\Adobe =>.Adobe
    O43 - CFD: 18/08/2011 - D – C:\Users\Simcha\AppData\Local\Aiseesoft Studio =>.Aiseesoft Studio
    O43 - CFD: 20/02/2011 - D – C:\Users\Simcha\AppData\Local\Apple =>.Apple Inc.
    O43 - CFD: 20/02/2011 - D – C:\Users\Simcha\AppData\Local\Apple Computer =>.Apple Inc.
    O43 - CFD: 18/02/2011 - [0] SHD – C:\Users\Simcha\AppData\Local\Application Data =>.Microsoft Corporation
    O43 - CFD: 13/03/2011 - D – C:\Users\Simcha\AppData\Local\Apps =>.Microsoft Corporation
    O43 - CFD: 15/02/2017 - D – C:\Users\Simcha\AppData\Local\AvastSupport =>.Avast Software s.r.o
    O43 - CFD: 29/06/2016 - D – C:\Users\Simcha\AppData\Local\CEF =>.CEF
    O43 - CFD: 17/12/2015 - D – C:\Users\Simcha\AppData\Local\Citrix =>.Citrix
    O43 - CFD: 01/02/2017 - [0] D – C:\Users\Simcha\AppData\Local\CrashDumps =>.Microsoft Corporation
    O43 - CFD: 24/12/2015 - [0] D – C:\Users\Simcha\AppData\Local\Deployment =>.Microsoft Corporation
    O43 - CFD: 31/01/2016 - [0] D – C:\Users\Simcha\AppData\Local\Diagnostics =>.Microsoft Corporation
    O43 - CFD: 14/04/2016 - [0] D – C:\Users\Simcha\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
    O43 - CFD: 01/03/2017 - D – C:\Users\Simcha\AppData\Local\ESET =>.ESET
    O43 - CFD: 15/12/2016 - D – C:\Users\Simcha\AppData\Local\Google =>.Google
    O43 - CFD: 18/02/2011 - [0] SHD – C:\Users\Simcha\AppData\Local\History =>.Microsoft Corporation
    O43 - CFD: 21/03/2015 - D – C:\Users\Simcha\AppData\Local\join.me =>.LogMeIn Entreprise
    O43 - CFD: 20/02/2011 - D – C:\Users\Simcha\AppData\Local\Kaluach 3
    O43 - CFD: 13/03/2011 - D – C:\Users\Simcha\AppData\Local\LogMeIn =>.LogMeIn
    O43 - CFD: 02/11/2012 - [0] D – C:\Users\Simcha\AppData\Local\LogMeIn Rescue Applet =>.LogMeIn
    O43 - CFD: 10/03/2013 - D – C:\Users\Simcha\AppData\Local\Macromedia =>.Macromedia
    O43 - CFD: 01/05/2016 - D – C:\Users\Simcha\AppData\Local\Microsoft =>.Microsoft Corporation
    O43 - CFD: 21/02/2011 - D – C:\Users\Simcha\AppData\Local\Microsoft Games =>.Microsoft Corporation
    O43 - CFD: 23/12/2014 - D – C:\Users\Simcha\AppData\Local\Mozilla =>.Mozilla Corporation
    O43 - CFD: 19/06/2013 - D – C:\Users\Simcha\AppData\Local\PowerDVD DX =>.CyberLink Corporation
    O43 - CFD: 30/12/2012 - D – C:\Users\Simcha\AppData\Local\Programs =>.Microsoft Corporation
    O43 - CFD: 13/03/2011 - D – C:\Users\Simcha\AppData\Local\SoftThinks =>.SoftThinks
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Local\Sonic_Solutions =>.Sonic Solutions
    O43 - CFD: 18/02/2011 - D – C:\Users\Simcha\AppData\Local\Stardock_Corporation =>.Stardock Corporation
    O43 - CFD: 05/03/2017 - D – C:\Users\Simcha\AppData\Local\Temp =>.Microsoft Corporation
    O43 - CFD: 18/02/2011 - [0] SHD – C:\Users\Simcha\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
    O43 - CFD: 24/11/2016 - D – C:\Users\Simcha\AppData\Local\Thunderbird =>.Thunderbird
    O43 - CFD: 21/05/2011 - D – C:\Users\Simcha\AppData\Local\VDownloader =>.Vitzo
    O43 - CFD: 29/01/2012 - D – C:\Users\Simcha\AppData\Local\VirtualStore =>.Microsoft Corporation
    O43 - CFD: 22/05/2016 - D – C:\Users\Simcha\AppData\Local\WebEx =>.Cisco Systems, Inc.
    O43 - CFD: 08/05/2016 - D – C:\Users\Simcha\AppData\Local\Windows Live =>.Microsoft Corporation
    O43 - CFD: 21/04/2011 - D – C:\Users\Simcha\AppData\Local\X10 Commander
    O43 - CFD: 30/12/2012 - [0] D – C:\Users\Simcha\AppData\Local\Programs\Common =>.Microsoft Corporation
    O43 - CFD: 13/07/2009 - RD – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Accessories =>.Microsoft Corporation
    O43 - CFD: 21/04/2011 - [0] D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\ActiveHome Pro
    O43 - CFD: 18/02/2011 - RD – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Administrative Tools =>.Administrative Tools
    O43 - CFD: 15/11/2016 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Core FTP =>.Core FTP
    O43 - CFD: 24/12/2015 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Dell =>.Dell
    O43 - CFD: 03/11/2015 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\IrfanView =>.Irfan skiljan
    O43 - CFD: 13/07/2009 - RD – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Maintenance =>.Microsoft Corporation
    O43 - CFD: 29/01/2012 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\MediaInfo =>.Jérôme Martinez
    O43 - CFD: 10/02/2014 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\NCH Software Suite
    O43 - CFD: 02/01/2016 - RD – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Startup =>.Microsoft Corporation
    O43 - CFD: 10/02/2014 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Video Related Programs
    O43 - CFD: 20/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\WinRAR =>.WinRAR
    O43 - CFD: 20/02/2011 - D – C:\Users\Simcha\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\ZTreeWin
    O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
    O43 - CFD: 13/07/2009 - D – C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Users\Default\AppData\Local\SoftThinks =>.SoftThinks
    O43 - CFD: 13/07/2009 - [0] D – C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
    O43 - CFD: 13/07/2009 - D – C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
    O43 - CFD: 09/02/2011 - D – C:\Users\Default User\AppData\Local\SoftThinks =>.SoftThinks
    O43 - CFD: 13/07/2009 - [0] D – C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
    O43 - CFD: 14/07/2009 - [0] SHD – C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
    O43 - CFD: 18/02/2017 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\CrashDumps =>.Microsoft Corporation
    O43 - CFD: 09/12/2015 - [0] – C:\Windows\System32\Config\systemprofile\AppData\L ocal\LogMeInIgnition =>.LogMeIn Inc
    O43 - CFD: 07/03/2011 - D – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Microsoft =>.Microsoft Corporation
    O43 - CFD: 02/03/2016 - [0] – C:\Windows\System32\Config\systemprofile\AppData\L ocal\Temp =>.Microsoft Corporation
    O43 - CFD: 20/02/2011 - – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Apple Computer =>.Apple Inc.
    O43 - CFD: 24/12/2015 - – C:\Windows\System32\Config\systemprofile\AppData\R oaming\DVDVideoSoft =>.DVDVideoSoft
    O43 - CFD: 09/12/2015 - [0] – C:\Windows\System32\Config\systemprofile\AppData\R oaming\LogMeInIgnition =>.LogMeIn Inc
    O43 - CFD: 09/12/2015 - SD – C:\Windows\System32\Config\systemprofile\AppData\R oaming\Microsoft =>.Microsoft Corporation

    —\ ShellIconOverlayIdentifiers (SIOI) (4) - 0s
    O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) – C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
    O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) – C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
    O106 - SIOI: avast [00asw] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®
    O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - Avast Shell Extension.) – C:\Program Files\AVAST Software\Avast\ashShell.dll =>.AVAST Software s.r.o.®

    —\ System Drivers List (81) - 8s
    O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) – C:\Windows\System32\drivers\adp94xx.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) – C:\Windows\System32\drivers\adpahci.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) – C:\Windows\System32\drivers\adpu320.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) – C:\Windows\System32\drivers\aliide.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:52:21 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) – C:\Windows\System32\drivers\amdsata.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) – C:\Windows\System32\drivers\amdsbs.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:52:21 A . (.Advanced Micro Devices - Storage Filter Driver.) – C:\Windows\System32\drivers\amdxata.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2005/05/19 16:14:28 A . (.Infineon Technologies AG - Infineon AN983/AN985/ADM9511 NDIS5 64-bits.) – C:\Windows\System32\drivers\an983x64.sys [74392] =>.Infineon Technologies AG
    O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) – C:\Windows\System32\drivers\arc.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) – C:\Windows\System32\drivers\arcsas.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2017/02/28 09:04:54 A . (.AVAST Software s.r.o. - IDS Application Activity Monitor Driver..) – C:\Windows\System32\drivers\aswbidsdrivera.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:04:54 A . (.AVAST Software s.r.o. - Application Activity Monitor Helper Driver.) – C:\Windows\System32\drivers\aswbidsha.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:04:54 A . (.AVAST Software s.r.o. - Logging Driver.) – C:\Windows\System32\drivers\aswbloga.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:04:54 A . (.AVAST Software s.r.o. - Universal Driver.) – C:\Windows\System32\drivers\aswbuniva.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:05:21 A . (.AVAST Software - Avast HWID.) – C:\Windows\System32\drivers\aswHwid.sys [74392] =>.AVAST Software s.r.o.® (.AVAST Software)
    O58 - SDL:2017/02/28 09:05:08 A . (.AVAST Software - Avast Keyboard Filter Driver.) – C:\Windows\System32\drivers\aswKbd.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:05:21 A . (.AVAST Software - Avast File System Minifilter for Windows 20.) – C:\Windows\System32\drivers\aswMonFlt.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:05:21 A . (.AVAST Software - Avast WFP Redirect Driver.) – C:\Windows\System32\drivers\aswRdr2.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:05:21 A . (.AVAST Software - Avast Revert.) – C:\Windows\System32\drivers\aswRvrt.sys [74392] =>.AVAST Software s.r.o.® (.AVAST Software)
    O58 - SDL:2017/02/28 09:05:08 A . (.AVAST Software - Avast Virtualization Driver.) – C:\Windows\System32\drivers\aswSnx.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:05:21 A . (.AVAST Software - Avast self protection module.) – C:\Windows\System32\drivers\aswSP.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:05:22 A . (.AVAST Software - Stream Filter.) – C:\Windows\System32\drivers\aswStm.sys [74392] =>.AVAST Software s.r.o.®
    O58 - SDL:2017/02/28 09:05:21 A . (.AVAST Software - Avast VM Monitor.) – C:\Windows\System32\drivers\aswVmm.sys [74392] =>.AVAST Software s.r.o.® (.AVAST Software)
    O58 - SDL:2009/06/10 15:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) – C:\Windows\System32\drivers\b57nd60a.sys [74392] =>.Broadcom Corporation
    O58 - SDL:2009/06/10 15:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) – C:\Windows\System32\drivers\BrFiltLo.sys [74392] =>.Brother Industries, Ltd.
    O58 - SDL:2009/06/10 15:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) – C:\Windows\System32\drivers\BrFiltUp.sys [74392] =>.Brother Industries, Ltd.
    O58 - SDL:2009/07/13 20:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) – C:\Windows\System32\drivers\BrSerId.sys [74392] =>.Brother Industries Ltd.
    O58 - SDL:2009/06/10 15:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) – C:\Windows\System32\drivers\BrSerWdm.sys [74392] =>.Brother Industries Ltd.
    O58 - SDL:2009/06/10 15:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) – C:\Windows\System32\drivers\BrUsbMdm.sys [74392] =>.Brother Industries Ltd.
    O58 - SDL:2009/06/10 15:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) – C:\Windows\System32\drivers\BrUsbSer.sys [74392] =>.Brother Industries Ltd.
    O58 - SDL:2009/06/10 15:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) – C:\Windows\System32\drivers\bxvbda.sys [74392] =>.Broadcom Corporation
    O58 - SDL:2009/06/23 04:00:00 . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver.) – C:\Windows\System32\drivers\cdr4_xp.sys [74392] =>.Sonic Solutions®
    O58 - SDL:2009/06/23 04:00:00 . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHel.) – C:\Windows\System32\drivers\cdralw2k.sys [74392] =>.Sonic Solutions®
    O58 - SDL:2009/07/13 20:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) – C:\Windows\System32\drivers\cmdide.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2015/09/11 10:53:23 A . (.Dell Computer Corporation - DDDriver.sys.) – C:\Windows\System32\drivers\DDDriver64Dcsa.sys [74392] =>.Techporch Incorporated®
    O58 - SDL:2015/09/11 10:53:23 A . (.Dell Computer Corporation - DellProf.sys.) – C:\Windows\System32\drivers\DellProf.sys [74392] =>.Techporch Incorporated®
    O58 - SDL:2009/07/13 20:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) – C:\Windows\System32\drivers\elxstor.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/06/10 15:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) – C:\Windows\System32\drivers\evbda.sys [74392] =>.Broadcom Corporation
    O58 - SDL:2016/03/13 11:22:39 A . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) – C:\Windows\System32\drivers\fltsrv.sys [74392] =>.ACRONIS INTERNATIONAL GMBH®
    O58 - SDL:2009/05/18 13:17:08 A . (.GEAR Software Inc. - CD DVD Filter.) – C:\Windows\System32\drivers\GEARAspiWDM.sys [74392] =>.GEAR Software Inc.®
    O58 - SDL:2009/06/10 15:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) – C:\Windows\System32\drivers\hcw85cir.sys [74392] =>.Hauppauge Computer Works, Inc.
    O58 - SDL:2009/07/13 20:47:48 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) – C:\Windows\System32\drivers\HpSAMD.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/06/04 21:54:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\Windows\System32\drivers\iaStor.sys [74392] =>.Intel Corporation®
    O58 - SDL:2009/07/13 20:48:04 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) – C:\Windows\System32\drivers\iaStorV.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2010/08/25 19:36:04 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) – C:\Windows\System32\drivers\igdkmd64.sys [74392] =>.Intel Corporation
    O58 - SDL:2009/07/13 20:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) – C:\Windows\System32\drivers\iirsp.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/05/26 07:13:10 A . (.Intel(R) Corporation - Intel(R) High Definition Audio HDMI.) – C:\Windows\System32\drivers\IntcHdmi.sys [74392] =>.Intel(R) Corporation
    O58 - SDL:2017/02/08 18:56:15 A . (.LogMeIn, Inc. - LogMeIn Mirror Miniport Driver.) – C:\Windows\System32\drivers\lmimirr.sys [74392] {080D35880102E23D2340F69EB3C0E561} =>.LogMeIn, Inc.
    O58 - SDL:2017/02/08 18:56:16 A . (.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) – C:\Windows\System32\drivers\LMIRfsDriver.sys [74392] {080D35880102E23D2340F69EB3C0E561} =>.LogMeIn, Inc.
    O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) – C:\Windows\System32\drivers\lsi_fc.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) – C:\Windows\System32\drivers\lsi_sas2.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) – C:\Windows\System32\drivers\lsi_scsi.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2016/03/10 13:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Windows\System32\drivers\mbam.sys [74392] =>.Malwarebytes Corporation®
    O58 - SDL:2016/03/10 13:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) – C:\Windows\System32\drivers\mbamchameleon.sys [74392] =>.Malwarebytes Corporation®
    O58 - SDL:2017/03/05 07:27:27 A . (.Malwarebytes - Malwarebytes Anti-Malware.) – C:\Windows\System32\drivers\MBAMSwissArmy.sys [74392] =>.Malwarebytes Corporation®
    O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) – C:\Windows\System32\drivers\megasas.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) – C:\Windows\System32\drivers\MegaSR.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2016/03/10 13:09:06 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) – C:\Windows\System32\drivers\mwac.sys [74392] =>.Malwarebytes Corporation®
    O58 - SDL:2009/07/13 20:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) – C:\Windows\System32\drivers\nfrd960.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:48:27 A . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) – C:\Windows\System32\drivers\nvraid.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:45:45 A . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) – C:\Windows\System32\drivers\nvstor.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2010/03/19 04:00:00 . (.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) – C:\Windows\System32\drivers\PxHlpa64.sys [74392] =>.Sonic Solutions®
    O58 - SDL:2009/07/13 20:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) – C:\Windows\System32\drivers\ql2300.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) – C:\Windows\System32\drivers\ql40xx.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2017/02/08 18:56:20 A . (.LogMeIn, Inc. - RemotelyAnywhere DpmsSecure Device Driver.) – C:\Windows\System32\drivers\radpms.sys [74392] {080D35880102E23D2340F69EB3C0E561} =>.LogMeIn, Inc.
    O58 - SDL:2010/06/23 09:10:56 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) – C:\Windows\System32\drivers\Rt64win7.sys [74392] =>.Realtek Semiconductor Corp®
    O58 - SDL:2009/10/20 20:55:12 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) – C:\Windows\System32\drivers\RTKVHD64.sys [74392] =>.Realtek Semiconductor Corp®
    O58 - SDL:2009/06/10 15:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) – C:\Windows\System32\drivers\secdrv.sys [74392] =>.Macrovision Corporation, Macrovision Europe Limited,
    O58 - SDL:2009/07/13 20:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) – C:\Windows\System32\drivers\sisraid2.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/07/13 20:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) – C:\Windows\System32\drivers\sisraid4.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2016/08/09 11:16:19 A . (.Acronis International GmbH - Acronis Snapshot API.) – C:\Windows\System32\drivers\snapman.sys [74392] =>.ACRONIS INTERNATIONAL GMBH®
    O58 - SDL:2016/03/13 11:22:41 A . (.Acronis International GmbH - Acronis Snapshot API.) – C:\Windows\System32\drivers\snapman2488.sys [74392] =>.ACRONIS INTERNATIONAL GMBH®
    O58 - SDL:2009/07/13 20:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) – C:\Windows\System32\drivers\stexstor.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2016/08/09 11:21:07 A . (.Acronis International GmbH - Acronis Backup Archive Explorer.) – C:\Windows\System32\drivers\tib.sys [74392] =>.ACRONIS INTERNATIONAL GMBH®
    O58 - SDL:2016/08/09 11:21:10 A . (.Acronis International GmbH - Acronis TIB Mounter Driver.) – C:\Windows\System32\drivers\tib_mounter.sys [74392] =>.ACRONIS INTERNATIONAL GMBH®
    O58 - SDL:2011/04/21 11:43:35 A . (.Acronis - Acronis Backup Archive Explorer.) – C:\Windows\System32\drivers\timntr.sys [74392] =>.Acronis, Inc®
    O58 - SDL:2009/07/13 20:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) – C:\Windows\System32\drivers\viaide.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2011/05/07 17:51:32 A . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) – C:\Windows\System32\drivers\vsdatant.sys [74392] =>.Check Point Software Technologies Ltd.®
    O58 - SDL:2009/07/13 20:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) – C:\Windows\System32\drivers\vsmraid.sys [74392] =>.Microsoft Windows®
    O58 - SDL:2009/05/13 12:47:44 A . (.X10 Wireless Technology, Inc. - X10 USB Control Interface.) – C:\Windows\System32\drivers\x10ufx2.sys [74392] =>.X10 Wireless Technology Inc.®

    —\ File Associations Shell Spawning (11) - 1s
    O67 - Shell Spawning: <.bat> [HKLM..\open\Command] (…) – “%1” %*
    O67 - Shell Spawning: <.cpl> [HKLM..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) – C:\Windows\System32\control.exe =>.Microsoft Corporation
    O67 - Shell Spawning: <.cmd> [HKLM..\open\Command] (…) – “%1” %*
    O67 - Shell Spawning: <.com> [HKLM..\open\Command] (…) – “%1” %*
    O67 - Shell Spawning: <.evt> [HKLM..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) – C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
    O67 - Shell Spawning: <.exe> [HKLM..\open\Command] (…) – “%1” %*
    O67 - Shell Spawning: <.html> [HKLM..\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O67 - Shell Spawning: <.js> [HKLM..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) – C:\Windows\System32\wscript.exe =>.Microsoft Corporation
    O67 - Shell Spawning: <.reg> [HKLM..\open\Command] (.Microsoft Corporation - Registry Editor.) – C:\Windows\regedit.exe =>.Microsoft Corporation
    O67 - Shell Spawning: <.scr> [HKLM..\open\Command] (…) – “%1” /S
    O67 - Shell Spawning: <.html> [HKCU..\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

    —\ Start Menu Internet (16) - 0s
    O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\Shell\open\Command] (.Mozilla Corporation - Firefox.) – C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
    O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
    O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) – C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
    O68 - StartMenuInternet: [HKLM..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\Launcher.exe =>.AVAST Software s.r.o.®
    O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
    O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
    O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
    O68 - StartMenuInternet: [HKLM..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
    O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
    O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
    O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
    O68 - StartMenuInternet: [HKLM..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software
    O68 - StartMenuInternet: <FIREFOX.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) – C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
    O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) – C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
    O68 - StartMenuInternet: <IEXPLORE.EXE> [HKLM..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) – C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
    O68 - StartMenuInternet: [HKLM..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) – C:\Program Files\AVAST Software\SZBrowser\launcher.exe =>.AVAST Software

    —\ Search Browser Infection (77) - 20s
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238..clientLogIsEnabled”, true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238..clientLogServiceUrl”, " http://clientlog.users.conduit.com/C...agnosticsEvent "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238..uninstallLogServiceUrl”, " http://uninstall.users.conduit.com/U...Uninstallation "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.AboutPrivacyUrl”, " http://www.conduit.com/privacy/Default.aspx "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.CurrentServerDate”, “22-4-2011”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.DialogsAlignMode”, “LTR”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.DialogsGetterLastCheckTime”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.DownloadReferralCookieData”, “”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.FirstServerDate”, “22-4-2011”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.GroupingServerCheckInterval”, 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.GroupingServiceUrl”, " http://grouping.services.conduit.com/ "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.HasUserGlobalKeys”, true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.InstallationAndCookieDataSent Count”, 1); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.InstallationType”, “UnknownIntegration”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.IsGrouping”, false); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.LanguagePackLastCheckTime”, “Thu Apr 21 2011 18:41:38 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.LanguagePackReloadIntervalMM” , 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.LanguagePackServiceUrl”, " http://translation.users.conduit.com/Translation.ashx "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.LastLogin_3.3.3.2”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.LatestVersion”, “3.3.3.2”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.Locale”, “en”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.MCDetectTooltipHeight”, “83”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.MCDetectTooltipUrl”, " http://@EB_INSTALL_LINK@/rank/tooltip/?version=1 "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.MCDetectTooltipWidth”, “295”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.SearchInNewTabEnabled”, true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.SearchInNewTabIntervalMM”, 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.SearchInNewTabLastCheckTime”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.SearchInNewTabServiceUrl”, " http://newtab.conduit-hosting.com/ne...=EB_TOOLBAR_ID "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.SearchInNewTabUsageUrl”, " http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_T[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.ServiceMapLastCheckTime”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.SettingsLastCheckTime”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.SettingsLastUpdate”, “1300822106”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.ThirdPartyComponentsInterval” , 504); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.ThirdPartyComponentsLastCheck ”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.ThirdPartyComponentsLastUpdat e”, “1246786978”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.TrusteLinkUrl”, " http://trust.conduit.com/CT2645238 "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.UserID”, “UN64056061332159232”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.alertChannelId”, “1037922”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.generalConfigFromLogin”, "{"SocialDomains":"social.conduit.com;apps.conduit.com;services.apps.conduit.com[…] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.globalFirstTimeInfoLastCheckT ime”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.isAppTrackingManagerOn”, true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.myStuffEnabled”, true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.myStuffPublihserMinWidth”, 400); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.myStuffSearchUrl”, " http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB _TOOLBAR_ID&oct[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.myStuffServiceIntervalMM”, 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.myStuffServiceUrl”, " http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTAN CE[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.testingCtid”, “”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.toolbarAppMetaDataLastCheckTi me”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CT2645238.toolbarContextMenuLastCheckTi me”, “Thu Apr 21 2011 18:41:38 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.CantToolbarBeEngineOwn er”, “CT2645238”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://appsmetadata.toolbar.conduit-...ctid=CT2645238 ", “"1283468208"”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://contextmenu.toolbar.conduit-s...Apps&locale=en ", "L+tncv4eqt6Qm5T3dzC[…] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://contextmenu.toolbar.conduit-s...Apps&locale=en ", "0uSPYx+Kl2jpu8sJZMeH[…] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://contextmenu.toolbar.conduit-s...Apps&locale=en ", "QmycQXJXVyFVAzIiNll[…] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://contextmenu.toolbar.conduit-s...lbar&locale=en ", "SuMy8xgBA7+FodOxmk9aiQ[…] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://dynamicdialogs.alert.conduit-.../alert/dlg.pkg ", “"803651ba7facb1:0"”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://dynamicdialogs.toolbar.condui...kg?ver=3.3.3.2 ", “"07b2625f8cb1:0"”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://servicemap.conduit-services.c...erId=CT2645238 ", “"634386539058500000"”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://settings.toolbar.search.condu...5238/CT2645238 ", “"1300822106"”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag. http://translation.toolbar.conduit-s...com/?locale=en ", “"634351849102130000"”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.alertDialogsGett erLastCheckTime”, “Thu Apr 21 2011 18:41:38 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.clientsServerUrl ”, " http://alert.client.conduit.com "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.locale”, “en”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.loginIntervalMin ”, 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.loginLastCheckTi me”, “Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.loginLastUpdateT ime”, “1303303927”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.servicesServerUr l”, " http://alert.services.conduit.com "); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.showTrayIcon”, false); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.userCloseInterva lMin”, 300); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.alert.userId”, “21499f54-fe8f-4913-810a-fcd66726d99d”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.globalUserId”, “203c316d-2692-402a-9de1-26b340563124”); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.isAlertUrlAddedToFeedI temTable”, true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“CommunityToolbar.isClickActionAddedToFe edItemTable”, true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“extensions.wrc.SearchRules.ask.com.styl e”, ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-[…] =>Toolbar.Ask
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref(“extensions.wrc.SearchRules.ask.com.url” , “^http(s)?\:\/\/(.+\.)?ask\.com\/.*”); =>Toolbar.Ask
    O69 - SBI: SearchScopes [HKCU] {D0102700-9EF8-4B3C-BC65-53F7A8CA0FDB} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.
    O69 - SBI: SearchScopes [HKLM] {3DD48EB7-6652-4BE4-B001-3EADBE559B68} - (Bing) - http://www.bing.com/ =>.Bing.com

    —\ Search Svchost Services (32) - 0s
    O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) – C:\Windows\System32\aelupsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) – C:\Windows\System32\certprop.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) – C:\Windows\system32\srvsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) – C:\Windows\System32\gpsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) – C:\Windows\System32\ikeext.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) – C:\Windows\System32\Audiosrv.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) – C:\Windows\System32\rasauto.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) – C:\Windows\System32\rasmans.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) – C:\Windows\System32\mprdim.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) – C:\Windows\System32\Sens.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) – C:\Windows\System32\ipnathlp.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows™ Telephony Server.) – C:\Windows\System32\tapisrv.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) – C:\Windows\System32\termsrv.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) – C:\Windows\system32\wuaueng.dll [74392] =>.Microsoft Windows Component Publisher®
    O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) – C:\Windows\System32\qmgr.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) – C:\Windows\System32\shsvcs.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) – C:\Windows\System32\iphlpsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) – C:\Windows\system32\seclogon.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) – C:\Windows\System32\appinfo.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) – C:\Windows\system32\iscsiexe.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) – C:\Windows\system32\mmcss.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) – C:\Windows\system32\wbem\WMIsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) – C:\Windows\System32\SessEnv.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) – C:\Windows\System32\browser.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) – C:\Windows\System32\eapsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) – C:\Windows\system32\schedsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) – C:\Windows\system32\kmsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) – C:\Windows\System32\wercplsupport.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) – C:\Windows\system32\profsvc.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) – C:\Windows\system32\themeservice.dll [74392] =>.Microsoft Corporation
    O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) – C:\Windows\System32\bdesvc.dll [74392] =>.Microsoft Corporation

    —\ Firewall Active Exception List (10) - 3s
    O87 - FAEL: “{B3AE19C1-789A-45F6-8069-EF16CE76CB55}” [In-None-P6-TRUE] .(…) – C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.)
    O87 - FAEL: “{18045148-0E23-4ECD-BAA3-89CE55CFCBD4}” [In-None-P17-TRUE] .(…) – C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe (.not file.)
    O87 - FAEL: “{97156EF3-A9EE-4BCE-84C7-A85F9CF7D68F}” [In-None-P6-TRUE] .(…) – C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (.not file.)
    O87 - FAEL: “{149559B3-B122-4976-9834-983A2D85D31C}” [In-None-P17-TRUE] .(…) – C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (.not file.)
    O87 - FAEL: “{44D4102C-6E2F-4A21-8F40-54B4832C60BD}” [In-None-P6-TRUE] .(…) – C:\Users\Simcha\AppData\Local\Akamai\netsession_wi n.exe (.not file.) =>.Superfluous.AkamaiHD
    O87 - FAEL: “{7A8CA9AF-4E80-4EBA-A7DB-951449D83C79}” [In-None-P17-TRUE] .(…) – C:\Users\Simcha\AppData\Local\Akamai\netsession_wi n.exe (.not file.) =>.Superfluous.AkamaiHD
    O87 - FAEL: “TCP Query User{3567719C-81D7-449B-973B-642AEE333BBD}C:\users\simcha\appdata\local\akamai\ netsession_win.exe” [In-None-P6-TRUE] .(…) – C:\users\simcha\appdata\local\akamai\netsession_wi n.exe (.not file.) =>.Superfluous.AkamaiHD
    O87 - FAEL: “UDP Query User{3B04E05B-19A8-49FA-8AC8-BDACC6F0F366}C:\users\simcha\appdata\local\akamai\ netsession_win.exe” [In-None-P17-TRUE] .(…) – C:\users\simcha\appdata\local\akamai\netsession_wi n.exe (.not file.) =>.Superfluous.AkamaiHD
    O87 - FAEL: “{D7FFF978-C5FC-4890-BC2D-20A56D831099}” [In-None-P6-TRUE] .(.Copyright © 2014 - BREngineProcess.) – c:\program files (x86)\pc-faxreceive\brengineprocess.exe
    O87 - FAEL: “{8106444F-130E-4E00-9E1E-CB2B69744E52}” [In-None-P17-TRUE] .(.Copyright © 2014 - BREngineProcess.) – c:\program files (x86)\pc-faxreceive\brengineprocess.exe

    —\ List of CD/DVD Emulators (MBR Hook) (2) - 6s
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstu b_RASAPI32 =>Toolbar.Ask
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstu b_RASMANCS =>Toolbar.Ask

    —\ Additional Scan (O88) (14) - 0s
    C:\Users\Simcha\AppData\Roaming\Mozilla\Extensions {ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} =>.Superfluous.Orphan
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} =>.Superfluous.Orphan
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall{57752979-A1C9-4C02-856B-FBB27AC4E02C} =>Riskware.QuickTime
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{57752979-A1C9-4C02-856B-FBB27AC4E02C} =>Riskware.QuickTime
    C:\ProgramData\PhotoShow Shared Assets =>.Superfluous.SimpleStar
    [HKLM\system\currentcontrolset\services\sharedacces s\parameters\firewallpolicy\firewallRules]:{44D4102C-6E2F-4A21-8F40-54B4832C60BD} =>.Superfluous.AkamaiHD
    [HKLM\system\currentcontrolset\services\sharedacces s\parameters\firewallpolicy\firewallRules]:{7A8CA9AF-4E80-4EBA-A7DB-951449D83C79} =>.Superfluous.AkamaiHD
    [HKLM\system\currentcontrolset\services\sharedacces s\parameters\firewallpolicy\firewallRules]:TCP Query User{3567719C-81D7-449B-973B-642AEE333BBD}C:\users\simcha\appdata\local\akamai\ netsession_win.exe =>.Superfluous.AkamaiHD
    [HKLM\system\currentcontrolset\services\sharedacces s\parameters\firewallpolicy\firewallRules]:UDP Query User{3B04E05B-19A8-49FA-8AC8-BDACC6F0F366}C:\users\simcha\appdata\local\akamai\ netsession_win.exe =>.Superfluous.AkamaiHD
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstu b_RASAPI32 =>Toolbar.Ask
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstu b_RASMANCS =>Toolbar.Ask

    —\ Summary of the elements found (9) - 0s
    Wajam, Logiciel Potentiellement Indésirable. - ZAM =>PUP.Optional.Wajam
    Redirecting... =>.Superfluous.GreenTreeApp
    https://nicolascoolman.eu/2017/01/15...are-quicktime/ =>Riskware.QuickTime
    Conduit, Barre d’outils de navigateur. - ZAM =>.Superfluous.Conduit
    https://www.nicolascoolman.com/fr/les-toolbars/ =>Toolbar.YahooPartner
    https://www.nicolascoolman.com/fr/adware-zugo/ =>PUP.Optional.Zugo
    Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.SimpleStar
    Ask, Barre d’outils de navigateur. - ZAM =>Toolbar.Ask
    Logiciels Potentiellement Superflus (LPS). - ZAM =>.Superfluous.AkamaiHD

    ~ Unselected Options: O82,
    ~ End of the scan, 63101 items in 05mn19s (1866)(0)
  • Malnutrition
    PCHF Moderator
    • Jul 2016
    • 7045

    #2
    ZHP Fix [MEDIA=imgur]4bd9Ugb[/MEDIA]
    [ul]
    [li]Disable your antivirus prior to this fix![/li]
    [li]Download ZHP-Fix from here.[/li][li]Install it.[/li][li]Click Suivant 5 Times.[/li][li]Then Installer.[/li][li]Then Terminer.[/li][li]Then right clcick the ZHP Fix icon Run as admin.[/li][li]Copy the entire content of the code box below, the next step will grab it from your clipboard.[/li]
    [li]Then click on import.[/li][li]Then click GO.[/li][li]Allow completion.[/li][li]A log file will appear on your desktop. [/li]
    [li]Post it here in your next reply.[/li][/ul]
    Code:
    Script ZhpFix
    SysRestore
    EmptyFlash
    ProxyFix
    EmptyCLSID
    [MD5.00000000000000000000000000000000] [APT] [{541670BA-4500-4BAB-B28F-FEA12D97A8A6}] (...) -- D:\setup.exe (.not file.) [74392] (.Activate.)
    [MD5.00000000000000000000000000000000] [APT] [{F65E2FB5-898F-491F-A24C-3B6AE1F82E7F}] (...) -- C:\Users\Simcha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOG86P49\streamtransport_setup[1].exe (.not file.) [74392] (.Activate.)
    O39 - APT: Dell SupportAssistAgent AutoUpdate - (...) -- C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate [74392] (.Orphan.) =>.Superfluous.Orphan
    O39 - APT: PCDEventLauncherTask - (...) -- C:\Windows\System32\Tasks\PCDEventLauncherTask [74392] (.Orphan.) =>.Superfluous.Orphan
    O39 - APT: {541670BA-4500-4BAB-B28F-FEA12D97A8A6} - (...) -- C:\Windows\System32\Tasks\{541670BA-4500-4BAB-B28F-FEA12D97A8A6} [74392] (.Orphan.) =>.Superfluous.Orphan
    O39 - APT: {F65E2FB5-898F-491F-A24C-3B6AE1F82E7F} - (...) -- C:\Windows\System32\Tasks\{F65E2FB5-898F-491F-A24C-3B6AE1F82E7F} [74392] (.Orphan.) =>.Superfluous.Orphan
    P2 - EXT: (...) -- C:\Users\Simcha\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
    R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421; =>Hijacker.Proxy
    O42 - Logiciel: Free Dailymotion Download - (.Digital Wave Ltd.) [HKLM][64Bits] -- Free Dailymotion Download_is1 =>.Digital Wave Ltd®
    O42 - Logiciel: Free YouTube Downloader 3.3.115 - (.HOW Inc..) [HKLM][64Bits] -- {A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1 =>.HOW Inc.
    O42 - Logiciel: YTD Video Downloader 5.1.0 - (.GreenTree Applications SRL.) [HKLM][64Bits] -- {1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
    HKLM\SOFTWARE\Wow6432Node\Conduit =>.Superfluous.Conduit
    HKLM\SOFTWARE\Wow6432Node\Eset =>.ESET
    HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader =>.DawnArk, Inc
    HKLM\SOFTWARE\Wow6432Node\McAfee =>.McAfee Inc.
    HKLM\SOFTWARE\Wow6432Node\McAfeeInstaller =>.McAfee Inc.
    HKCU\SOFTWARE\Auslogics =>.Auslogics
    HKCU\SOFTWARE\Conduit =>.Superfluous.Conduit
    HKCU\SOFTWARE\ESET =>.ESET
    HKCU\SOFTWARE\GreenTree Applications =>.Superfluous.GreenTreeApp
    HKCU\SOFTWARE\YahooPartnerToolbar =>Toolbar.YahooPartner
    HKCU\SOFTWARE\Zugo =>PUP.Optional.Zugo
    HKCU\SOFTWARE\AppDataLow\Software\Conduit =>.Superfluous.Conduit
    O43 - CFD: 10/03/2012 - [] D -- C:\Program Files (x86)\Auslogics =>.Auslogics
    O43 - CFD: 07/06/2015 - [0] D -- C:\Program Files (x86)\Conduit
    O43 - CFD: 18/12/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics =>.Auslogics
    O43 - CFD: 07/03/2011 - [] D -- C:\ProgramData\McAfee =>.McAfee
    O43 - CFD: 24/12/2015 - [] HDC -- C:\ProgramData\{AA6BF06E-316C-487A-9BC2-5F06A43C56B1}
    O43 - CFD: 07/03/2011 - [] D -- C:\Program Files (x86)\Common Files\mcafee =>.McAfee
    O43 - CFD: 18/12/2016 - [0] D -- C:\Users\Simcha\AppData\Roaming\Auslogics =>.Auslogics
    O43 - CFD: 30/05/2013 - [] D -- C:\Users\Simcha\AppData\Roaming\Free AVI MPEG WMV MP4 FLV Video Joiner =>.FreeAudioVideo Software
    O43 - CFD: 01/03/2017 - [] D -- C:\Users\Simcha\AppData\Local\ESET =>.ESET
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238..clientLogIsEnabled", true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.CurrentServerDate", "22-4-2011"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.DialogsAlignMode", "LTR"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.DialogsGetterLastCheckTime", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.DownloadReferralCookieData", ""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.FirstServerDate", "22-4-2011"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.GroupingServerCheckInterval", 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.GroupingServiceUrl", "http://grouping.services.conduit.com/"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.HasUserGlobalKeys", true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.InstallationAndCookieDataSentCount", 1); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.InstallationType", "UnknownIntegration"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.IsGrouping", false); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.LanguagePackLastCheckTime", "Thu Apr 21 2011 18:41:38 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.LanguagePackReloadIntervalMM", 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.LastLogin_3.3.3.2", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.LatestVersion", "3.3.3.2"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.Locale", "en"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.MCDetectTooltipHeight", "83"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.MCDetectTooltipWidth", "295"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.SearchInNewTabEnabled", true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.SearchInNewTabIntervalMM", 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.SearchInNewTabLastCheckTime", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_T[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.ServiceMapLastCheckTime", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.SettingsLastCheckTime", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.SettingsLastUpdate", "1300822106"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.ThirdPartyComponentsInterval", 504); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.ThirdPartyComponentsLastCheck", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.ThirdPartyComponentsLastUpdate", "1246786978"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.TrusteLinkUrl", "http://trust.conduit.com/CT2645238"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.UserID", "UN64056061332159232"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.alertChannelId", "1037922"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.globalFirstTimeInfoLastCheckTime", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.isAppTrackingManagerOn", true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.myStuffEnabled", true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.myStuffPublihserMinWidth", 400); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.myStuffServiceIntervalMM", 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.testingCtid", ""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.toolbarAppMetaDataLastCheckTime", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CT2645238.toolbarContextMenuLastCheckTime", "Thu Apr 21 2011 18:41:38 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2645238"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2645238", "\"1283468208\""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "L+tncv4eqt6Qm5T3dzC[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeH[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "QmycQXJXVyFVAzIiNll[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "SuMy8xgBA7+FodOxmk9aiQ[...] =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"803651ba7facb1:0\""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2645238", "\"634386539058500000\""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2645238/CT2645238", "\"1300822106\""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"634351849102130000\""); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Thu Apr 21 2011 18:41:38 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.locale", "en"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Apr 21 2011 18:41:37 GMT-0400 (Eastern Daylight Time)"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.showTrayIcon", false); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.alert.userId", "21499f54-fe8f-4913-810a-fcd66726d99d"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.globalUserId", "203c316d-2692-402a-9de1-26b340563124"); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); =>.Superfluous.Conduit
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-[...] =>Toolbar.Ask
    O69 - SBI: prefs.js [Admin - m6riq23i.default] user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); =>Toolbar.Ask
    O69 - SBI: SearchScopes [HKCU] {D0102700-9EF8-4B3C-BC65-53F7A8CA0FDB} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.
    O69 - SBI: SearchScopes [HKLM] {3DD48EB7-6652-4BE4-B001-3EADBE559B68} - (Bing) - http://www.bing.com/ =>.Bing.com
    O87 - FAEL: "{44D4102C-6E2F-4A21-8F40-54B4832C60BD}" [In-None-P6-TRUE] .(...) -- C:\Users\Simcha\AppData\Local\Akamai\netsession_win.exe (.not file.) =>.Superfluous.AkamaiHD
    O87 - FAEL: "{7A8CA9AF-4E80-4EBA-A7DB-951449D83C79}" [In-None-P17-TRUE] .(...) -- C:\Users\Simcha\AppData\Local\Akamai\netsession_win.exe (.not file.) =>.Superfluous.AkamaiHD
    O87 - FAEL: "TCP Query User{3567719C-81D7-449B-973B-642AEE333BBD}C:\users\simcha\appdata\local\akamai\netsession_win.exe" [In-None-P6-TRUE] .(...) -- C:\users\simcha\appdata\local\akamai\netsession_win.exe (.not file.) =>.Superfluous.AkamaiHD
    O87 - FAEL: "UDP Query User{3B04E05B-19A8-49FA-8AC8-BDACC6F0F366}C:\users\simcha\appdata\local\akamai\netsession_win.exe" [In-None-P17-TRUE] .(...) -- C:\users\simcha\appdata\local\akamai\netsession_win.exe (.not file.) =>.Superfluous.AkamaiHD
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32 =>Toolbar.Ask
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS =>Toolbar.Ask
    C:\Users\Simcha\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} =>.Superfluous.Orphan
    HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} =>.Superfluous.Orphan
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
    [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{44D4102C-6E2F-4A21-8F40-54B4832C60BD} =>.Superfluous.AkamaiHD
    [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:{7A8CA9AF-4E80-4EBA-A7DB-951449D83C79} =>.Superfluous.AkamaiHD
    [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:TCP Query User{3567719C-81D7-449B-973B-642AEE333BBD}C:\users\simcha\appdata\local\akamai\netsession_win.exe =>.Superfluous.AkamaiHD
    [HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules]:UDP Query User{3B04E05B-19A8-49FA-8AC8-BDACC6F0F366}C:\users\simcha\appdata\local\akamai\netsession_win.exe =>.Superfluous.AkamaiHD
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32 =>Toolbar.Ask
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS =>Toolbar.Ask
    EmptyTemp

    Comment

    • Malnutrition
      PCHF Moderator
      • Jul 2016
      • 7045

      #3
      @User101 How about an update for us?

      Comment

      • Malnutrition
        PCHF Moderator
        • Jul 2016
        • 7045

        #4
        @User101 How about an update for us?

        Comment

        • Malnutrition
          PCHF Moderator
          • Jul 2016
          • 7045

          #5
          Hello @User101 how are you moving along with the instructions? Have you got an update for us?

          Please update this thread within 48 hours, or it will be closed. This is the last time you may request help in the malware area if you choose to not respond to this thread.

          Comment

          • User101
            PCHF Member
            • Sep 2016
            • 103

            #6
            I need time to dedicate to running this and what ever follows it and I have not had that. there has been a lot going on (beside sthe non-hack email distraction) and I will get to this as soon as some things settle down here in the next couple of days.

            Comment

            • User101
              PCHF Member
              • Sep 2016
              • 103

              #7
              A couple of things:
              1. The website you point to above “Download ZHP-Fix from here.” has three download buttons on the page. Which is the one to use? (see first attachment) I don’t want to download something else that page points to.
              2. There are three programs I found in your code that I use (see circled items in second attachment). I want to be sure the programs themselves are not being deleted. They are from legitimate software sites (Media Right and DVD VideoSoft) and have been on my machine for a very long time..

              Comment

              • Malnutrition
                PCHF Moderator
                • Jul 2016
                • 7045

                #8
                Originally posted by User101
                1. The website you point to above “Download ZHP-Fix from here.” has three download buttons on the page. Which is the one to use? (see first attachment) I don’t want to download something else that page points to.
                You need an ad blocker, set Alternate DNS on your machine. Also add Ublock Origin.

                Then the download button is the 0ne that reads Telecharger, that is download in french.
                Originally posted by User101
                1. There are three programs I found in your code that I use (see circled items in second attachment). I want to be sure the programs themselves are not being deleted. They are from legitimate software sites (Media Right and DVD VideoSoft) and have been on my machine for a very long time..
                These programs can cause malware adware on your machine, but hey if you want to remove them from the fix then go ahead.

                Comment

                • Malnutrition
                  PCHF Moderator
                  • Jul 2016
                  • 7045

                  #9
                  @User101 How about an update for us?

                  Comment

                  • Malnutrition
                    PCHF Moderator
                    • Jul 2016
                    • 7045

                    #10
                    @User101 How about an update for us?

                    Comment

                    • Malnutrition
                      PCHF Moderator
                      • Jul 2016
                      • 7045

                      #11
                      Hello @User101 how are you moving along with the instructions? Have you got an update for us?

                      Please update this thread within 48 hours, or it will be closed. You can however have it re-opened at any time, by sending a private message to a staff member.

                      Comment

                      Working...