Solved How to remove rundll32.exe virus.

~ ZHPDiag v2017.2.26.36 By Nicolas Coolman (2017/02/26)
~ Run by MSI CR-460 (Administrator) (2017/02/26 17:29:44)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\MSI CR-460\Desktop\ZHPDiag.txt
~ Report: C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation

---\\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v56.0.2924.87
~ MSIE: Internet Explorer v11.0.9600.18537

---\\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (1) - 2s
Malwarebytes Anti-Malware version 2.2.1.1043 (Protection)

---\\ System optimization software (1) - 3s
~ CCleaner v5.26 (Optimize)

---\\ Surveillance software (2) - 3s
~ Adobe Flash Player 22 NPAPI (Surveillance)
~ Adobe Reader XI (Surveillance)

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2097.152 MB (56% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 47 GB (15%) free of 305 GB : OK =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: MSICR-460-PC
~ User Name: MSI CR-460
~ Logged in as Administrator

---\\ Enumeration of the disk units (1) - 0s
~ Drive C: has 47 GB free of 305 GB (System)

---\\ State of the Windows Security Center (23) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (22) - 3s
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - 29/08/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\windows\Explorer.exe [2972672] =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\windows\System32\Wininit.exe [96256] =>.Microsoft Corporation
[MD5.F4F5123B45BFCFD2F035280FDCB5BBBE] - 12/11/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\windows\System32\wininet.dll [2444800] =>.Microsoft Corporation
[MD5.52449FD429D6053B78AE564DEF303870] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\windows\System32\Winlogon.exe [304128] =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.93B49FA857F7036A4EFF32371F6E7391] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - 08/09/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\windows\System32\drivers\DfsC.sys [81408] =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation
[MD5.6284D46BAA301BEDB9AB7FA7672B2410] - 05/01/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\windows\System32\drivers\MRxSmb.sys [124416] =>.Microsoft Corporation
[MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\windows\System32\drivers\netBT.sys [188928] =>.Microsoft Corporation
[MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\windows\System32\drivers\ntfs.sys [1212352] =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation
[MD5.BB8817D0508DD5EA69C770C8DEF5AB67] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows®

---\\ Task Planned Automatically (3) - 12s
[MD5.1A709A8B23B584115F2CCEEDAD64DE97] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [7173848] (.Activate.) =>.Piriform Ltd®
[MD5.00000000000000000000000000000000] [APT] [Microsoft\Windows\Autochk\Proxy] (...) -- C:\windows\system32\rundll32.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\windows\System32\Tasks\CCleanerSkipUAC [2784] =>.Piriform Ltd®

---\\ Auto loading programs from Registry and folders (2) - 0s
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

---\\ Process running (3) - 1s
[MD5.0A70F4022EC2E14C159EFC4F69AA2477] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1710464] [PID.1860] =>.Microsoft Corporation®
[MD5.9C879E1C3B27085FB46EFECCD7120D51] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [193408] [PID.1564] =>.Microsoft Corporation®
[MD5.139A1E7AC1479231D95F650ECBD55081] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\MSI CR-460\Desktop\ZHPDiag3.exe [2703872] [PID.828] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (6) - 1s
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dnligehkhogpcngalffdoomehjcbecna] Baboom Search =>.Superfluous.Linkury
G2 - GCE: Preference [User Data\Default] [gehmndecgbcffhmfjkenpamdgechcgpe] Baboom Search =>.Superfluous.Linkury
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] [https://epicunitscan.info/00service/update2/crx] Google Chrome manifest =>Hijacker.Browser
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (7) - 2s
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT FILE: (.Test Pilot - Help make Firefox better by running us.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\testpilot@labs.mozilla.com.xpi =>.Test Pilot
P2 - EXT FILE: (.Google - Default Search.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\searchplugins\Google.xml =>.Google
P2 - EXT FILE: (...) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\searchplugins\WebSearch.xml
P2 - EXT: (...) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\staged
P2 - EXT: (.Riverbed Technology, Inc. - Steelhead Mobile Certificate Manager.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\SteelheadMobileCertificateManager@riverbed.com =>.Riverbed Technology, Inc.
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_22_0_0_209.dll =>.Adobe Systems Incorporated

---\\ Opera, Plugins,Start,Search (1) - 0s
B2 - EXT: [CinemaP-1.9cV22.08] C:\Users\MSI CR-460\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi

---\\ Internet Explorer Extensions, Start, Search (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

---\\ Browser Helper Object (BHO) (8) - 1s
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll =>.Microsoft Corporation®
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL =>.Microsoft Corporation®
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll =>.Oracle America, Inc.®

---\\ Global shortcuts Startup (98) - 18s
O4 - GS\Desktop [Administrator]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Administrator]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Administrator]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrator]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Guest]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Guest]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Guest]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [MSI CR-460]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [MSI CR-460]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [MSI CR-460]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [MSI CR-460]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [MSI CR-460]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [MSI CR-460]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [MSI CR-460]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [MSI CR-460]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [MSI CR-460]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [MSI CR-460]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [MSI CR-460]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Canon IJ Network Tool.lnk . (.CANON INC. - Canon IJ Network Tool.) C:\Program Files\Canon\Canon IJ Network Tool\CNMNPUT.EXE =>.Canon Inc.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Family Tree Maker 2012.lnk . (.Ancestry.com - Family Tree Maker 2012.) C:\Program Files\Family Tree Maker 2012\FTM.exe
O4 - GS\CommonDesktop [Public]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: PIXAJOY Editor.lnk . (.Pixajoy - Pixajoy.) C:\Program Files\PIXAJOY Editor\PIXAJOY Editor.exe
O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (...) C:\Program Files\RogueKiller\RogueKiller.exe =>.Adlice®
O4 - GS\Programs [Public]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Reader XI.lnk . (...) C:\windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico =>.Adobe Inc.
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) C:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\windows\system32\xpsrchvw.exe =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpDomain = domain.name

---\\ Extra protocols (25) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (114) - 40s
O42 - Logiciel: Adobe Flash Player 22 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 24 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.13) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824157129} =>.Adobe Systems Incorporated
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- {4555BB9E-E715-4260-A178-E8EFD2B653E3} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- {AB398DDB-0E7B-400B-A940-7E61FB91A531} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- AmUStor =>.Alcor Micro Corp.
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {D3694B69-6F8C-42D3-8A0A-EB2AB528C02C} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Atheros Communications Inc.®
O42 - Logiciel: AVG PC TuneUp 2015 (en-US) - (.AVG Technologies.) [HKLM] -- {4AC74ED1-719B-46DA-8B8A-340FBF892291} =>.AVG Technologies
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter =>.Broadcom Corporation®
O42 - Logiciel: Canon IJ Network Scanner Selector EX - (..) [HKLM] -- Canon_IJ_Network_Scanner_Selector_EX =>.Canon Inc.®
O42 - Logiciel: Canon IJ Network Tool - (.Canon Inc..) [HKLM] -- Canon_IJ_Network_UTILITY =>.Canon Inc.®
O42 - Logiciel: Canon MX420 series MP Drivers - (.Canon Inc..) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series =>.Canon Inc.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] -- Cisco AnyConnect Secure Mobility Client =>.Cisco Systems, Inc.®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] -- {F63E747C-5B51-4A6E-9413-BF258F4653F3} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} =>.Cisco Systems, Inc.
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] -- {1CB0993B-1CD4-4A18-9C85-9732AFD9843F}
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] -- Family Tree Maker 2012
O42 - Logiciel: FileHippo App Manager - (.FileHippo.com.) [HKLM] -- FileHippo.com =>.FileHippo.com
O42 - Logiciel: FlashGet3.7 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet3.7 =>.http://www.FlashGet.com
O42 - Logiciel: FormatFactory 2.20 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Photos Backup - (.Google, Inc..) [HKCU] -- Google Photos Backup =>.Google, Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM] -- {4CEEE5D0-F905-4688-B9F9-ECC710507796} =>.HTC Corporation
O42 - Logiciel: HTC Sync Manager - (.HTC.) [HKLM] -- {231D0C79-98A6-4693-A366-36DE7D7346EC} =>.HTC
O42 - Logiciel: ImagXpress - (.Nero AG.) [HKLM] -- {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} =>.Nero AG
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: Java 8 Update 121 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F32180121F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
O42 - Logiciel: K-Lite Codec Pack 8.3.2 (Full) - (.KLite Inc.) [HKLM] -- KLiteCodecPack_is1 =>.KLite Inc
O42 - Logiciel: Lenovo_Wireless_Driver - (.Lenovo.) [HKLM] -- {28ABE740-47F3-441B-9437-852F6A64EFF8} =>.Macrovision Corporation®
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Master PDF Editor 2.1.65 - (.Code Industry Ltd..) [HKLM] -- Master PDF Editor 2.1.65_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.Microsoft Corporation
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {50816F92-1652-4A7C-B9BC-48F682742C4B} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0117-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] -- {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0054-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0051-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] -- Office15.VISPRO =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: My Photo Creations (Photobookmart Edition) - (.Digilabs.) [HKLM] -- {111FC0F4-F93D-4FB1-A91D-B0258A8A1BA5}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: PDF Password Remover - (.Tenorshare, Inc..) [HKLM] -- PDF Password Remover =>.Tenorshare, Inc.
O42 - Logiciel: PDFill PDF Editor with FREE Writer and FREE Tools - (.PlotSoft LLC.) [HKLM] -- {D1399216-81B2-457C-A0F7-73B9A2EF6902} =>.PlotSoft LLC
O42 - Logiciel: Photobook Designer - (.Photobook Malaysia.) [HKCU] -- Photobook Designer
O42 - Logiciel: Pismo File Mount Audit Package - (..) [HKLM] -- PismoFileMountAuditPackage =>.Pismo Technic Inc.®
O42 - Logiciel: PIXAJOY Editor - (.Pixajoy.) [HKCU] -- PIXAJOY Editor
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek USB 2.0 Reader Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {62BBB2F0-E220-4821-A564-730807D2C34D} =>.Realtek Semiconductor Corp®
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {9D3D8C60-A55F-4123-B2B9-173F09590E16} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Riverbed Steelhead Mobile - (.Riverbed Technology, Inc..) [HKLM] -- {09D86FD5-EA7E-4072-997F-4E88AE25ACA2} =>.Riverbed Technology, Inc.
O42 - Logiciel: RogueKiller version 12.9.8.0 - (.Adlice Software.) [HKLM] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: S-Bar - (.MSI.) [HKLM] -- {4E18A842-A084-46E0-81BA-31C7EB96B26C} =>.MSI
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer =>.TeamViewer®
O42 - Logiciel: Telegram Desktop version 0.10.19 - (.Telegram Messenger LLP.) [HKCU] -- {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1 =>.Telegram Messenger LLP
O42 - Logiciel: TuneUp Utilities 2014 (en-US) - (.TuneUp Software.) [HKLM] -- {14C8CE46-C68C-461B-BCA9-E276A85851C6} =>.TuneUp Software
O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Uplayer - (.D-LINK CORPORATION.) [HKLM] -- {246F5A8A-ADB1-4ED9-BE01-C4118E7DB3A5} =>.D-Link Corporation
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VNC Enterprise Edition E4.5.1 - (.RealVNC Ltd..) [HKLM] -- RealVNC_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Mirror Driver 1.8.0 - (.RealVNC Ltd..) [HKLM] -- VNCMirror_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Printer Driver 1.6.0 - (.RealVNC Ltd..) [HKLM] -- VNCPrinter_is1 =>.RealVNC Ltd.
O42 - Logiciel: WD Drive Utilities - (.Western Digital Technologies, Inc..) [HKLM] -- {E61CFDDA-40DD-4400-95CA-12819C50B5C2} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] -- {429a42d7-4c55-44d4-b38a-5872a0d70495} =>.Western Digital Technologies, Inc.®
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] -- {F1D5FC88-4EE0-4D0B-917B-60E930142FB9} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD SES Driver Setup - (.Western Digital.) [HKLM] -- {924A274D-38B6-4930-8859-F3F51CFA8DDD} =>.Western Digital
O42 - Logiciel: WD SmartWare - (.Western Digital Technologies, Inc..) [HKLM] -- {6EE644CD-FC7F-424C-83EA-9C0285C4FB7F} =>.Western Digital Technologies, Inc.
O42 - Logiciel: Win7codecs - (.Shark007.) [HKLM] -- {8C0CAA7A-3272-4991-A808-2C7559DE3409} =>.Shark007
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM] -- {CCF298AF-9CE1-4B26-B251-486E98A34789} =>.Microsoft Corporation
O42 - Logiciel: Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) - (.ENE.) [HKLM] -- 7F523D4F8E191139525DC0260B06BF68E4E581EE =>.ENE Technology Inc.®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] -- 5B1D8E9CE6F89F5466353F3E5A7084A126505FEA =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] -- 261F972493946CC8B32688E5247ADD2EE612DEB9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] -- DA556C9045FE4065F487AF1C9B3992A6AD4C8A66 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] -- FB8C5A1BB9B0EB1DBE21E5BBBF6942439C4FB2F9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Ralink (netr28u) Net (11/13/2009 3.00.09.0000) - (.Ralink.) [HKLM] -- AB8CA567F16EA6E1DF917E5D13C2A15AD9BB4B14 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Ralink Technology, Corp. (netr28) Net (02/09/2010 - (.Ralink Technology, Corp..) [HKLM] -- DA9E83E3434B0A377F6C3573D30A3E6E692E31F2 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} =>.Microsoft Corporation
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- Windows Media Encoder 9 =>.Microsoft Corporation
O42 - Logiciel: WinRAR archiver - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH
O42 - Logiciel: WinZip 15.0 - (.WinZip Computing, S.L..) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240BE} =>.WinZip Computing, S.L.

---\\ HKCU & HKLM Software Keys (134) - 40s
HKLM\SOFTWARE\121_31
HKLM\SOFTWARE\<company>
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Ancestry.com
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Atheros =>.Qualcomm Atheros
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Avg =>.AVG Software
HKLM\SOFTWARE\BCL Technologies =>.BCL Technologies
HKLM\SOFTWARE\Broadcom =>.Broadcom
HKLM\SOFTWARE\Canon =>.Canon
HKLM\SOFTWARE\Caphyon =>.Caphyon
HKLM\SOFTWARE\CBSTEST =>.CBS Test
HKLM\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKLM\SOFTWARE\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\DivXNetworks =>.DivXNetworks
HKLM\SOFTWARE\FlashGet Network
HKLM\SOFTWARE\Gabest =>.Gabest
HKLM\SOFTWARE\GEAR Software =>.GEAR Software
HKLM\SOFTWARE\GNU =>.GNU
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\GRETECH =>.Gretech
HKLM\SOFTWARE\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\HTC =>.HTC
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\inKline Global
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\InterVideo =>.InterVideo
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\LAV =>.LAV Inc
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\MSI =>.MSI
HKLM\SOFTWARE\Nero =>.Ahead Corporation
HKLM\SOFTWARE\Nico Mak Computing =>.Nico Mak Computing
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\PlotSoft =>.PlotSoft
HKLM\SOFTWARE\PocketSoft
HKLM\SOFTWARE\PS
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RealVNC =>.RealVNC
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\Riverbed
HKLM\SOFTWARE\RTLSetup =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\StarterBackgroundChanger
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\TuneUp =>.TuneUp
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WDPA =>.WDPA
HKLM\SOFTWARE\webroot =>.Webroot
HKLM\SOFTWARE\Western Digital =>.Western Digital
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Ancestry.com
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\ASProtect =>.ASPack Software
HKCU\SOFTWARE\Avg =>.AVG Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\CanonBJ =>.Canon Inc.
HKCU\SOFTWARE\Caphyon =>.Caphyon
HKCU\SOFTWARE\CDDB =>.Cddb Software
HKCU\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKCU\SOFTWARE\Code Industry
HKCU\SOFTWARE\CyberLink =>.CyberLink Corporation
HKCU\SOFTWARE\dlink
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\FileHippo.com =>.FileHippo.com
HKCU\SOFTWARE\FileOpen =>.FileOpen Systems Inc.
HKCU\SOFTWARE\FreeTime =>.FreeTime Inc
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRETECH =>.Gretech
HKCU\SOFTWARE\HTC =>.HTC
HKCU\SOFTWARE\ihelper =>.Legitimate
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\InstallPath =>.Legitimate
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Lake =>.Lake Sofware
HKCU\SOFTWARE\LAV =>.LAV Inc
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MSI =>.MSI
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nitro =>.Nitro
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\pdfconverter.com =>.pdfconverter.com
HKCU\SOFTWARE\Photobook Designer
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\PIXAJOY Editor
HKCU\SOFTWARE\PlotSoft =>.PlotSoft
HKCU\SOFTWARE\pocketsoft
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RealVNC =>.RealVNC
HKCU\SOFTWARE\Riverbed
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\TeamViewer =>.TeamViewer
HKCU\SOFTWARE\Teiron =>.Teiron
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TuneUp =>.TuneUp
HKCU\SOFTWARE\Western Digital =>.Western Digital
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\cegcejuhat
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Yahoo =>.Yahoo! Inc.

---\\ Contents of the Common Files folders (327) - 38s
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\AmIcoSingLun =>.Alcor Micro Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Ashampoo =>.Ashampoo GmbH
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 07/07/2015 - [] D -- C:\Program Files\AVG =>.AVG Software
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\BCL Technologies =>.BCL Technologies
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Broadcom =>.Broadcom Corporation®
O43 - CFD: 28/10/2016 - [] D -- C:\Program Files\Canon =>.Canon Inc.®
O43 - CFD: 28/10/2016 - [] HD -- C:\Program Files\CanonBJ =>.Canon Inc.
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\Code Industry
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\CyberLink =>.CyberLink Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 04/02/2017 - [0] D -- C:\Program Files\DownloadYoutubeIE
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\Family Tree Maker 2012 {0617082F262673EB00DF1F193DE22525}
O43 - CFD: 09/10/2016 - [] D -- C:\Program Files\FileHippo.com =>.Well Known Media Ltd®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\FlashGet Network =>.FlashGet
O43 - CFD: 21/08/2012 - [] D -- C:\Program Files\FreeTime =>.FreeTime
O43 - CFD: 09/10/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\GRETECH =>.GRETECH®
O43 - CFD: 17/12/2016 - [] D -- C:\Program Files\GUM8A16.tmp =>.Google Inc®
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\HTC =>.HTC
O43 - CFD: 12/09/2015 - [] D -- C:\Program Files\inKline Global
O43 - CFD: 12/09/2015 - [] HD -- C:\Program Files\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 24/07/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc
O43 - CFD: 17/12/2016 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Program Files\IObit =>.IObit
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Java =>.Oracle
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Lenovo =>.Lenovo
O43 - CFD: 30/10/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 21/09/2013 - [] D -- C:\Program Files\Microsoft Application Virtualization Client =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 05/02/2017 - [] D -- C:\Program Files\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Sync Framework =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Synchronization Services =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\MSECache =>.Microsoft Corporation
O43 - CFD: 02/09/2012 - [0] D -- C:\Program Files\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - [] D -- C:\Program Files\My Photo Creations (Photobookmart Edition) {00B0948F9E29EED75E31BAF47F5061A0D3}
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\Nero =>.Ahead Corporation
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\OpenOffice.org 3 =>.SourceForge
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\Opera =>.Opera Software
O43 - CFD: 03/09/2016 - [] D -- C:\Program Files\PDF Password Remover
O43 - CFD: 25/12/2013 - [] D -- C:\Program Files\Photobook Designer
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files\Pismo File Mount Audit Package =>.Pismo Technic Inc.®
O43 - CFD: 11/10/2014 - [] D -- C:\Program Files\PIXAJOY Editor
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\PlotSoft =>.PlotSoft
O43 - CFD: 29/09/2013 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\REALTEK PCIE Wireless LAN Driver =>.Realtek Semiconductor Corp.
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files\RealVNC =>.RealVNC
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\Program Files\Riverbed
O43 - CFD: 26/02/2017 - [] D -- C:\Program Files\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\S-Bar
O43 - CFD: 24/05/2015 - [] D -- C:\Program Files\Save my Tabs
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Sidewise Tree Style Tabs
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\Spirent Communications =>.Spirent Communications
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\StarterBackgroundChanger
O43 - CFD: 20/10/2015 - [] D -- C:\Program Files\TeamViewer =>.TeamViewer®
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Program Files\Western Digital =>.Western Digital Technologies, Inc.®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\Win7codecs =>.Shark007
O43 - CFD: 14/07/2013 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\Windows Media Components =>.Microsoft Corporation®
O43 - CFD: 07/12/2016 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\WinZip =>.WinZip Computing®
O43 - CFD: 21/08/2016 - [0] D -- C:\Program Files\Yahoo! =>.Yahoo!
O43 - CFD: 08/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX420 series
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities =>.Canon Inc.
O43 - CFD: 21/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 28/02/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam =>.CyberLink Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 12/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player =>.Gretech Corporation
O43 - CFD: 07/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC =>.HTC
O43 - CFD: 28/07/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 30/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 09/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English) =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Photo Creations (Photobookmart Edition)
O43 - CFD: 31/01/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1 =>.SourceForge
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill =>.PlotSoft L.L.C.
O43 - CFD: 25/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobook Designer
O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pismo File Mount Audit Package
O43 - CFD: 12/10/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXAJOY Editor
O43 - CFD: 29/09/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC =>.RealVNC
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S-Bar
O43 - CFD: 16/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint =>.Microsoft Corporation
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs =>.Shark007
O43 - CFD: 21/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steelhead Mobile
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.WinZip
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 =>.GEAR Software, Inc.
O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\AmUStor =>.Alocr Micro
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\ashampoo =>.Ashampoo GmbH
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\Atheros =>.Qualcomm Atheros
O43 - CFD: 03/01/2013 - [] D -- C:\ProgramData\AutoKMS =>HackTool.AutoKMS
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\AVG =>.AVG Software
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\AVG2015 =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\ProgramData\Avg_Update_0215pit =>.AVG Software
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\Avira =>.Avira Software
O43 - CFD: 30/06/2012 - [] D -- C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 28/10/2016 - [0] D -- C:\ProgramData\Canon IJ Network Tool =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] HD -- C:\ProgramData\CanonBJ =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] HD -- C:\ProgramData\CanonIJFAX =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\CanonIJWSpt =>.Canon Inc.
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\CismaUva
O43 - CFD: 04/03/2013 - [] HD -- C:\ProgramData\Common Files =>.Microsoft Corporation
O43 - CFD: 19/05/2012 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 05/10/2013 - [] D -- C:\ProgramData\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 09/10/2016 - [] D -- C:\ProgramData\Google =>.Google
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - [] D -- C:\ProgramData\HTC =>.HTC
O43 - CFD: 21/10/2015 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 21/03/2015 - [] D -- C:\ProgramData\IsolatedStorage =>.id Software
O43 - CFD: 12/09/2015 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 21/10/2015 - [] D -- C:\ProgramData\MFAData =>.AVG Software
O43 - CFD: 21/11/2016 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 25/05/2013 - [] D -- C:\ProgramData\Nitro =>.Nitro
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\PDVD =>.PDVD
O43 - CFD: 14/11/2014 - [0] D -- C:\ProgramData\PlotSoft =>.PlotSoft
O43 - CFD: 21/08/2016 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\ProgramData\Riverbed
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\RogueKiller =>.Adlice
O43 - CFD: 09/10/2016 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - [0] D -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\TuneUp Software =>.TuneUp Software
O43 - CFD: 04/05/2012 - [] D -- C:\ProgramData\VirtualizedApplications =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Win7codecs =>.Shark007
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\WinZip =>.WinZip
O43 - CFD: 07/10/2015 - [] HD -- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files\Common Files\Adobe =>.Adobe
O43 - CFD: 07/09/2015 - [0] D -- C:\Program Files\Common Files\AV =>.Avast
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/09/2015 - [] D -- C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Common Files\Intel =>.Intel Corporation
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files\Common Files\IObit =>.IObit
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Common Files\Java =>.Oracle
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 30/10/2014 - [] D -- C:\Program Files\Common Files\PS
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Common Files\System =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Program Files\Common Files\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\Common Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 25/02/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 07/07/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\AVG2015 =>.AVG Software
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\BITS =>.BITS
O43 - CFD: 21/11/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\BitTorrent
O43 - CFD: 28/10/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Canon =>.Canon
O43 - CFD: 19/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/10/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\dlink
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 27/11/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FamilyTreeMaker
O43 - CFD: 05/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FlashGet =>.FlashGet
O43 - CFD: 08/07/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Google =>.Google
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\HTC =>.HTC
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\IDM =>.IDM
O43 - CFD: 25/08/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ihelper
O43 - CFD: 06/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ILOVEPHOTOBOOK v2.5.4
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\IObit =>.IObit
O43 - CFD: 23/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 21/03/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\Media Player Classic =>.Microsoft Corporation
O43 - CFD: 28/08/2016 - [] SD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 05/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nitro =>.Nitro
O43 - CFD: 27/11/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nitro PDF =>.Nitro PDF
O43 - CFD: 22/08/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 11/10/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 01/01/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Photobook Designer
O43 - CFD: 12/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\PIXAJOY Editor
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ProductData =>.Microsoft Corporation
O43 - CFD: 22/06/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\RealVNC =>.RealVNC
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\RGE
O43 - CFD: 18/09/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Skype =>.Skype
O43 - CFD: 28/10/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 21/06/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 04/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 13/04/2012 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\TP =>.TP
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\TuneUp Software =>.TuneUp Software
O43 - CFD: 21/03/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\uTorrent
O43 - CFD: 16/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 26/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 04/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Local\Adobe =>.Adobe
O43 - CFD: 18/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Ancestry.com
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 07/02/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 03/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Avg2015 =>.AVG Software
O43 - CFD: 24/12/2013 - [] D -- C:\Users\MSI CR-460\AppData\Local\cache =>.Legitimate
O43 - CFD: 22/06/2014 - [] D -- C:\Users\MSI CR-460\AppData\Local\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 19/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 26/02/2017 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 28/06/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [0] D -- C:\Users\MSI CR-460\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Google =>.Google
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\HTC MediaHub =>.HTC MediaHub
O43 - CFD: 18/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 11/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 14/11/2014 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\MFAData =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\MSI =>.MSI
O43 - CFD: 22/08/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 21/03/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Local\RealVNC =>.RealVNC
O43 - CFD: 01/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\Users\MSI CR-460\AppData\Local\TuneUp Software =>.TuneUp Software
O43 - CFD: 20/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Western Digital =>.Western Digital
O43 - CFD: 07/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Western_Digital_Technolog =>.Western Digital Technologies
O43 - CFD: 30/10/2014 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Programs\Google =>.Google
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 21/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory =>.FormatFactory
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup =>.Google Inc.
O43 - CFD: 28/07/2016 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 03/09/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Password Remover
O43 - CFD: 24/11/2016 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 03/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Avg2015 =>.AVG Software
O43 - CFD: 25/02/2013 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Google =>.Google
O43 - CFD: 27/02/2012 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 07/06/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\MFAData =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 24/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\TuneUp Software =>.TuneUp Software
O43 - CFD: 01/07/2012 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 07/07/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\AVG2015 =>.AVG Software
O43 - CFD: 08/09/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\IObit =>.IObit
O43 - CFD: 24/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\McAfee =>.McAfee
O43 - CFD: 28/02/2012 - [] SD -- C:\windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 25/02/2017 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\TuneUp Software =>.TuneUp Software

---\\ ShellIconOverlayIdentifiers (SIOI) (10) - 0s
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

---\\ ShareTools MSconfig StartupReg (1) - 0s
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation

---\\ System Drivers List (89) - 75s
O58 - SDL:2013/08/31 01:51:25 RA . (.Cisco Systems, Inc. - Cisco AnyConnect Kernel Driver Framework So.) -- C:\windows\System32\drivers\acsock.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\System32\drivers\adp94xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\System32\drivers\adpahci.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\System32\drivers\adpu320.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\System32\drivers\aliide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\System32\drivers\amdsata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\windows\System32\drivers\amdsbs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\System32\drivers\amdxata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\System32\drivers\arc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\System32\drivers\arcsas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/06/26 21:37:12 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\windows\System32\drivers\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2015/08/04 11:33:00 A . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\windows\System32\drivers\avgtdix.sys [92112] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2009/07/14 02:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\windows\System32\drivers\b57nd60x.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\windows\System32\drivers\BrFiltLo.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\windows\System32\drivers\BrFiltUp.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 04:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\windows\System32\drivers\BrSerId.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\System32\drivers\BrSerWdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\System32\drivers\BrUsbMdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\System32\drivers\BrUsbSer.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\System32\drivers\bxvbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2010/08/20 22:49:06 A . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\windows\System32\drivers\clwvd.sys [92112] =>.CyberLink®
O58 - SDL:2009/07/14 05:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\System32\drivers\cmdide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2010/11/11 10:11:08 A . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) -- C:\windows\System32\drivers\diskperf.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 05:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\System32\drivers\djsvs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\windows\System32\drivers\elxstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\System32\drivers\evbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\windows\System32\drivers\hcw85cir.sys [92112] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/10/20 04:33:40 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\windows\System32\drivers\HECI.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\windows\System32\drivers\HpSAMD.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/17 11:27:02 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\windows\System32\drivers\htcnprot.sys [92112] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2009/10/27 07:01:06 A . (.QUALCOMM Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\HtcVComV32.sys [92112] =>.QUALCOMM Incorporated
O58 - SDL:2015/09/08 08:52:09 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\windows\System32\drivers\HWiNFO32.SYS [92112] =>.Martin Malik - REALiX®
O58 - SDL:2011/03/11 09:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\System32\drivers\iaStorV.sys [92112] =>.Microsoft Windows®
O58 - SDL:2012/01/27 04:48:06 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\windows\System32\drivers\idmwfp.sys [92112] =>.Tonec Inc.®
O58 - SDL:2012/03/19 19:27:04 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\System32\drivers\igdkmd32.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\System32\drivers\iirsp.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/30 12:11:38 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\windows\System32\drivers\IntcDAud.sys [92112] =>.Intel(R) Corporation
O58 - SDL:2010/07/28 20:25:02 A . (.Initio Corporation - Initio Default Vendor Specific Device Drive.) -- C:\windows\System32\drivers\ivusb.sys [92112] =>.Initio Corporation®
O58 - SDL:2010/10/21 10:57:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\windows\System32\drivers\L1C62x86.sys [92112] =>.Atheros Communications Inc.®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\System32\drivers\lsi_fc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\System32\drivers\lsi_scsi.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\mbam.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\windows\System32\drivers\mbamchameleon.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2017/02/04 07:54:26 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\MBAMSwissArmy.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\megasas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\System32\drivers\MegaSR.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:04 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\windows\System32\drivers\mwac.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/11/14 05:44:34 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\windows\System32\drivers\netr28u.sys [92112] =>.Ralink Technology Corp.
O58 - SDL:2009/07/14 05:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\System32\drivers\nfrd960.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\System32\drivers\nvraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\System32\drivers\nvstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/07/01 01:56:32 A . (.Pismo Technic Inc. - System Extension - Pismo File Mount.) -- C:\windows\System32\drivers\pfmfs_178.sys [92112] =>.Pismo Technic Inc.®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\System32\drivers\ql2300.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\System32\drivers\ql40xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/07 12:36:30 A . (.Riverbed Technology, Inc - Steelhead Mobile Client.) -- C:\windows\System32\drivers\rbtnfd.sys [92112]
O58 - SDL:2011/06/10 02:34:52 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\windows\System32\drivers\Rt86win7.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/01/04 21:08:58 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\windows\System32\drivers\rtl8192ce.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/03/15 14:09:16 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\windows\System32\drivers\RtsUVStor.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 00:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\windows\System32\drivers\secdrv.sys [92112] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\System32\drivers\sisraid2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\System32\drivers\sisraid4.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\windows\System32\drivers\stexstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2017/02/26 16:10:05 A . (...) -- C:\windows\System32\drivers\TrueSight.sys [92112] =>.Adlice®
O58 - SDL:2017/02/25 12:40:53 A . (.Zaitsev Oleg, 2006 - AVZGuard Driver.) -- C:\windows\System32\drivers\ujiyodk3.sys [92112]
O58 - SDL:2012/12/13 10:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\windows\System32\drivers\usbaapl.sys [92112] =>.Apple, Inc.
O58 - SDL:2017/02/05 13:40:58 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) -- C:\windows\System32\drivers\utiyodk3.sys [92112]
O58 - SDL:2009/07/14 05:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\System32\drivers\viaide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/24 20:21:14 A . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\windows\System32\drivers\vncmirror.sys [92112] =>.RealVNC Ltd.
O58 - SDL:2013/08/31 01:53:13 A . (.Cisco Systems, Inc. - Cisco AnyConnect Secure Mobility Client Vir.) -- C:\windows\System32\drivers\vpnva-6.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\System32\drivers\vsmraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/04/30 00:01:06 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\windows\System32\drivers\wdcsam.sys [92112] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2009/07/14 01:40:41 A . (...) -- C:\windows\System32\ANSI.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/10/05 21:31:50 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\windows\System32\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 01:40:44 A . (...) -- C:\windows\System32\country.sys [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:40 A . (...) -- C:\windows\System32\HIMEM.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (...) -- C:\windows\System32\KEY01.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (...) -- C:\windows\System32\KEYBOARD.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:23 A . (...) -- C:\windows\System32\NTDOS.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:31 A . (...) -- C:\windows\System32\NTDOS404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:35 A . (...) -- C:\windows\System32\NTDOS411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:39 A . (...) -- C:\windows\System32\NTDOS412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:27 A . (...) -- C:\windows\System32\NTDOS804.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:11 A . (...) -- C:\windows\System32\NTIO.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:15 A . (...) -- C:\windows\System32\NTIO404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:17 A . (...) -- C:\windows\System32\NTIO411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:19 A . (...) -- C:\windows\System32\NTIO412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:13 A . (...) -- C:\windows\System32\NTIO804.SYS [92112] =>.Microsoft Corporation

---\\ Last modified or created user files (1) - 35s
O61 - LFC: 2017/02/25 12:16:44 A . (.Alex Dragokas.) -- C:\Users\MSI CR-460\Desktop\clearlnk_2.9.0.11.exe [462976]

---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (3) - 3s
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

---\\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [92112] =>.Microsoft Corporation

---\\ Additional Scan (O88) (8) - 0s
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnligehkhogpcngalffdoomehjcbecna =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehmndecgbcffhmfjkenpamdgechcgpe =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda =>Hijacker.Browser
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
C:\ProgramData\AutoKMS =>HackTool.AutoKMS

---\\ Summary of the elements found (5) - 0s
https://www.anti-malware.top/2016/08/02/superfluous-linkury/ =>.Superfluous.Linkury
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS

~ Unselected Options: O82,
~ End of the scan, 71591 items in 05mn42s (1078)(0)

Click to expand...

~ ZHPCleaner v2017.2.27.37 by Nicolas Coolman (2017/02/27)
~ Run by MSI CR-460 (Administrator) (01/03/2017 03:17:18)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\MSI CR-460\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601)


---\\ Services (0)
~ No malicious or unnecessary items found.


---\\ Browser internet (2)
DELETED data: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings [Bad : Port=52737 <-Loopback>] =>Hijacker.Proxy
DELETED data: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings [Bad : Port=52737 <-Loopback>] =>Hijacker.Proxy


---\\ Hosts file (1)
~ The hosts file is legitimate (1)


---\\ Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\ Explorer ( File, Folder) (22)
MOVED file: C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\searchplugins\WebSearch.xml =>PUP.Optional.SimpleSearches
MOVED file: C:\Windows\Installer\wix{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{6EE644CD-FC7F-424C-83EA-9C0285C4FB7F}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\Installer\wix{F53D678E-238F-4A71-9742-08BB6774E9DC}.SchedServiceConfig.rmi =>.Superfluous.Empty
MOVED file: C:\Windows\AutoKMS\AutoKMS.log =>HackTool.AutoKMS
MOVED folder: C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnligehkhogpcngalffdoomehjcbecna =>.Superfluous.Linkury
MOVED folder: C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehmndecgbcffhmfjkenpamdgechcgpe =>.Superfluous.Linkury
MOVED folder: C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
MOVED folder: C:\Users\MSI CR-460\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi =>PUP.Optional.CrossRider
MOVED folder: C:\Program Files\Ashampoo =>.Superfluous.Empty
MOVED folder: C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
MOVED folder: C:\ProgramData\AutoKMS =>HackTool.AutoKMS
MOVED folder: C:\windows\AutoKMS =>HackTool.AutoKMS
MOVED folder: C:\Users\MSI CR-460\AppData\LocalLow\DataMngr =>PUP.Optional.Datamngr
MOVED folder: C:\Program Files\QuickTime =>Riskware.QuickTime
MOVED folder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime =>Riskware.QuickTime
MOVED folder: C:\windows\Installer\MSI6442.tmp- =>.Superfluous.Empty
MOVED folder: C:\windows\Installer\MSI687.tmp- =>.Superfluous.Empty
MOVED folder: C:\windows\Installer\MSI9C74.tmp- =>.Superfluous.Empty


---\\ Registry ( Key, Value, Data) (7)
DELETED key*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\d10lpsik1i8c69.cloudfront.net [3548] =>.Superfluous.CloudfrontNet
DELETED key*: HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} [ITool] =>Toolbar.Ask
DELETED key*: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector [ProtectorControl Class] =>.Superfluous.MindSpark
DELETED key*: HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1 [ProtectorControl Class] =>.Superfluous.MindSpark
DELETED key*: HKLM\SOFTWARE\Classes\PC2739C7E_FABD_4632_AAD0_F063DFE8F006_.PC2739C7E_FABD_4632_AAD0_F063DFE8F006_ [bestadblocker] =>PUP.Optional.BestADBlocker
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.] =>Heuristic.Suspect
DELETED key*: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\PCBooster.exe [C:\Program Files\inKline Global\PC Booster\PCBooster.exe] =>.Superfluous.Energize


---\\ Summary of the elements found (15)
https://www.anti-malware.top/2016/06/09/pirate-de-serveur-proxy-hijacker-proxy/ =>Hijacker.Proxy
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.SimpleSearches
https://nicolascoolman.eu/2017/01/20/logiciels-superflus/ =>.Superfluous.Empty
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS
https://www.anti-malware.top/2016/08/02/superfluous-linkury/ =>.Superfluous.Linkury
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>Hijacker.Browser [https://epicunitscan.info/00service/update2/crx]
https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider
https://www.nicolascoolman.com/fr/pup-datamngr/ =>PUP.Optional.Datamngr
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/02/02/superfluous-cloudfrontnet/ =>.Superfluous.CloudfrontNet
https://www.anti-malware.top/2016/09/22/toolbar-ask/ =>Toolbar.Ask
https://nicolascoolman.eu/2017/01/15/superfluous-mindspark/ =>.Superfluous.MindSpark
https://nicolascoolman.eu/2017/01/27/repaquetage-et-infection/ =>PUP.Optional.BestADBlocker
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://www.anti-malware.top/2016/11/06/superfluous-energize/ =>.Superfluous.Energize


---\\ Other deletions. (2)
~ Registry Keys Tracing deleted (1)
~ Remove the old reports ZHPCleaner. (1)


---\\ Result of repair
~ Repair carried out successfully


---\\ Statistics
~ Items scanned : 2257
~ Items found : 0
~ Items cancelled : 0
~ Items repaired : 31


~ End of clean in 00h00mn52s
~====================
ZHPCleaner-[R]-01032017-03_18_10.txt
ZHPCleaner--28022017-20_30_32.txt

Click to expand...

~ Run by MSI CR-460 (Administrator) (2017/02/26 17:29:44)
~ Web: https://www.nicolascoolman.com
~ Blog: https://nicolascoolman.eu/
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\MSI CR-460\Desktop\ZHPDiag.txt
~ Report: C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Starter, 32-bit Service Pack 1 (Build 7601) =>.Microsoft Corporation

---\\ Internet Browsers (2) - 0s
~ GCIE: Google Chrome v56.0.2924.87
~ MSIE: Internet Explorer v11.0.9600.18537

---\\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (1) - 2s
Malwarebytes Anti-Malware version 2.2.1.1043 (Protection)

---\\ System optimization software (1) - 3s
~ CCleaner v5.26 (Optimize)

---\\ Surveillance software (2) - 3s
~ Adobe Flash Player 22 NPAPI (Surveillance)
~ Adobe Reader XI (Surveillance)

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2097.152 MB (56% free) : OK =>.RAM Value
System Restore: Activé (Enable)
System drive C: has 47 GB (15%) free of 305 GB : OK =>.Disk Space

---\\ Connection to the system mode (3) - 0s
~ Computer Name: MSICR-460-PC
~ User Name: MSI CR-460
~ Logged in as Administrator

---\\ Enumeration of the disk units (1) - 0s
~ Drive C: has 47 GB free of 305 GB (System)

---\\ State of the Windows Security Center (23) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (22) - 3s
[MD5.6DDCA324434FFA506CF7DC4E51DB7935] - 29/08/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\windows\Explorer.exe [2972672] =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\windows\System32\Wininit.exe [96256] =>.Microsoft Corporation
[MD5.F4F5123B45BFCFD2F035280FDCB5BBBE] - 12/11/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\windows\System32\wininet.dll [2444800] =>.Microsoft Corporation
[MD5.52449FD429D6053B78AE564DEF303870] - 17/07/2014 - (.Microsoft Corporation - Windows Logon Application.) -- C:\windows\System32\Winlogon.exe [304128] =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.93B49FA857F7036A4EFF32371F6E7391] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation
[MD5.EA9DBD76CE9254C77BAAB4339DD4C4FB] - 08/09/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\windows\System32\drivers\DfsC.sys [81408] =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation
[MD5.6284D46BAA301BEDB9AB7FA7672B2410] - 05/01/2017 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\windows\System32\drivers\MRxSmb.sys [124416] =>.Microsoft Corporation
[MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - 11/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\windows\System32\drivers\netBT.sys [188928] =>.Microsoft Corporation
[MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - 11/01/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\windows\System32\drivers\ntfs.sys [1212352] =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation
[MD5.BB8817D0508DD5EA69C770C8DEF5AB67] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows®

---\\ Task Planned Automatically (3) - 12s
[MD5.1A709A8B23B584115F2CCEEDAD64DE97] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [7173848] (.Activate.) =>.Piriform Ltd®
[MD5.00000000000000000000000000000000] [APT] [Microsoft\Windows\Autochk\Proxy] (...) -- C:\windows\system32\rundll32.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\windows\System32\Tasks\CCleanerSkipUAC [2784] =>.Piriform Ltd®

---\\ Auto loading programs from Registry and folders (2) - 0s
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation

---\\ Process running (3) - 1s
[MD5.0A70F4022EC2E14C159EFC4F69AA2477] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1710464] [PID.1860] =>.Microsoft Corporation®
[MD5.9C879E1C3B27085FB46EFECCD7120D51] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [193408] [PID.1564] =>.Microsoft Corporation®
[MD5.139A1E7AC1479231D95F650ECBD55081] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\MSI CR-460\Desktop\ZHPDiag3.exe [2703872] [PID.828] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (6) - 1s
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dnligehkhogpcngalffdoomehjcbecna] Baboom Search =>.Superfluous.Linkury
G2 - GCE: Preference [User Data\Default] [gehmndecgbcffhmfjkenpamdgechcgpe] Baboom Search =>.Superfluous.Linkury
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] [https://epicunitscan.info/00service/update2/crx] Google Chrome manifest =>Hijacker.Browser
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (7) - 2s
P2 - EXT: (.Microsoft Corporation - The plugin allows you to have a better expe.) -- C:\Program Files\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll =>.Microsoft Corporation®
P2 - EXT FILE: (.Test Pilot - Help make Firefox better by running us.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\testpilot@labs.mozilla.com.xpi =>.Test Pilot
P2 - EXT FILE: (.Google - Default Search.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\searchplugins\Google.xml =>.Google
P2 - EXT FILE: (...) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\searchplugins\WebSearch.xml
P2 - EXT: (...) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\staged
P2 - EXT: (.Riverbed Technology, Inc. - Steelhead Mobile Certificate Manager.) -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla\Firefox\Profiles\n6sg4hyy.default\extensions\SteelheadMobileCertificateManager@riverbed.com =>.Riverbed Technology, Inc.
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_22_0_0_209.dll =>.Adobe Systems Incorporated

---\\ Opera, Plugins,Start,Search (1) - 0s
B2 - EXT: [CinemaP-1.9cV22.08] C:\Users\MSI CR-460\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkadffjmnaiokkdncgdlecdegajoiemi

---\\ Internet Explorer Extensions, Start, Search (14) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/ =>.Bing.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.bing.com/ =>.Bing.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (7) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies []

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

---\\ Browser Helper Object (BHO) (8) - 1s
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office15\OCHelper.dll =>.Microsoft Corporation®
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll =>.Microsoft Corporation®
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL =>.Microsoft Corporation®
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll =>.Oracle America, Inc.®

---\\ Global shortcuts Startup (98) - 18s
O4 - GS\Desktop [Administrator]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Administrator]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Administrator]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Administrator]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Administrator]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Administrator]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [Guest]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [Guest]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [Guest]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [Guest]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [Guest]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [Guest]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Desktop [MSI CR-460]: Documents - Shortcut.lnk . (...) C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Desktop [MSI CR-460]: PDF Password Remover.lnk . (.Tenorshare - PDF Password Remover.) C:\Program Files\PDF Password Remover\PDF Password Remover.exe =>.Tenorshare
O4 - GS\Desktop [MSI CR-460]: Telegram.lnk . (.Telegram Messenger LLP - .) C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop\Telegram.exe {0084CF3F73EDB10D86} =>.Telegram Messenger LLP
O4 - GS\Desktop [MSI CR-460]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\MSI CR-460\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [MSI CR-460]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\Quicklaunch [MSI CR-460]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [MSI CR-460]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\sendTo [MSI CR-460]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe /SendTo =>.Microsoft Corporation
O4 - GS\sendTo [MSI CR-460]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [MSI CR-460]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe --sendto =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\TaskBar [MSI CR-460]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\TaskBar [MSI CR-460]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\Programs [MSI CR-460]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [MSI CR-460]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [MSI CR-460]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\CommonDesktop [Public]: Canon IJ Network Tool.lnk . (.CANON INC. - Canon IJ Network Tool.) C:\Program Files\Canon\Canon IJ Network Tool\CNMNPUT.EXE =>.Canon Inc.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Family Tree Maker 2012.lnk . (.Ancestry.com - Family Tree Maker 2012.) C:\Program Files\Family Tree Maker 2012\FTM.exe
O4 - GS\CommonDesktop [Public]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.exe =>.GRETECH®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: PIXAJOY Editor.lnk . (.Pixajoy - Pixajoy.) C:\Program Files\PIXAJOY Editor\PIXAJOY Editor.exe
O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (...) C:\Program Files\RogueKiller\RogueKiller.exe =>.Adlice®
O4 - GS\Programs [Public]: FileHippo App Manager.lnk . (.Copyright © 2014 - FileHippo.AppManager.) C:\Program Files\FileHippo.com\FileHippo.AppManager.exe =>.Well Known Media Ltd®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\SystemTools [Public]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) C:\windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - .) C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) C:\windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) C:\windows\system32\perfmon.exe /res =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\windows\system32\taskschd.msc /s =>..Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) C:\windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) C:\windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Adobe Reader XI.lnk . (...) C:\windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico =>.Adobe Inc.
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: Microsoft Security Essentials.lnk . (.Microsoft Corporation - Microsoft Security Client User Interface.) C:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) C:\Program Files\Windows Sidebar\sidebar.exe /showgadgets =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: TeamViewer 10.lnk . (.TeamViewer GmbH - TeamViewer 10.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\ProgramsCommon [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) C:\windows\system32\WindowsAnytimeUpgradeUI.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) C:\windows\system32\xpsrchvw.exe =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpNameServer = 192.168.0.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{50C8F833-76C7-43D8-93AB-4E6D4052CA40}: DhcpDomain = domain.name

---\\ Extra protocols (25) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files\Microsoft Office\Office15\MSOSB.DLL =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (114) - 40s
O42 - Logiciel: Adobe Flash Player 22 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 24 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.13) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824157129} =>.Adobe Systems Incorporated
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- {4555BB9E-E715-4260-A178-E8EFD2B653E3} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- {AB398DDB-0E7B-400B-A940-7E61FB91A531} =>.Alcor Micro Corp.
O42 - Logiciel: Alcor Micro USB Card Reader - (.Alcor Micro Corp..) [HKLM] -- AmUStor =>.Alcor Micro Corp.
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {D3694B69-6F8C-42D3-8A0A-EB2AB528C02C} =>.Macrovision Corporation®
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} =>.Atheros Communications Inc.®
O42 - Logiciel: AVG PC TuneUp 2015 (en-US) - (.AVG Technologies.) [HKLM] -- {4AC74ED1-719B-46DA-8B8A-340FBF892291} =>.AVG Technologies
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter =>.Broadcom Corporation®
O42 - Logiciel: Canon IJ Network Scanner Selector EX - (..) [HKLM] -- Canon_IJ_Network_Scanner_Selector_EX =>.Canon Inc.®
O42 - Logiciel: Canon IJ Network Tool - (.Canon Inc..) [HKLM] -- Canon_IJ_Network_UTILITY =>.Canon Inc.®
O42 - Logiciel: Canon MX420 series MP Drivers - (.Canon Inc..) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX420_series =>.Canon Inc.®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] -- Cisco AnyConnect Secure Mobility Client =>.Cisco Systems, Inc.®
O42 - Logiciel: Cisco AnyConnect Secure Mobility Client - (.Cisco Systems, Inc..) [HKLM] -- {F63E747C-5B51-4A6E-9413-BF258F4653F3} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} =>.Cisco Systems, Inc.
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} =>.Cisco Systems, Inc.
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} =>.CyberLink®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] -- {1CB0993B-1CD4-4A18-9C85-9732AFD9843F}
O42 - Logiciel: Family Tree Maker 2012 - (.Ancestry.com, Inc..) [HKLM] -- Family Tree Maker 2012
O42 - Logiciel: FileHippo App Manager - (.FileHippo.com.) [HKLM] -- FileHippo.com =>.FileHippo.com
O42 - Logiciel: FlashGet3.7 - (.http://www.FlashGet.com.) [HKLM] -- FlashGet3.7 =>.http://www.FlashGet.com
O42 - Logiciel: FormatFactory 2.20 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Photos Backup - (.Google, Inc..) [HKCU] -- Google Photos Backup =>.Google, Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc.
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM] -- {4CEEE5D0-F905-4688-B9F9-ECC710507796} =>.HTC Corporation
O42 - Logiciel: HTC Sync Manager - (.HTC.) [HKLM] -- {231D0C79-98A6-4693-A366-36DE7D7346EC} =>.HTC
O42 - Logiciel: ImagXpress - (.Nero AG.) [HKLM] -- {A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D} =>.Nero AG
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: Java 8 Update 121 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F32180121F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
O42 - Logiciel: K-Lite Codec Pack 8.3.2 (Full) - (.KLite Inc.) [HKLM] -- KLiteCodecPack_is1 =>.KLite Inc
O42 - Logiciel: Lenovo_Wireless_Driver - (.Lenovo.) [HKLM] -- {28ABE740-47F3-441B-9437-852F6A64EFF8} =>.Macrovision Corporation®
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Master PDF Editor 2.1.65 - (.Code Industry Ltd..) [HKLM] -- Master PDF Editor 2.1.65_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} =>.Microsoft Corporation
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {50816F92-1652-4A7C-B9BC-48F682742C4B} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0015-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0117-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] -- {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0090-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0016-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00BA-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0044-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-00A1-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001A-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0018-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0019-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0054-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-0051-0000-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Visio Professional 2013 - (.Microsoft Corporation.) [HKLM] -- Office15.VISPRO =>.Microsoft Corporation®
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM] -- {90150000-001B-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: My Photo Creations (Photobookmart Edition) - (.Digilabs.) [HKLM] -- {111FC0F4-F93D-4FB1-A91D-B0258A8A1BA5}
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: PDF Password Remover - (.Tenorshare, Inc..) [HKLM] -- PDF Password Remover =>.Tenorshare, Inc.
O42 - Logiciel: PDFill PDF Editor with FREE Writer and FREE Tools - (.PlotSoft LLC.) [HKLM] -- {D1399216-81B2-457C-A0F7-73B9A2EF6902} =>.PlotSoft LLC
O42 - Logiciel: Photobook Designer - (.Photobook Malaysia.) [HKCU] -- Photobook Designer
O42 - Logiciel: Pismo File Mount Audit Package - (..) [HKLM] -- PismoFileMountAuditPackage =>.Pismo Technic Inc.®
O42 - Logiciel: PIXAJOY Editor - (.Pixajoy.) [HKCU] -- PIXAJOY Editor
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek USB 2.0 Reader Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {62BBB2F0-E220-4821-A564-730807D2C34D} =>.Realtek Semiconductor Corp®
O42 - Logiciel: REALTEK Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {9D3D8C60-A55F-4123-B2B9-173F09590E16} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Riverbed Steelhead Mobile - (.Riverbed Technology, Inc..) [HKLM] -- {09D86FD5-EA7E-4072-997F-4E88AE25ACA2} =>.Riverbed Technology, Inc.
O42 - Logiciel: RogueKiller version 12.9.8.0 - (.Adlice Software.) [HKLM] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice®
O42 - Logiciel: S-Bar - (.MSI.) [HKLM] -- {4E18A842-A084-46E0-81BA-31C7EB96B26C} =>.MSI
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer =>.TeamViewer®
O42 - Logiciel: Telegram Desktop version 0.10.19 - (.Telegram Messenger LLP.) [HKCU] -- {53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1 =>.Telegram Messenger LLP
O42 - Logiciel: TuneUp Utilities 2014 (en-US) - (.TuneUp Software.) [HKLM] -- {14C8CE46-C68C-461B-BCA9-E276A85851C6} =>.TuneUp Software
O42 - Logiciel: Update for Skype for Business 2015 (KB3039776) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Update for Skype for Business 2015 (KB3161988) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{245EB15F-A90C-422B-9D3F-3AEEDF028CCC} =>.Microsoft Corporation®
O42 - Logiciel: Uplayer - (.D-LINK CORPORATION.) [HKLM] -- {246F5A8A-ADB1-4ED9-BE01-C4118E7DB3A5} =>.D-Link Corporation
O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} =>.AVG Technologies CZ, s.r.o.
O42 - Logiciel: VNC Enterprise Edition E4.5.1 - (.RealVNC Ltd..) [HKLM] -- RealVNC_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Mirror Driver 1.8.0 - (.RealVNC Ltd..) [HKLM] -- VNCMirror_is1 =>.RealVNC Ltd.
O42 - Logiciel: VNC Printer Driver 1.6.0 - (.RealVNC Ltd..) [HKLM] -- VNCPrinter_is1 =>.RealVNC Ltd.
O42 - Logiciel: WD Drive Utilities - (.Western Digital Technologies, Inc..) [HKLM] -- {E61CFDDA-40DD-4400-95CA-12819C50B5C2} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] -- {429a42d7-4c55-44d4-b38a-5872a0d70495} =>.Western Digital Technologies, Inc.®
O42 - Logiciel: WD Security - (.Western Digital Technologies, Inc..) [HKLM] -- {F1D5FC88-4EE0-4D0B-917B-60E930142FB9} =>.Western Digital Technologies, Inc.
O42 - Logiciel: WD SES Driver Setup - (.Western Digital.) [HKLM] -- {924A274D-38B6-4930-8859-F3F51CFA8DDD} =>.Western Digital
O42 - Logiciel: WD SmartWare - (.Western Digital Technologies, Inc..) [HKLM] -- {6EE644CD-FC7F-424C-83EA-9C0285C4FB7F} =>.Western Digital Technologies, Inc.
O42 - Logiciel: Win7codecs - (.Shark007.) [HKLM] -- {8C0CAA7A-3272-4991-A808-2C7559DE3409} =>.Shark007
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM] -- {CCF298AF-9CE1-4B26-B251-486E98A34789} =>.Microsoft Corporation
O42 - Logiciel: Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) - (.ENE.) [HKLM] -- 7F523D4F8E191139525DC0260B06BF68E4E581EE =>.ENE Technology Inc.®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] -- 5B1D8E9CE6F89F5466353F3E5A7084A126505FEA =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5s32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] -- 261F972493946CC8B32688E5247ADD2EE612DEB9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (03/18/2010 13.2.0.30) - (.Intel.) [HKLM] -- DA556C9045FE4065F487AF1C9B3992A6AD4C8A66 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Intel (NETw5v32) net (09/15/2009 13.0.0.107) - (.Intel.) [HKLM] -- FB8C5A1BB9B0EB1DBE21E5BBBF6942439C4FB2F9 =>.Microsoft Windows®
O42 - Logiciel: Windows Driver Package - Ralink (netr28u) Net (11/13/2009 3.00.09.0000) - (.Ralink.) [HKLM] -- AB8CA567F16EA6E1DF917E5D13C2A15AD9BB4B14 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Ralink Technology, Corp. (netr28) Net (02/09/2010 - (.Ralink Technology, Corp..) [HKLM] -- DA9E83E3434B0A377F6C3573D30A3E6E692E31F2 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} =>.Microsoft Corporation
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- Windows Media Encoder 9 =>.Microsoft Corporation
O42 - Logiciel: WinRAR archiver - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH
O42 - Logiciel: WinZip 15.0 - (.WinZip Computing, S.L..) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240BE} =>.WinZip Computing, S.L.

---\\ HKCU & HKLM Software Keys (134) - 40s
HKLM\SOFTWARE\121_31
HKLM\SOFTWARE\<company>
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\Ancestry.com
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Atheros =>.Qualcomm Atheros
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Avg =>.AVG Software
HKLM\SOFTWARE\BCL Technologies =>.BCL Technologies
HKLM\SOFTWARE\Broadcom =>.Broadcom
HKLM\SOFTWARE\Canon =>.Canon
HKLM\SOFTWARE\Caphyon =>.Caphyon
HKLM\SOFTWARE\CBSTEST =>.CBS Test
HKLM\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKLM\SOFTWARE\CyberLink =>.CyberLink Corporation
HKLM\SOFTWARE\DivXNetworks =>.DivXNetworks
HKLM\SOFTWARE\FlashGet Network
HKLM\SOFTWARE\Gabest =>.Gabest
HKLM\SOFTWARE\GEAR Software =>.GEAR Software
HKLM\SOFTWARE\GNU =>.GNU
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\GRETECH =>.Gretech
HKLM\SOFTWARE\HaaliMkx =>.Haali Media
HKLM\SOFTWARE\HTC =>.HTC
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\inKline Global
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\Internet Download Manager =>.Tonec Inc
HKLM\SOFTWARE\InterVideo =>.InterVideo
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\KLCodecPack =>.KLite Inc
HKLM\SOFTWARE\LAV =>.LAV Inc
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\McAfee.com =>.McAfee Inc.
HKLM\SOFTWARE\MimarSinan =>.Mimar Sinan
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\MSI =>.MSI
HKLM\SOFTWARE\Nero =>.Ahead Corporation
HKLM\SOFTWARE\Nico Mak Computing =>.Nico Mak Computing
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\PlotSoft =>.PlotSoft
HKLM\SOFTWARE\PocketSoft
HKLM\SOFTWARE\PS
HKLM\SOFTWARE\Realtek =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Realtek Semiconductor Corp. =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\RealVNC =>.RealVNC
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\Riverbed
HKLM\SOFTWARE\RTLSetup =>.Realtek Semiconductor Corp.
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\StarterBackgroundChanger
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\TuneUp =>.TuneUp
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\WDPA =>.WDPA
HKLM\SOFTWARE\webroot =>.Webroot
HKLM\SOFTWARE\Western Digital =>.Western Digital
HKLM\SOFTWARE\WinRAR =>.WinRAR
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Ancestry.com
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\ASProtect =>.ASPack Software
HKCU\SOFTWARE\Avg =>.AVG Software
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BugSplat =>.Bugsplat Game
HKCU\SOFTWARE\Canon =>.Canon
HKCU\SOFTWARE\CanonBJ =>.Canon Inc.
HKCU\SOFTWARE\Caphyon =>.Caphyon
HKCU\SOFTWARE\CDDB =>.Cddb Software
HKCU\SOFTWARE\Cisco =>.Cisco Systems, Inc.
HKCU\SOFTWARE\Code Industry
HKCU\SOFTWARE\CyberLink =>.CyberLink Corporation
HKCU\SOFTWARE\dlink
HKCU\SOFTWARE\DownloadManager =>.DownloadManager
HKCU\SOFTWARE\FileHippo.com =>.FileHippo.com
HKCU\SOFTWARE\FileOpen =>.FileOpen Systems Inc.
HKCU\SOFTWARE\FreeTime =>.FreeTime Inc
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\GNU =>.GNU
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\GRETECH =>.Gretech
HKCU\SOFTWARE\HTC =>.HTC
HKCU\SOFTWARE\ihelper =>.Legitimate
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\InstallPath =>.Legitimate
HKCU\SOFTWARE\Intel =>.Intel
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Lake =>.Lake Sofware
HKCU\SOFTWARE\LAV =>.LAV Inc
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\McAfee =>.McAfee Inc.
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\MSI =>.MSI
HKCU\SOFTWARE\Nero =>.Ahead Corporation
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nitro =>.Nitro
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\pdfconverter.com =>.pdfconverter.com
HKCU\SOFTWARE\Photobook Designer
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\PIXAJOY Editor
HKCU\SOFTWARE\PlotSoft =>.PlotSoft
HKCU\SOFTWARE\pocketsoft
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\RealVNC =>.RealVNC
HKCU\SOFTWARE\Riverbed
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\TeamViewer =>.TeamViewer
HKCU\SOFTWARE\Teiron =>.Teiron
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TuneUp =>.TuneUp
HKCU\SOFTWARE\Western Digital =>.Western Digital
HKCU\SOFTWARE\WinRAR =>.WinRAR
HKCU\SOFTWARE\WinRAR SFX =>.RarLab
HKCU\SOFTWARE\Yahoo =>.Yahoo! Inc.
HKCU\SOFTWARE\ZHP =>.Nicolas Coolman
HKCU\SOFTWARE\AppDataLow\Software =>.Microsoft Corporation
HKCU\SOFTWARE\AppDataLow\Software\cegcejuhat
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Yahoo =>.Yahoo! Inc.

---\\ Contents of the Common Files folders (327) - 38s
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\AmIcoSingLun =>.Alcor Micro Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Ashampoo =>.Ashampoo GmbH
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\Atheros =>.Qualcomm Atheros
O43 - CFD: 07/07/2015 - [] D -- C:\Program Files\AVG =>.AVG Software
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\BCL Technologies =>.BCL Technologies
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Broadcom =>.Broadcom Corporation®
O43 - CFD: 28/10/2016 - [] D -- C:\Program Files\Canon =>.Canon Inc.®
O43 - CFD: 28/10/2016 - [] HD -- C:\Program Files\CanonBJ =>.Canon Inc.
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\Code Industry
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\CyberLink =>.CyberLink Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\DIFX =>.Microsoft Corporation
O43 - CFD: 04/02/2017 - [0] D -- C:\Program Files\DownloadYoutubeIE
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\DVD Maker =>.Aone Software
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\Family Tree Maker 2012 {0617082F262673EB00DF1F193DE22525}
O43 - CFD: 09/10/2016 - [] D -- C:\Program Files\FileHippo.com =>.Well Known Media Ltd®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\FlashGet Network =>.FlashGet
O43 - CFD: 21/08/2012 - [] D -- C:\Program Files\FreeTime =>.FreeTime
O43 - CFD: 09/10/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\GRETECH =>.GRETECH®
O43 - CFD: 17/12/2016 - [] D -- C:\Program Files\GUM8A16.tmp =>.Google Inc®
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\HTC =>.HTC
O43 - CFD: 12/09/2015 - [] D -- C:\Program Files\inKline Global
O43 - CFD: 12/09/2015 - [] HD -- C:\Program Files\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 24/07/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc
O43 - CFD: 17/12/2016 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Program Files\IObit =>.IObit
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Java =>.Oracle
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Lenovo =>.Lenovo
O43 - CFD: 30/10/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Analysis Services =>.Microsoft Corporation
O43 - CFD: 21/09/2013 - [] D -- C:\Program Files\Microsoft Application Virtualization Client =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 05/02/2017 - [] D -- C:\Program Files\Microsoft Security Client =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Sync Framework =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\Microsoft Synchronization Services =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\MSECache =>.Microsoft Corporation
O43 - CFD: 02/09/2012 - [0] D -- C:\Program Files\MSXML 4.0 =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - [] D -- C:\Program Files\My Photo Creations (Photobookmart Edition) {00B0948F9E29EED75E31BAF47F5061A0D3}
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\Nero =>.Ahead Corporation
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\OpenOffice.org 3 =>.SourceForge
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\Opera =>.Opera Software
O43 - CFD: 03/09/2016 - [] D -- C:\Program Files\PDF Password Remover
O43 - CFD: 25/12/2013 - [] D -- C:\Program Files\Photobook Designer
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files\Pismo File Mount Audit Package =>.Pismo Technic Inc.®
O43 - CFD: 11/10/2014 - [] D -- C:\Program Files\PIXAJOY Editor
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\PlotSoft =>.PlotSoft
O43 - CFD: 29/09/2013 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\REALTEK PCIE Wireless LAN Driver =>.Realtek Semiconductor Corp.
O43 - CFD: 22/06/2014 - [] D -- C:\Program Files\RealVNC =>.RealVNC
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\Program Files\Riverbed
O43 - CFD: 26/02/2017 - [] D -- C:\Program Files\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - [] D -- C:\Program Files\S-Bar
O43 - CFD: 24/05/2015 - [] D -- C:\Program Files\Save my Tabs
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Sidewise Tree Style Tabs
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\Spirent Communications =>.Spirent Communications
O43 - CFD: 31/01/2014 - [] D -- C:\Program Files\StarterBackgroundChanger
O43 - CFD: 20/10/2015 - [] D -- C:\Program Files\TeamViewer =>.TeamViewer®
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Program Files\Western Digital =>.Western Digital Technologies, Inc.®
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\Win7codecs =>.Shark007
O43 - CFD: 14/07/2013 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\Windows Media Components =>.Microsoft Corporation®
O43 - CFD: 07/12/2016 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Program Files\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\WinZip =>.WinZip Computing®
O43 - CFD: 21/08/2016 - [0] D -- C:\Program Files\Yahoo! =>.Yahoo!
O43 - CFD: 08/09/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX420 series
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities =>.Canon Inc.
O43 - CFD: 21/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform Ltd
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 28/02/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam =>.CyberLink Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashGet3.7
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 12/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player =>.Gretech Corporation
O43 - CFD: 07/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC =>.HTC
O43 - CFD: 28/07/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java =>.Oracle
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack =>.KLite Inc
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 30/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 09/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English) =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 03/02/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Photo Creations (Photobookmart Edition)
O43 - CFD: 31/01/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.1 =>.SourceForge
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFill =>.PlotSoft L.L.C.
O43 - CFD: 25/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobook Designer
O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pismo File Mount Audit Package
O43 - CFD: 12/10/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PIXAJOY Editor
O43 - CFD: 29/09/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealVNC =>.RealVNC
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller =>.Adlice
O43 - CFD: 13/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S-Bar
O43 - CFD: 16/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint =>.Microsoft Corporation
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shark007 Codecs =>.Shark007
O43 - CFD: 21/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steelhead Mobile
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live =>.Microsoft Corporation
O43 - CFD: 18/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip =>.WinZip
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 =>.GEAR Software, Inc.
O43 - CFD: 14/03/2015 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\AmUStor =>.Alocr Micro
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\ashampoo =>.Ashampoo GmbH
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\Atheros =>.Qualcomm Atheros
O43 - CFD: 03/01/2013 - [] D -- C:\ProgramData\AutoKMS =>HackTool.AutoKMS
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\AVG =>.AVG Software
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\AVG2015 =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\ProgramData\Avg_Update_0215pit =>.AVG Software
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\Avira =>.Avira Software
O43 - CFD: 30/06/2012 - [] D -- C:\ProgramData\boost_interprocess =>.boost.org
O43 - CFD: 28/10/2016 - [0] D -- C:\ProgramData\Canon IJ Network Tool =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] HD -- C:\ProgramData\CanonBJ =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] HD -- C:\ProgramData\CanonIJFAX =>.Canon Inc.
O43 - CFD: 28/10/2016 - [] D -- C:\ProgramData\CanonIJWSpt =>.Canon Inc.
O43 - CFD: 22/06/2014 - [] D -- C:\ProgramData\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\CismaUva
O43 - CFD: 04/03/2013 - [] HD -- C:\ProgramData\Common Files =>.Microsoft Corporation
O43 - CFD: 19/05/2012 - [] D -- C:\ProgramData\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 05/10/2013 - [] D -- C:\ProgramData\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 09/10/2016 - [] D -- C:\ProgramData\Google =>.Google
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - [] D -- C:\ProgramData\HTC =>.HTC
O43 - CFD: 21/10/2015 - [] D -- C:\ProgramData\IObit =>.IObit
O43 - CFD: 21/03/2015 - [] D -- C:\ProgramData\IsolatedStorage =>.id Software
O43 - CFD: 12/09/2015 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 21/10/2015 - [] D -- C:\ProgramData\MFAData =>.AVG Software
O43 - CFD: 21/11/2016 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\Microsoft Toolkit =>.Microsoft Corporation
O43 - CFD: 31/01/2014 - [] D -- C:\ProgramData\Nero =>.Ahead Corporation
O43 - CFD: 25/05/2013 - [] D -- C:\ProgramData\Nitro =>.Nitro
O43 - CFD: 04/02/2017 - [] D -- C:\ProgramData\Oracle =>.Oracle
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Package Cache =>.Microsoft Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\PDVD =>.PDVD
O43 - CFD: 14/11/2014 - [0] D -- C:\ProgramData\PlotSoft =>.PlotSoft
O43 - CFD: 21/08/2016 - [] D -- C:\ProgramData\ProductData =>.Microsoft Corporation
O43 - CFD: 09/09/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft =>.Microsoft Corporation
O43 - CFD: 02/11/2014 - [] D -- C:\ProgramData\Riverbed
O43 - CFD: 26/02/2017 - [] D -- C:\ProgramData\RogueKiller =>.Adlice
O43 - CFD: 09/10/2016 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 09/07/2015 - [0] D -- C:\ProgramData\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\TuneUp Software =>.TuneUp Software
O43 - CFD: 04/05/2012 - [] D -- C:\ProgramData\VirtualizedApplications =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] D -- C:\ProgramData\Win7codecs =>.Shark007
O43 - CFD: 27/02/2012 - [] D -- C:\ProgramData\WinZip =>.WinZip
O43 - CFD: 07/10/2015 - [] HD -- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
O43 - CFD: 14/03/2015 - [] D -- C:\Program Files\Common Files\Adobe =>.Adobe
O43 - CFD: 07/09/2015 - [0] D -- C:\Program Files\Common Files\AV =>.Avast
O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/09/2015 - [] D -- C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Common Files\Intel =>.Intel Corporation
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files\Common Files\IObit =>.IObit
O43 - CFD: 04/02/2017 - [] D -- C:\Program Files\Common Files\Java =>.Oracle
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 07/02/2015 - [] D -- C:\Program Files\Common Files\Nero =>.Ahead Corporation
O43 - CFD: 27/02/2012 - [] D -- C:\Program Files\Common Files\postureAgent =>.Microsoft Corporation
O43 - CFD: 30/10/2014 - [] D -- C:\Program Files\Common Files\PS
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Common Files\System =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Program Files\Common Files\Western Digital =>.Western Digital
O43 - CFD: 28/02/2012 - [] D -- C:\Program Files\Common Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 25/02/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 07/07/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\AVG2015 =>.AVG Software
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\BITS =>.BITS
O43 - CFD: 21/11/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\BitTorrent
O43 - CFD: 28/10/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Canon =>.Canon
O43 - CFD: 19/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\CyberLink =>.CyberLink Corporation
O43 - CFD: 14/10/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\dlink
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\DMCache =>.DMCache
O43 - CFD: 27/11/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FamilyTreeMaker
O43 - CFD: 05/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FileOpen =>.FileOpen Systems Inc.
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\FlashGet =>.FlashGet
O43 - CFD: 08/07/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Google =>.Google
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\GRETECH =>.Gretech
O43 - CFD: 07/02/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\HTC =>.HTC
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\IDM =>.IDM
O43 - CFD: 25/08/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ihelper
O43 - CFD: 06/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ILOVEPHOTOBOOK v2.5.4
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\IObit =>.IObit
O43 - CFD: 23/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 21/03/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\Media Player Classic =>.Microsoft Corporation
O43 - CFD: 28/08/2016 - [] SD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nero =>.Ahead Corporation
O43 - CFD: 05/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nitro =>.Nitro
O43 - CFD: 27/11/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Nitro PDF =>.Nitro PDF
O43 - CFD: 22/08/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 11/10/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 01/01/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Photobook Designer
O43 - CFD: 12/10/2013 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\PIXAJOY Editor
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ProductData =>.Microsoft Corporation
O43 - CFD: 22/06/2014 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\RealVNC =>.RealVNC
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\RGE
O43 - CFD: 18/09/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Skype =>.Skype
O43 - CFD: 28/10/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 08/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Sun =>.Oracle
O43 - CFD: 21/06/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 04/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 13/04/2012 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\TP =>.TP
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\TuneUp Software =>.TuneUp Software
O43 - CFD: 21/03/2015 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\uTorrent
O43 - CFD: 16/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\WinRAR =>.WinRAR
O43 - CFD: 26/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 04/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Local\Adobe =>.Adobe
O43 - CFD: 18/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Ancestry.com
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 07/02/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 03/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Avg2015 =>.AVG Software
O43 - CFD: 24/12/2013 - [] D -- C:\Users\MSI CR-460\AppData\Local\cache =>.Legitimate
O43 - CFD: 22/06/2014 - [] D -- C:\Users\MSI CR-460\AppData\Local\Cisco =>.Cisco Systems, Inc.
O43 - CFD: 19/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\CyberLink =>.CyberLink Corporation
O43 - CFD: 26/02/2017 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Diagnostics =>.Microsoft Corporation
O43 - CFD: 28/06/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Downloaded Installations =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [0] D -- C:\Users\MSI CR-460\AppData\Local\ElevatedDiagnostics =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieBrowserModeList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieSiteList =>.Enterprise mode Site List Mgr
O43 - CFD: 07/07/2015 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\EmieUserList =>.Enterprise mode Site List Mgr
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Google =>.Google
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 08/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\HTC MediaHub =>.HTC MediaHub
O43 - CFD: 18/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\IsolatedStorage =>.id Software
O43 - CFD: 11/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 14/11/2014 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Master PDF Editor =>.CAD-KAS Software
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\MFAData =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 21/08/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 01/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 13/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\MSI =>.MSI
O43 - CFD: 22/08/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Programs =>.Microsoft Corporation
O43 - CFD: 21/03/2015 - [0] D -- C:\Users\MSI CR-460\AppData\Local\RealVNC =>.RealVNC
O43 - CFD: 01/05/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 26/02/2017 - [] D -- C:\Users\MSI CR-460\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 13/04/2012 - [0] SHD -- C:\Users\MSI CR-460\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\Users\MSI CR-460\AppData\Local\TuneUp Software =>.TuneUp Software
O43 - CFD: 20/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 07/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Western Digital =>.Western Digital
O43 - CFD: 07/09/2015 - [] D -- C:\Users\MSI CR-460\AppData\Local\Western_Digital_Technolog =>.Western Digital Technologies
O43 - CFD: 30/10/2014 - [0] D -- C:\Users\MSI CR-460\AppData\Local\Programs\Common =>.Microsoft Corporation
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Local\Programs\Google =>.Google
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 24/11/2016 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 21/08/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory =>.FormatFactory
O43 - CFD: 23/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup =>.Google Inc.
O43 - CFD: 28/07/2016 - [0] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager =>.Tonec Inc
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 03/09/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Password Remover
O43 - CFD: 24/11/2016 - [] RD -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 28/07/2016 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop =>.Telegram Messenger LLP
O43 - CFD: 03/07/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool =>.Microsoft Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\Users\MSI CR-460\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR =>.WinRAR
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 02/05/2012 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Default User\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 07/07/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Avg =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Avg2015 =>.AVG Software
O43 - CFD: 25/02/2013 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Google =>.Google
O43 - CFD: 27/02/2012 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\MediaServer =>.MediaServer
O43 - CFD: 07/06/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\MFAData =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft Corporation
O43 - CFD: 24/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Local\TuneUp Software =>.TuneUp Software
O43 - CFD: 01/07/2012 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 07/07/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\AVG =>.AVG Software
O43 - CFD: 23/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\AVG2015 =>.AVG Software
O43 - CFD: 08/09/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\IObit =>.IObit
O43 - CFD: 24/05/2015 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\McAfee =>.McAfee
O43 - CFD: 28/02/2012 - [] SD -- C:\windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft Corporation
O43 - CFD: 25/02/2017 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\SoftGrid Client =>.Microsoft Corporation
O43 - CFD: 06/10/2014 - [] D -- C:\windows\System32\Config\systemprofile\AppData\Roaming\TuneUp Software =>.TuneUp Software

---\\ ShellIconOverlayIdentifiers (SIOI) (10) - 0s
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

---\\ ShareTools MSconfig StartupReg (1) - 0s
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe =>.Microsoft Corporation

---\\ System Drivers List (89) - 75s
O58 - SDL:2013/08/31 01:51:25 RA . (.Cisco Systems, Inc. - Cisco AnyConnect Kernel Driver Framework So.) -- C:\windows\System32\drivers\acsock.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\System32\drivers\adp94xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\System32\drivers\adpahci.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\System32\drivers\adpu320.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\System32\drivers\aliide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\System32\drivers\amdsata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\windows\System32\drivers\amdsbs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\System32\drivers\amdxata.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\System32\drivers\arc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\System32\drivers\arcsas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/06/26 21:37:12 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\windows\System32\drivers\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2015/08/04 11:33:00 A . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) -- C:\windows\System32\drivers\avgtdix.sys [92112] =>.AVG Technologies CZ, s.r.o.®
O58 - SDL:2009/07/14 02:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\windows\System32\drivers\b57nd60x.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\windows\System32\drivers\BrFiltLo.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 02:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\windows\System32\drivers\BrFiltUp.sys [92112] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 04:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\windows\System32\drivers\BrSerId.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\System32\drivers\BrSerWdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\System32\drivers\BrUsbMdm.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\System32\drivers\BrUsbSer.sys [92112] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\System32\drivers\bxvbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2010/08/20 22:49:06 A . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\windows\System32\drivers\clwvd.sys [92112] =>.CyberLink®
O58 - SDL:2009/07/14 05:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\System32\drivers\cmdide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2010/11/11 10:11:08 A . (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) -- C:\windows\System32\drivers\diskperf.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 05:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\System32\drivers\djsvs.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\windows\System32\drivers\elxstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\System32\drivers\evbdx.sys [92112] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\windows\System32\drivers\hcw85cir.sys [92112] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/10/20 04:33:40 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\windows\System32\drivers\HECI.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\windows\System32\drivers\HpSAMD.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/17 11:27:02 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\windows\System32\drivers\htcnprot.sys [92112] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2009/10/27 07:01:06 A . (.QUALCOMM Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\HtcVComV32.sys [92112] =>.QUALCOMM Incorporated
O58 - SDL:2015/09/08 08:52:09 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\windows\System32\drivers\HWiNFO32.SYS [92112] =>.Martin Malik - REALiX®
O58 - SDL:2011/03/11 09:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\System32\drivers\iaStorV.sys [92112] =>.Microsoft Windows®
O58 - SDL:2012/01/27 04:48:06 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\windows\System32\drivers\idmwfp.sys [92112] =>.Tonec Inc.®
O58 - SDL:2012/03/19 19:27:04 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\System32\drivers\igdkmd32.sys [92112] =>.Intel Corporation
O58 - SDL:2009/07/14 05:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\System32\drivers\iirsp.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/30 12:11:38 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\windows\System32\drivers\IntcDAud.sys [92112] =>.Intel(R) Corporation
O58 - SDL:2010/07/28 20:25:02 A . (.Initio Corporation - Initio Default Vendor Specific Device Drive.) -- C:\windows\System32\drivers\ivusb.sys [92112] =>.Initio Corporation®
O58 - SDL:2010/10/21 10:57:18 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\windows\System32\drivers\L1C62x86.sys [92112] =>.Atheros Communications Inc.®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\System32\drivers\lsi_fc.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\System32\drivers\lsi_scsi.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\mbam.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\windows\System32\drivers\mbamchameleon.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2017/02/04 07:54:26 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\MBAMSwissArmy.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\megasas.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\System32\drivers\MegaSR.sys [92112] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:04 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\windows\System32\drivers\mwac.sys [92112] =>.Malwarebytes Corporation®
O58 - SDL:2009/11/14 05:44:34 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\windows\System32\drivers\netr28u.sys [92112] =>.Ralink Technology Corp.
O58 - SDL:2009/07/14 05:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\System32\drivers\nfrd960.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\System32\drivers\nvraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2011/03/11 09:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\System32\drivers\nvstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/07/01 01:56:32 A . (.Pismo Technic Inc. - System Extension - Pismo File Mount.) -- C:\windows\System32\drivers\pfmfs_178.sys [92112] =>.Pismo Technic Inc.®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\System32\drivers\ql2300.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\System32\drivers\ql40xx.sys [92112] =>.Microsoft Windows®
O58 - SDL:2013/10/07 12:36:30 A . (.Riverbed Technology, Inc - Steelhead Mobile Client.) -- C:\windows\System32\drivers\rbtnfd.sys [92112]
O58 - SDL:2011/06/10 02:34:52 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\windows\System32\drivers\Rt86win7.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/01/04 21:08:58 A . (.Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) -- C:\windows\System32\drivers\rtl8192ce.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/03/15 14:09:16 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\windows\System32\drivers\RtsUVStor.sys [92112] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/14 00:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\windows\System32\drivers\secdrv.sys [92112] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\System32\drivers\sisraid2.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\System32\drivers\sisraid4.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 05:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\windows\System32\drivers\stexstor.sys [92112] =>.Microsoft Windows®
O58 - SDL:2017/02/26 16:10:05 A . (...) -- C:\windows\System32\drivers\TrueSight.sys [92112] =>.Adlice®
O58 - SDL:2017/02/25 12:40:53 A . (.Zaitsev Oleg, 2006 - AVZGuard Driver.) -- C:\windows\System32\drivers\ujiyodk3.sys [92112]
O58 - SDL:2012/12/13 10:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\windows\System32\drivers\usbaapl.sys [92112] =>.Apple, Inc.
O58 - SDL:2017/02/05 13:40:58 A . (.Zaitsev Oleg, Copyright (C) 2004-2006 - AVZ Driver.) -- C:\windows\System32\drivers\utiyodk3.sys [92112]
O58 - SDL:2009/07/14 05:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\System32\drivers\viaide.sys [92112] =>.Microsoft Windows®
O58 - SDL:2009/07/24 20:21:14 A . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\windows\System32\drivers\vncmirror.sys [92112] =>.RealVNC Ltd.
O58 - SDL:2013/08/31 01:53:13 A . (.Cisco Systems, Inc. - Cisco AnyConnect Secure Mobility Client Vir.) -- C:\windows\System32\drivers\vpnva-6.sys [92112] =>.Cisco Systems, Inc.®
O58 - SDL:2009/07/14 05:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\System32\drivers\vsmraid.sys [92112] =>.Microsoft Windows®
O58 - SDL:2015/04/30 00:01:06 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\windows\System32\drivers\wdcsam.sys [92112] =>.Microsoft Windows Hardware Compatibility Publisher®
O58 - SDL:2009/07/14 01:40:41 A . (...) -- C:\windows\System32\ANSI.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/10/05 21:31:50 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\windows\System32\athr.sys [92112] =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 01:40:44 A . (...) -- C:\windows\System32\country.sys [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:40 A . (...) -- C:\windows\System32\HIMEM.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (...) -- C:\windows\System32\KEY01.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:43 A . (...) -- C:\windows\System32\KEYBOARD.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:23 A . (...) -- C:\windows\System32\NTDOS.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:31 A . (...) -- C:\windows\System32\NTDOS404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:35 A . (...) -- C:\windows\System32\NTDOS411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:39 A . (...) -- C:\windows\System32\NTDOS412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:27 A . (...) -- C:\windows\System32\NTDOS804.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:11 A . (...) -- C:\windows\System32\NTIO.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:15 A . (...) -- C:\windows\System32\NTIO404.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:17 A . (...) -- C:\windows\System32\NTIO411.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:19 A . (...) -- C:\windows\System32\NTIO412.SYS [92112] =>.Microsoft Corporation
O58 - SDL:2009/07/14 01:40:13 A . (...) -- C:\windows\System32\NTIO804.SYS [92112] =>.Microsoft Corporation

---\\ Last modified or created user files (1) - 35s
O61 - LFC: 2017/02/25 12:16:44 A . (.Alex Dragokas.) -- C:\Users\MSI CR-460\Desktop\clearlnk_2.9.0.11.exe [462976]

---\\ File Associations Shell Spawning (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Search Browser Infection (3) - 3s
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ =>.Bing.com
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ =>.Bing.com

---\\ Search Svchost Services (32) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [92112] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [92112] =>.Microsoft Corporation

---\\ Additional Scan (O88) (8) - 0s
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnligehkhogpcngalffdoomehjcbecna =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehmndecgbcffhmfjkenpamdgechcgpe =>.Superfluous.Linkury
C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda =>Hijacker.Browser
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B67BAFBA-4C9F-48FA-9496-933E3B255044} =>Riskware.QuickTime
C:\ProgramData\AutoKMS =>HackTool.AutoKMS

---\\ Summary of the elements found (5) - 0s
https://www.anti-malware.top/2016/08/02/superfluous-linkury/ =>.Superfluous.Linkury
https://nicolascoolman.eu/2017/02/02/hijacker-browser-2/ =>Hijacker.Browser
https://nicolascoolman.eu/2017/01/28/heuristic-suspect/ =>Heuristic.Suspect
https://nicolascoolman.eu/2017/01/15/riskware-quicktime/ =>Riskware.QuickTime
https://nicolascoolman.eu/2017/02/02/hacktool-autokms/ =>HackTool.AutoKMS

~ Unselected Options: O82,
~ End of the scan, 71591 items in 05mn42s (1078)(0)

Click to expand...

Adware Removal Tool 5.1
Time: 2017_03_11_05_27_21
OS: Windows 7 Starter - x86 Bit
Account Name: MSI CR-460
Adware Definition: 03082017.2
Elapsed time: 29:53
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

[-] Deleted ->> File ->> C:\Users\MSI CR-460\Appdata\LocalLow\Microsoft\Internet Explorer\Services\search_{006ee092-9658-4fd6-bd8e-a21a348e59f5}.ico

[-] Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ <RegValue:> DefaultScope <RegData:> {006ee092-9658-4fd6-bd8e-a21a348e59f5} : {006ee092-9658-4fd6-bd8e-a21a348e59f5}

[-] Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ <RegValue:> FaviconPath <RegData:> C:\Users\MSI CR-460\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{006ee092-9658-4fd6-bd8e-a21a348e59f5}.ico : C:\Users\MSI CR-460\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{006ee092-9658-4fd6-bd8e-a21a348e59f5}.ico

[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\ <RegValue:> Default <RegData:> http://feed.snapdo.com/?publisher=S...-9218-1e42-abc7-c2db2a5b1c53&searchtype=ds&q={searchTerms}&installDate=07/12/2013 : http://feed.snapdo.com/?publisher=S...-9218-1e42-abc7-c2db2a5b1c53&searchtype=ds&q={searchTerms}&installDate=07/12/2013

[-] Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\ <RegValue:> DefaultScope <RegData:> {006ee092-9658-4fd6-bd8e-a21a348e59f5} : {006ee092-9658-4fd6-bd8e-a21a348e59f5}

[-] Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ <RegValue:> FaviconPath <RegData:> C:\Users\MSI CR-460\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{006ee092-9658-4fd6-bd8e-a21a348e59f5}.ico : C:\Users\MSI CR-460\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{006ee092-9658-4fd6-bd8e-a21a348e59f5}.ico

[-] Deleted ->> Registry Value Data ->> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchUrl\ <RegValue:> Default <RegData:> http://feed.snapdo.com/?publisher=S...-9218-1e42-abc7-c2db2a5b1c53&searchtype=ds&q={searchTerms}&installDate=07/12/2013 : http://feed.snapdo.com/?publisher=S...-9218-1e42-abc7-c2db2a5b1c53&searchtype=ds&q={searchTerms}&installDate=07/12/2013

[-] Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\ <RegValue:> DefaultScope <RegData:> {006ee092-9658-4fd6-bd8e-a21a348e59f5} : {006ee092-9658-4fd6-bd8e-a21a348e59f5}

[-] Deleted ->> Registry Value Data ->> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ <RegValue:> FaviconPath <RegData:> C:\Users\MSI CR-460\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{006ee092-9658-4fd6-bd8e-a21a348e59f5}.ico : C:\Users\MSI CR-460\AppData\LocalLow\Microsoft\Internet Explorer\Services\search_{006ee092-9658-4fd6-bd8e-a21a348e59f5}.ico

[-] Repaired ->> File ->> C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Web Data

[-] Repaired ->> File ->> C:\Users\MSI CR-460\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

[-] Deleted ->> Registry Key ->> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}

[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

[-] Deleted ->> Registry Key ->> HKEY_CLASSES_ROOT\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}

[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}

[-] Deleted ->> Registry Key ->> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}

Click to expand...