Solved Browsers Crash, Executable files stall or crash

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Status
Not open for further replies.
FRST Fix

Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • Like
Reactions: jmarket
Here are the FRST results...


Fix result of Farbar Recovery Scan Tool (x86) Version: 12-11-2016
Ran by psimoes (15-11-2016 18:56:02) Run:1
Running from C:\Users\psimoes\Desktop
Loaded Profiles: psimoes (Available Profiles: psimoes & torrents & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-02-16] (Google Inc.)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
GroupPolicy: Restriction ? <======= ATTENTION
GroupPolicy\User: Restriction ? <======= ATTENTION
CHR HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1D540E3C-1399-47A6-BADF-78CB0BFC08EB}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{1D540E3C-1399-47A6-BADF-78CB0BFC08EB}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}: [DhcpNameServer] 192.168.2.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-3399307451-3074549587-1771456082-1000] ATTENTION => Default URLSearchHook is missing
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: SnagIt Toolbar Loader -> {00C6482D-C502-44C8-8409-FCE54AD9C208} -> C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll [2008-05-15] (TechSmith Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKLM - SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll [2008-05-15] (TechSmith Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
Toolbar: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-26] (Google Inc.)
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
FF SearchPlugin: C:\Users\psimoes\AppData\Roaming\Mozilla\Firefox\Profiles\9yk1vrhk.default\searchplugins\yahoo-avast.xml [2014-06-17]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3399307451-3074549587-1771456082-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\psimoes\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
CHR StartupUrls: Default -> "hxxps://www.startpage.com/"
CHR Extension: (StartPage Search Engine) - C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\choepknhbopmendmnohbaemeaeemnaom [2016-11-10]
CHR Extension: (HelloSign: Online signatures made easy) - C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajjckmbclbffbpecfbiecehkfgopppd [2015-09-09]
CHR Extension: (Yesware Reports) - C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiciehannidbjakcefendokamkjnolhg [2015-09-09]
CHR Extension: (Google Chrome to Phone Extension [DEPRECATED]) - C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-12-04]
S4 AcrSch2Svc; no ImagePath
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
S3 trufos; C:\Windows\System32\drivers\trufos.sys [343456 2015-06-07] (BitDefender S.R.L.)
U0 aswVmm; no ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S0 tljkva; no ImagePath
S3 Tosrfcom; no ImagePath
S0 wayuia; no ImagePath
2016-11-12 23:25 - 2016-11-12 23:52 - 00000000 ____D C:\ProgramData\F-Secure
2016-11-12 23:25 - 2016-11-12 23:25 - 00000000 ____D C:\Users\psimoes\AppData\Local\F-Secure
2016-11-12 23:06 - 2016-11-12 23:06 - 00524248 _____ (F-Secure Corporation) C:\Users\psimoes\Desktop\F-SecureOnlineScanner.exe
2016-11-12 23:04 - 2016-11-12 23:04 - 06761600 _____ (ESET spol. s r.o.) C:\Users\psimoes\Desktop\esetonlinescanner_enu.exe
2016-11-13 23:47 - 2011-12-25 20:37 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA.job
2016-11-13 17:47 - 2011-12-25 20:37 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core.job
2016-10-21 12:59 - 2012-06-16 00:29 - 00000000 ____D C:\ProgramData\AVAST Software
2015-09-08 15:27 - 2015-09-08 20:18 - 3993600 _____ () C:\Program Files\GUTC12.tmp
2010-02-21 20:14 - 2010-04-02 18:43 - 0000990 ___SH () C:\Users\psimoes\AppData\Roaming\systemfl.$dk
2014-10-13 16:09 - 2014-10-29 03:29 - 0207963 _____ () C:\Users\psimoes\AppData\Local\ars.cache
2014-10-13 16:09 - 2014-10-29 03:29 - 0576849 _____ () C:\Users\psimoes\AppData\Local\census.cache
2010-07-18 20:02 - 2015-05-16 07:08 - 0001356 _____ () C:\Users\psimoes\AppData\Local\d3d9caps.dat
2009-02-16 02:35 - 2011-06-29 21:25 - 0081408 _____ () C:\Users\psimoes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-13 15:55 - 2014-10-13 15:55 - 0000036 _____ () C:\Users\psimoes\AppData\Local\housecall.guid.cache
2014-10-13 16:06 - 2014-10-28 23:31 - 0000010 _____ () C:\Users\psimoes\AppData\Local\sponge.last.runtime.cache
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\VDLL.DLL
C:\Windows\System32\runouce.exe
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{01B48E19-3C98-4B34-B679-86D14E74C2D8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\psimoes\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.30.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.29.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.29.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.28.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{E5F07F0E-C4AE-4AA8-AE7E-FC3DB683977E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\psimoes\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
Task: {0D161987-AD10-4D61-B6AF-08F1AF26C734} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {10F2238D-1EFD-497B-9F82-2ED7F4C95DD0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA => C:\Users\psimoes\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {363B5A23-E3F2-4920-96D6-0FE18DF74777} - System32\Tasks\SafeZone scheduled Autoupdate 1464051125 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {81E48EDE-D2AC-4A54-B5A4-CAC8152C6D87} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core => C:\Users\psimoes\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
C:\Program Files\AVAST Software
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core.job => C:\Users\psimoes\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA.job => C:\Users\psimoes\AppData\Local\Facebook\Update\FacebookUpdate.exe
ShortcutWithArgument: C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Send Anywhere (File Transfer).lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hihbikoooaenkpdooehgemieligjejcb
ShortcutWithArgument: C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\StartPage Search Engine.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=choepknhbopmendmnohbaemeaeemnaom
AlternateDataStreams: C:\ProgramData\TEMP:56AC8DD1 [364]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [118]
HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\imageres.dll,-68 <===== ATTENTION
Hosts:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state Off
RemoveProxy:
CMD: ipconfig /flushdns
Emptytemp:
reboot:
end

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value removed successfully.
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => value not found.
HKCR\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully.
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"C:\Windows\system32\GroupPolicy\Machine" => not found.
"C:\Windows\system32\GroupPolicy\User" => not found.
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\SOFTWARE\Policies\Google => key not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1D540E3C-1399-47A6-BADF-78CB0BFC08EB}\\NameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1D540E3C-1399-47A6-BADF-78CB0BFC08EB}\\DhcpNameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}\\DhcpNameServer => value removed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page => value removed successfully.
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
Could not restore Default URLSearchHook.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => key removed successfully.
"HKCR\CLSID\{00C6482D-C502-44C8-8409-FCE54AD9C208}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} => value removed successfully.
"HKCR\CLSID\{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => key removed successfully.
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}" => key removed successfully.
"HKCR\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" => key removed successfully.
"HKCR\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}" => key removed successfully.
"HKCR\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}" => key removed successfully.
HKCR\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7} => key not found.
"HKCR\PROTOCOLS\Handler\grooveLocalGWS" => key removed successfully.
"HKCR\CLSID\{88FED34C-F0CA-4636-A375-3CB6248B04CD}" => key removed successfully.
"HKCR\PROTOCOLS\Handler\ms-itss" => key removed successfully.
"HKCR\CLSID\{0A9007C0-4076-11D3-8789-0000F8105754}" => key removed successfully.
"C:\Users\psimoes\AppData\Roaming\Mozilla\Firefox\Profiles\9yk1vrhk.default\searchplugins\yahoo-avast.xml" => not found.
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3" => key removed successfully.
C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll => moved successfully
"HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9" => key removed successfully.
"C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll" => not found.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin" => key removed successfully.
C:\Users\psimoes\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll => moved successfully
Chrome StartupUrls => removed successfully.

"C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\choepknhbopmendmnohbaemeaeemnaom" folder move:

Could not move "C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\choepknhbopmendmnohbaemeaeemnaom" => Scheduled to move on reboot.

C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kajjckmbclbffbpecfbiecehkfgopppd => moved successfully
C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiciehannidbjakcefendokamkjnolhg => moved successfully
C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco => not found.
AcrSch2Svc => service removed successfully.
rpcapd => service removed successfully.
trufos => service removed successfully.
aswVmm => service removed successfully.
catchme => service removed successfully.
IpInIp => service removed successfully.
NwlnkFlt => service removed successfully.
NwlnkFwd => service removed successfully.
tljkva => service removed successfully.
Tosrfcom => service removed successfully.
wayuia => service removed successfully.
C:\ProgramData\F-Secure => moved successfully
C:\Users\psimoes\AppData\Local\F-Secure => moved successfully
C:\Users\psimoes\Desktop\F-SecureOnlineScanner.exe => moved successfully
C:\Users\psimoes\Desktop\esetonlinescanner_enu.exe => moved successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA.job => moved successfully
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core.job => moved successfully
C:\ProgramData\AVAST Software => moved successfully
"C:\Program Files\GUTC12.tmp" => not found.
C:\Users\psimoes\AppData\Roaming\systemfl.$dk => moved successfully
C:\Users\psimoes\AppData\Local\ars.cache => moved successfully
C:\Users\psimoes\AppData\Local\census.cache => moved successfully
C:\Users\psimoes\AppData\Local\d3d9caps.dat => moved successfully
C:\Users\psimoes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\psimoes\AppData\Local\housecall.guid.cache => moved successfully
C:\Users\psimoes\AppData\Local\sponge.last.runtime.cache => moved successfully
C:\Windows\logo_1.exe => moved successfully
C:\Windows\RUNDL132.EXE => moved successfully
C:\Windows\VDLL.DLL => moved successfully
C:\Windows\System32\runouce.exe => moved successfully
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{01B48E19-3C98-4B34-B679-86D14E74C2D8}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{4DF0C730-DF9D-4AE3-9153-AA6B82E9795A}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{E5F07F0E-C4AE-4AA8-AE7E-FC3DB683977E}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => key removed successfully.
"HKU\S-1-5-21-3399307451-3074549587-1771456082-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0D161987-AD10-4D61-B6AF-08F1AF26C734}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D161987-AD10-4D61-B6AF-08F1AF26C734}" => key removed successfully.
C:\Windows\System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows Defender\MP Scheduled Signature Update" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10F2238D-1EFD-497B-9F82-2ED7F4C95DD0}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10F2238D-1EFD-497B-9F82-2ED7F4C95DD0}" => key removed successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{363B5A23-E3F2-4920-96D6-0FE18DF74777}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{363B5A23-E3F2-4920-96D6-0FE18DF74777}" => key removed successfully.
C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1464051125 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SafeZone scheduled Autoupdate 1464051125" => key removed successfully.
"C:\Program Files\AVAST Software\SZBrowser\launcher.exe" => not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81E48EDE-D2AC-4A54-B5A4-CAC8152C6D87}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81E48EDE-D2AC-4A54-B5A4-CAC8152C6D87}" => key removed successfully.
C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core" => key removed successfully.
"C:\Program Files\AVAST Software" => not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core.job => not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA.job => not found.
C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Send Anywhere (File Transfer).lnk => Shortcut argument removed successfully..
C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\StartPage Search Engine.lnk => Shortcut argument removed successfully..
C:\ProgramData\TEMP => ":56AC8DD1" ADS removed successfully..
C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully..
HKLM\Software\Classes\cmdfile\DefaultIcon\\Default => value restored successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= netsh advfirewall reset =========

Ok.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state Off =========

Ok.


========= End of CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-3399307451-3074549587-1771456082-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


========= End of RemoveProxy: =========


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 4194304 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17034736 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1362250 B
Edge => 0 B
Chrome => 146354841 B
Firefox => 79764958 B
Opera => 18003107 B

Temp, IE cache, history, cookies, recent:
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 100481 B
LocalService => 33125 B
NetworkService => 692 B
psimoes => 14027374 B
torrents => 66325 B
Guest => 305953 B

RecycleBin => 0 B
EmptyTemp: => 268.3 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 15-11-2016 19:04:15)

C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Extensions\choepknhbopmendmnohbaemeaeemnaom => is moved successfully

==== End of Fixlog 19:04:16 ====
 
  • Like
Reactions: jmarket
Overall things are MUCH better. The malware appears to be gone. Web browsers are not crashing. Programs open smoothly, quickly, .... great for an old laptop.

Thanks. What a relief.

But browsers were loading quicker, more smoothly after running Zemana & Malwarebytes. Before the last run of FRST

Is another reboot needed?
 
Last edited:
  • Like
Reactions: jmarket and Malnutrition
Paul Simoes said:
Is another reboot needed?
Click to expand...


Sure, but I would also suggest disabling some startup items as well. Let's take a look at what can go. :)

Security Check Scan.

  • Download Security Check to your desktop.
  • Right click it run as administrator.
  • When the program completes, the tool will automatically open a log file.
  • Please post that log here in your next post.
HijackThis.



1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.




Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe
After the scan is finished then click on File>>>>>>>>>>>Save
The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option.
in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.
 
Paul Simoes said:
But browsers were loading quicker, more smoothly after running Zemana & Malwarebytes. Before the last run of FRST
Click to expand...


Might not be a bad idea to reset your browsers, considering the age of this machine.... :)

Also, a quick little bit of info to get your internet settings in the optimum area. (y)

Disable IPV6



https://support.microsoft.com/en-us/kb/929852




Change some settings.


Use this tool to remove the Tunnel adapters.



Disable Computer Browser Service


1. Press the Windows + R key at the same time, a Run Window will appear
2. Type or copy and paste Services.msc hit enter.
3. Scroll to the Computer Browser Service
4. Right-Click Computer Browser Service and choose Stop the service.
5. Right Click Computer Browser Service again select Properties.
6. Change the Startup type to disabled.

8cPC1j3.png

7. Hit Apply then Ok.


Uninstall Netbt Driver.



1. Press the Windows + R key at the same time, a Run Window will appear.
2. Now enter or copy and paste devmgmt.msc in the Run Window and click on OK
3. Click on View and select Show Hidden Devices

Crp3oNM.png




4. Then click on and unfold Non-Plug and Play Driver

27sS1dS.png




5. Then find NET BT, Right-click the device and choose to Uninstall the Driver.
6. Reboot your device when asked.





Hit enter after each command.




1. Open Start and type cmd, then right-click Command Prompt and choose Run as Administrator

2. Once Command Prompt has started enter the following command. nbtstat -R

3. Wait for that command to complete, a new line will appear, now enter the following command. nbtstat -RR

4 Wait for that command to complete, a new line will appear, now enter the following command. Shutdown – R


Disable netbios over tcpip.



Windows key & r at the same time.
Type or copy and paste ncpa.cpl hit enter.
Right click your connection hit properties.
Select internet protocol version 4 then properties.
Select Advanced, then Wins tab.
Put a tick next to Disable Net Bios over TCPIP.



Use DNS Jumper to set your dns to google dns.



http://www.sordum.org/7952/dns-jumper-v2-0/
 
  • Like
Reactions: paulwb
Here are the Security Check, HijackThis & Autoruns log files ....

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 15.11.2016 20:43:46
Path starting: C:\Users\psimoes\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: psimoes
VersionXML: 3.51is-12.11.2016
___________________________________________________________________________

Windows Vista(6.0.6002) Service Pack 2 (x86) HomePremium Lang: English(0409)
Installation date OS: 16.02.2009 07:13:03
LicenseStatus: Windows(TM) Vista, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [184.8 Gb] Used: [169.7 Gb] Free: [15.1 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 8.0.6001.19600 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
Notify before download
Date install updates: 2016-06-13 03:32:23
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
Terminal Services (TermService) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Account guest is enabled. Not require a password.
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.6425.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Panda Free Antivirus (enabled)
---------------------------- [ Firewall_WMI ] -----------------------------
Panda Firewall
Online Armor Firewall (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Panda Free Antivirus (enabled)
Windows Defender (disabled)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
ESET Online Scanner v3
Online Armor 6.0 v.6.0 Warning! This software is no longer supported. Please uninstall it and use another software.
Panda Free Antivirus v.17.00.01.0000
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.60.1
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 4.65
Picasa 3 v.3.9 Warning! This software is no longer supported.
VLC media player v.2.2.2 Warning! Download Update
7-Zip 9.20 v.9.20.00.0 Warning! Download Update
Uninstall old version and install new one.
Microsoft Silverlight v.5.1.20125.0 Warning! Download Update
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.26 v.7.26.101 Warning! Download Update
^Optional update.^
-------------------------------- [ Java ] ---------------------------------
Java 7 Update 67 v.7.0.670 Warning! This software is no longer supported. Please uninstall it and use Java SE 8 (jre-8u112-windows-i586.exe).
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.10.1.1.4 Warning! Download Update
^Please use Apple Software Update tool.^
QuickTime v.7.73.80.64 Warning! This software is no longer supported. Please uninstall it and use another software.
Bonjour v.2.0.3.0 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.4.0.0.1390 Warning! Download Update
Adobe Flash Player 23 ActiveX v.23.0.0.207
Adobe Flash Player 23 NPAPI v.23.0.0.207
Adobe Flash Player 23 PPAPI v.23.0.0.207
Adobe Reader X (10.1.16) v.10.1.16 Warning! This software is no longer supported. Please uninstall it and use Adobe Reader XI or Adobe Acrobat Reader DC.
------------------------------- [ Browser ] -------------------------------
Google Chrome v.49.0.2623.112 Warning! Download Update
Mozilla Firefox 49.0.2 (x86 en-US) v.49.0.2
Opera Stable 36.0.2130.80 v.36.0.2130.80 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
------------------ [ AntivirusFirewallProcessServices ] -------------------
Online Armor Helper Service (OAcat) - The service is running
C:\Program Files\Online Armor\OAcat.exe v.7.0.0.1866
Online Armor (SvcOnlineArmor) - The service is running
C:\Program Files\Online Armor\OAsrv.exe v.7.0.0.1866
C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe v.4.0.0.651
Panda Protection Service (NanoServiceMain) - The service is running
C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe v.4.0.0.786
Panda Product Service (PSUAService) - The service is running
C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe v.4.0.0.642
Panda Devices Agent (PandaAgent) - The service is running
C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe v.1.3.8.0
Windows Defender (WinDefend) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Google Toolbar for Internet Explorer v.1.0.0 << Hidden Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems.
Auslogics DiskDefrag v.4.4.0.0 Warning! Suspected demo version of anti-spyware or optimization program - scareware or badware. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:46 PM, on 15/11/2016
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.19600)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
C:\Program Files\TrueSuite Access Manager\PwdBank.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Online Armor\OAui.exe
C:\Program Files\TrueSuite Access Manager\usbnotify.exe
C:\Program Files\Online Armor\OAhlp.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\TrueSuite Access Manager\CssSvr.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\Belkin\Router Setup and Monitor\dlnaPlugin.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_2\DiskInfo.exe
C:\Windows\system32\wuauclt.exe
C:\Users\psimoes\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [FingerPrintNotifer] "C:\Program Files\TrueSuite Access Manager\FpNotifier.exe"
O4 - HKLM\..\Run: [PwdBank] "C:\Program Files\TrueSuite Access Manager\PwdBank.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Online Armor\OAui.exe"
O4 - HKLM\..\Run: [UsbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe"
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [PSUAMain] "C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [cdloader] "C:\Users\psimoes\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Authentec memory manager service (Authentec memory manager) - AuthenTec Inc. - C:\Windows\system32\TAMSvr.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe
O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Gizmo Central - Arainia Solutions - C:\Program Files\Gizmo\gservice.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda Protection Service (NanoServiceMain) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Online Armor\OAcat.exe
O23 - Service: Panda Devices Agent (PandaAgent) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Panda Product Service (PSUAService) - Panda Security, S.L. - C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Online Armor\oasrv.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: ZAM Controller Service (ZAMSvc) - Zemana Ltd. - C:\Program Files\Zemana AntiMalware\ZAM.exe

--
End of file - 9693 bytes


"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "19/10/2014 4:00 PM" ""
+ "rdpclip" "" "" "File not found: rdpclip" "" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "15/11/2016 6:56 PM" ""
+ "@OnlineArmor GUI" "Online Armor Component" "Emsisoft GmbH" "c:\program files\online armor\oaui.exe" "19/06/1992 5:22 PM" ""
+ "Camera Assistant Software" "traybar" "Chicony" "c:\program files\camera assistant software for toshiba\traybar.exe" "25/10/2007 4:41 AM" ""
+ "FingerPrintNotifer" "Fingerprint Suite Notifier Application" "AuthenTec, Inc" "c:\program files\truesuite access manager\fpnotifier.exe" "23/01/2008 10:21 PM" ""
+ "InstaLAN" "" "Affinegy, Inc." "c:\program files\belkin\router setup and monitor\belkinroutermonitor.exe" "23/02/2012 4:03 PM" ""
+ "NDSTray.exe" "ConfigFree(TM) Task tray menu" "TOSHIBA CORPORATION" "C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe" "09/01/2008 12:02 AM" ""
+ "PSUAMain" "AV Console" "Panda Security, S.L." "c:\program files\panda security\panda security protection\psuamain.exe" "04/08/2016 10:26 PM" ""
+ "PwdBank" "" "Arachnoid Biometrics Identification Group" "c:\program files\truesuite access manager\pwdbank.exe" "19/06/1992 5:22 PM" ""
+ "RtHDVCpl" "HD Audio Control Panel" "Realtek Semiconductor" "c:\windows\rthdvcpl.exe" "29/01/2008 5:51 AM" ""
+ "StartCCC" "" "" "c:\program files\ati technologies\ati.ace\core-static\clistart.exe" "10/11/2006 12:35 PM" ""
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics, Inc." "c:\program files\synaptics\syntp\syntpenh.exe" "14/08/2008 9:20 PM" ""
+ "UsbMonitor" "" "" "c:\program files\truesuite access manager\usbnotify.exe" "05/06/2007 3:42 AM" ""
+ "ZAM" "ZAM" "Zemana Ltd." "c:\program files\zemana antimalware\zam.exe" "09/11/2016 4:39 AM" ""
"HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "15/11/2016 6:56 PM" ""
+ "Adobe Reader Synchronizer" "Adobe Collaboration Synchronizer 10.1" "Adobe Systems Incorporated" "c:\program files\adobe\reader 10.0\reader\adobecollabsync.exe" "24/09/2015 8:42 AM" ""
+ "CCleaner Monitoring" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "16/09/2015 3:14 PM" ""
+ "cdloader" "magicJack (cdloader2)" "magicJack L.P." "c:\users\psimoes\appdata\roaming\mjusbsp\cdloader2.exe" "12/12/2007 6:34 AM" ""
+ "TOSCDSPD" "En-us" "" "c:\program files\toshiba\toscdspd\toscdspd.exe" "29/01/2008 3:00 AM" ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "28/09/2016 5:14 PM" ""
+ "Google Chrome" "Google Chrome Installer" "Google Inc." "c:\program files\google\chrome\application\49.0.2623.112\installer\chrmstp.exe" "05/04/2016 6:26 PM" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "19/01/2008 12:47 AM" ""
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "19/10/2014 4:04 PM" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll" "26/10/2006 11:31 PM" ""
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" "" "15/11/2016 6:56 PM" ""
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll" "13/05/2011 5:36 PM" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll" "19/08/2006 3:23 AM" ""
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.dll" "13/05/2011 5:36 PM" ""
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll" "13/05/2011 6:08 PM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" "" "14/11/2016 4:43 PM" ""
+ "Groove GFS Stub Execution Hook" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
+ "OA Shell Helper" "Online Armor Component" "Emsisoft GmbH" "c:\program files\online armor\oaevent.dll" "19/06/1992 5:22 PM" ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "15/11/2016 2:33 PM" ""
+ "2.0 Zemana AntiMalware" "Zemana AntiMalware" "Zemana Ltd." "c:\program files\zemana antimalware\zamshellext32.dll" "29/09/2016 6:40 AM" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll" "18/11/2010 11:08 AM" ""
+ "Belkin HistoryBrowser" "Belkin History Browser Extension" "Belkin International, Inc." "c:\program files\belkin\belkin usb print and storage center\bkhistorybrowser.dll" "19/04/2011 2:29 AM" ""
+ "FilePtcMenu" "" "Arachnoid Biometrics Identification Group Corp." "c:\program files\truesuite access manager\fileptcmenu.dll" "29/09/2007 2:48 AM" ""
+ "GizmoShellMenuExt" "Gizmo Shell Module" "" "c:\program files\gizmo\gshell.dll" "30/04/2011 5:35 PM" ""
+ "OnlineArmorShell" "Online Armor Component" "Emsisoft GmbH" "c:\program files\online armor\oaevent.dll" "19/06/1992 5:22 PM" ""
+ "SnagItMainShellExt" "Snagit Shell Extension DLL" "TechSmith Corporation" "c:\program files\techsmith\snagit 11\snagitshellext.dll" "29/05/2013 3:23 PM" ""
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files\panda security\panda security protection\psuashell.dll" "04/08/2016 10:28 PM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "08/09/2015 1:45 PM" ""
+ "GizmoShellMenuExt" "Gizmo Shell Module" "" "c:\program files\gizmo\gshell.dll" "30/04/2011 5:35 PM" ""
+ "SD Format" "" "" "File not found: \SDFMTEXT.dll" "" ""
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "15/11/2016 3:58 PM" ""
+ "FAExt" "FileASSASSIN Shell Extension" "Malwarebytes" "c:\program files\fileassassin\fileassassinext.dll" "30/03/2007 5:34 PM" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes" "c:\program files\malwarebytes anti-malware\mbamext.dll" "24/02/2016 12:13 PM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "14/02/2016 6:40 PM" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll" "18/11/2010 11:08 AM" ""
+ "Belkin HistoryBrowser" "Belkin History Browser Extension" "Belkin International, Inc." "c:\program files\belkin\belkin usb print and storage center\bkhistorybrowser.dll" "19/04/2011 2:29 AM" ""
+ "SnagItMainShellExt" "Snagit Shell Extension DLL" "TechSmith Corporation" "c:\program files\techsmith\snagit 11\snagitshellext.dll" "29/05/2013 3:23 PM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" "" "19/10/2014 4:03 PM" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll" "18/11/2010 11:08 AM" ""
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" "" "19/10/2014 4:03 PM" ""
+ "Nokia" "Phone Browser" "Nokia" "c:\program files\nokia\nokia pc suite 7\phonebrowser.dll" "09/05/2011 6:31 AM" ""
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "21/10/2016 1:34 PM" ""
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "02/11/2006 4:43 AM" ""
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files\panda security\panda security protection\psuashell.dll" "04/08/2016 10:28 PM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "19/10/2014 9:33 PM" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll" "24/09/2015 8:42 AM" ""
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "15/11/2016 3:58 PM" ""
+ "2.0 Zemana AntiMalware" "Zemana AntiMalware" "Zemana Ltd." "c:\program files\zemana antimalware\zamshellext32.dll" "29/09/2016 6:40 AM" ""
+ "Belkin HistoryBrowser" "Belkin History Browser Extension" "Belkin International, Inc." "c:\program files\belkin\belkin usb print and storage center\bkhistorybrowser.dll" "19/04/2011 2:29 AM" ""
+ "FilePtcMenu" "" "Arachnoid Biometrics Identification Group Corp." "c:\program files\truesuite access manager\fileptcmenu.dll" "29/09/2007 2:48 AM" ""
+ "GizmoShellMenuExt" "Gizmo Shell Module" "" "c:\program files\gizmo\gshell.dll" "30/04/2011 5:35 PM" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes" "c:\program files\malwarebytes anti-malware\mbamext.dll" "24/02/2016 12:13 PM" ""
+ "OnlineArmorShell" "Online Armor Component" "Emsisoft GmbH" "c:\program files\online armor\oaevent.dll" "19/06/1992 5:22 PM" ""
+ "UAContextMenu" "Shell extension " "Panda Security, S.L." "c:\program files\panda security\panda security protection\psuashell.dll" "04/08/2016 10:28 PM" ""
+ "XXX Groove GFS Context Menu Handler XXX" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "15/11/2016 6:56 PM" ""
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
+ "IconOvrly1" "" "Arachnoid Biometrics Identification Group Corp." "c:\program files\truesuite access manager\iconovrly.dll" "19/04/2007 10:40 PM" ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "15/11/2016 6:56 PM" ""
+ "Groove GFS Browser Helper" "GrooveShellExtensions Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveshellextensions.dll" "27/10/2006 2:20 AM" ""
+ "Java(tm) Plug-In 2 SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll" "25/07/2014 1:45 PM" ""
+ "Java(tm) Plug-In SSV Helper" "Java(TM) Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\ssv.dll" "25/07/2014 1:45 PM" ""
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "28/03/2011 10:32 PM" ""
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "19/10/2014 3:54 PM" ""
+ "S&end to OneNote" "Microsoft Office OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnie.dll" "26/10/2006 10:32 PM" ""
"Task Scheduler" "" "" "" "" ""
+ "\Adobe Acrobat Update Task" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe" "14/12/2015 2:38 AM" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 23.0 r0" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe" "25/10/2016 9:04 PM" ""
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "16/09/2015 3:14 PM" ""
+ "\CrystalDiskInfo" "CrystalDiskInfo" "Crystal Dew World" "c:\users\psimoes\desktop\antiv\crystaldiskinfo6_2_2\diskinfo.exe" "04/12/2014 8:17 PM" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe" "21/08/2015 9:13 PM" ""
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe" "21/08/2015 9:13 PM" ""
+ "\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core" "Google Installer" "Google Inc." "c:\users\psimoes\appdata\local\google\update\googleupdate.exe" "21/08/2015 9:13 PM" ""
+ "\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA" "Google Installer" "Google Inc." "c:\users\psimoes\appdata\local\google\update\googleupdate.exe" "21/08/2015 9:13 PM" ""
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe" "19/01/2008 12:42 AM" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files\windows live\soxe\wlsoxe.dll" "13/05/2011 5:21 PM" ""
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs" "20/01/2008 9:24 PM" ""
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs" "20/01/2008 9:23 PM" ""
+ "\Opera scheduled Autoupdate 1382066025" "Opera Internet Browser" "Opera Software" "c:\program files\opera\launcher.exe" "18/07/2016 9:14 PM" ""
+ "\PCMAgent.exe_1826580705" "CyberLink PowerCinema Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\pcmagent.exe" "13/12/2007 6:45 AM" ""
+ "\SafeZone scheduled Autoupdate 1458652480" "" "" "File not found: C:\Program Files\AVAST Software\SZBrowser\launcher.exe" "" ""
+ "\{C074CB77-8752-4695-819D-DF00F7AAE9A6}" "" "" "File not found: c:\users\psimoes\appdata\local\google\chrome\application\chrome.exe" "" ""
+ "\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B}" "Gizmo Central" "Arainia Solutions" "c:\program files\gizmo\gizmo.exe" "07/05/2011 10:55 AM" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "15/11/2016 7:04 PM" ""
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\armsvc.exe" "14/12/2015 2:38 AM" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe" "25/10/2016 9:04 PM" ""
+ "AffinegyService" "Affinegy Mobility Management support" "Affinegy, Inc." "c:\program files\belkin\router setup and monitor\belkinservice.exe" "23/02/2012 4:17 PM" ""
+ "AgereModemAudio" "Agere Soft Modem Call Progress Service" "Agere Systems" "c:\windows\system32\agrsmsvc.exe" "05/10/2006 12:10 PM" ""
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe" "15/10/2010 10:28 PM" ""
+ "Ati External Event Utility" "ATI External Event Utility EXE Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.exe" "30/01/2008 3:28 PM" ""
+ "Authentec memory manager" "Create memory pool for fingerprint software." "AuthenTec Inc." "c:\windows\system32\tamsvr.exe" "14/10/2007 8:01 PM" ""
+ "Backupper Service" "AOMEI Backupper Schedule Task Service..." "AOMEI Tech Co., Ltd." "c:\program files\aomei backupper standard edition 2.0.2\abservice.exe" "20/08/2014 9:58 PM" ""
+ "Belkin Local Backup Service" "Belkin Local Backup Service" "" "c:\program files\belkin\belkin usb print and storage center\bkbackupscheduler.exe" "19/04/2011 2:29 AM" ""
+ "Belkin Network USB Helper" "Belkin Network USB Helper" "" "c:\program files\belkin\belkin usb print and storage center\bkapcs.exe" "09/02/2010 1:55 AM" ""
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "27/07/2010 8:35 PM" ""
+ "ConfigFree Service" "You can't stop this service, if you want to keep ConfigFree functionality fine." "TOSHIBA CORPORATION" "c:\program files\toshiba\configfree\cfsvcs.exe" "24/12/2007 11:07 PM" ""
+ "EvtEng" "Manages the event trace messages for all the components of Intel(R) PROSet/Wireless software." "Intel Corporation" "c:\program files\intel\wireless\bin\evteng.exe" "08/10/2007 4:27 PM" ""
+ "Gizmo Central" "Provides an infrastructure for Gizmo Central to seemlessly process Device Driver Communication and authorization" "Arainia Solutions" "c:\program files\gizmo\gservice.exe" "30/04/2011 5:34 PM" ""
+ "GoogleDesktopManager" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktop.exe" "27/03/2007 1:45 AM" ""
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe" "21/08/2015 9:13 PM" ""
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe" "21/08/2015 9:13 PM" ""
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe" "02/03/2012 4:13 PM" ""
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe" "14/11/2005 2:06 AM" ""
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe" "13/12/2010 7:16 PM" ""
+ "Microsoft Office Groove Audit Service" "Groove Audit Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\grooveauditservice.exe" "27/10/2006 1:44 AM" ""
+ "NanoServiceMain" "Panda Protection Service" "Panda Security, S.L." "c:\program files\panda security\panda security protection\psanhost.exe" "04/08/2016 7:02 PM" ""
+ "OAcat" "Online Armor Component" "Emsisoft GmbH" "c:\program files\online armor\oacat.exe" "19/06/1992 5:22 PM" ""
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe" "26/10/2006 9:48 PM" ""
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe" "26/10/2006 4:00 PM" ""
+ "PandaAgent" "Panda Security Devices Agent" "Panda Security, S.L." "c:\program files\panda security\panda devices agent\agentsvc.exe" "19/07/2016 3:04 AM" ""
+ "PassThru Service" "Detect HTC Android device for internet pass-through function." "" "c:\program files\htc\internet pass-through\passthrusvr.exe" "30/09/2013 10:03 PM" ""
+ "pinger" "" "" "c:\toshiba\ivp\ism\pinger.exe" "25/01/2007 7:38 PM" ""
+ "PSUAService" "Panda Product Service" "Panda Security, S.L." "c:\program files\panda security\panda security protection\psuaservice.exe" "04/08/2016 10:26 PM" ""
+ "RegSrvc" "Intel(R) PROSet/Wireless Registry Service" "Intel Corporation" "c:\program files\intel\wireless\bin\regsrvc.exe" "08/10/2007 4:01 PM" ""
+ "ServiceLayer" "ServiceLayer Module" "Nokia" "c:\program files\pc connectivity solution\servicelayer.exe" "08/06/2011 5:01 AM" ""
+ "SkypeUpdate" "Enables the detection, download and installation of updates for Skype." "Skype Technologies" "c:\program files\skype\updater\updater.exe" "23/05/2016 9:15 AM" ""
+ "SvcOnlineArmor" "Online Armor Component" "Emsisoft GmbH" "c:\program files\online armor\oasrv.exe" "19/06/1992 5:22 PM" ""
+ "Swupdtmr" "" "" "c:\toshiba\ivp\swupdate\swupdtmr.exe" "23/10/2007 6:20 PM" ""
+ "TNaviSrv" "TOSHIBA Navi Support Service" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba dvd player\tnavisrv.exe" "21/01/2008 1:44 AM" ""
+ "TosCoSrv" "TOSHIBA Power Saver manages power saving settings supported by TOSHIBA. These settings will not work if the service has stopped." "TOSHIBA Corporation" "c:\program files\toshiba\power saver\toscosrv.exe" "10/01/2008 8:57 PM" ""
+ "TOSHIBA Bluetooth Service" "TOSHIBA Bluetooth Service" "TOSHIBA CORPORATION" "c:\program files\toshiba\bluetooth toshiba stack\tosbtsrv.exe" "27/09/2007 9:55 PM" ""
+ "TOSHIBA SMART Log Service" "TosIPCSrv.exe" "TOSHIBA Corporation" "c:\program files\toshiba\smartlogservice\tosipcsrv.exe" "03/12/2007 3:03 AM" ""
+ "UleadBurningHelper" "ULCDRSvr" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe" "12/03/2004 3:04 PM" ""
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "19/01/2008 2:26 AM" ""
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "28/03/2011 10:31 PM" ""
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "19/01/2008 1:06 AM" ""
+ "ZAMSvc" "ZAM" "Zemana Ltd." "c:\program files\zemana antimalware\zam.exe" "09/11/2016 4:39 AM" ""
"HKLM\System\CurrentControlSet\Services" "" "" "" "15/11/2016 7:04 PM" ""
+ "AgereSoftModem" "SoftModem Device Driver" "Agere Systems" "c:\windows\system32\drivers\agrsm.sys" "28/11/2006 3:10 PM" ""
+ "AlfaFF" "Windows 2000 Mini-Filter Monitor Network Edition" "Alfa Corporation" "c:\windows\system32\drivers\alfaff.sys" "02/02/2008 1:03 AM" ""
+ "ambakdrv" "" "" "c:\windows\system32\ambakdrv.sys" "25/12/2012 3:45 AM" ""
+ "ammntdrv" "" "" "c:\windows\system32\ammntdrv.sys" "25/12/2012 3:45 AM" ""
+ "amwrtdrv" "" "" "c:\windows\system32\amwrtdrv.sys" "25/12/2012 3:45 AM" ""
+ "atikmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys" "30/01/2008 3:42 PM" ""
+ "ATSWPDRV" "Slide Fingerprint USB Driver" "AuthenTec, Inc." "c:\windows\system32\drivers\atswpdrv.sys" "12/08/2008 12:03 PM" ""
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "06/08/2006 4:33 PM" ""
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "06/08/2006 4:33 PM" ""
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "09/08/2006 7:02 AM" ""
+ "Cdr4_xp" "CDR4 CD and DVD Place Holder Driver (see PxHelp)" "Sonic Solutions" "c:\windows\system32\drivers\cdr4_xp.sys" "10/08/2005 1:28 PM" ""
+ "Cdralw2k" "CDRAL Place Holder Driver (see PxHelp)" "Sonic Solutions" "c:\windows\system32\drivers\cdralw2k.sys" "10/08/2005 1:28 PM" ""
+ "E1G60" "Intel(R) PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys" "07/08/2007 11:14 AM" ""
+ "FwLnk" "TOSHIBA Firmware Linkage 32-bit Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\fwlnk.sys" "19/11/2006 9:11 AM" ""
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys" "18/05/2009 7:16 AM" ""
+ "GizmoDrv" "Gizmo kernel-mode device driver, used to emulate CD/DVD-ROM and hard drives" "Arainia Solutions LLC" "c:\windows\system32\drivers\gizmodrv.sys" "29/04/2011 1:19 PM" ""
+ "htcnprot" "HTC NDIS Protocol Driver" "Windows (R) Win 7 DDK provider" "c:\windows\system32\drivers\htcnprot.sys" "22/06/2010 9:23 PM" ""
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys" "30/09/2007 12:20 AM" ""
+ "IntcAzAudAddService" "Realtek(r) High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhda.sys" "29/01/2008 10:32 PM" ""
+ "NETw3v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw3v32.sys" "25/07/2007 12:27 PM" ""
+ "NETw4v32" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw4v32.sys" "26/09/2007 8:12 AM" ""
+ "nmwcd" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmb.sys" "18/05/2011 2:12 AM" ""
+ "nmwcdc" "Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\ccdcmbo.sys" "18/05/2011 2:12 AM" ""
+ "NNSALPC" "Application Layer Protocol Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsalpc.sys" "03/12/2015 12:19 PM" ""
+ "NNSHTTP" "Http Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnshttp.sys" "03/12/2015 12:28 PM" ""
+ "NNSHTTPS" "Https Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnshttps.sys" "03/12/2015 1:17 PM" ""
+ "NNSIDS" "Intrusion Detection System" "Panda Security, S.L." "c:\windows\system32\drivers\nnsids.sys" "03/12/2015 1:04 PM" ""
+ "NNSNAHSL" "Network Activity Hook Server LightWeight Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\nnsnahsl.sys" "24/04/2015 9:28 AM" ""
+ "NNSPICC" "Process Info Colorizer Client" "Panda Security, S.L." "c:\windows\system32\drivers\nnspicc.sys" "03/12/2015 12:51 PM" ""
+ "NNSPIHSW" "Process Info Hook Server WFP" "Panda Security, S.L." "c:\windows\system32\drivers\nnspihsw.sys" "14/03/2016 5:45 AM" ""
+ "NNSPOP3" "Pop3 Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnspop3.sys" "03/12/2015 1:06 PM" ""
+ "NNSPROT" "Network Protector" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprot.sys" "03/12/2015 1:00 PM" ""
+ "NNSPRV" "Network Provider" "Panda Security, S.L." "c:\windows\system32\drivers\nnsprv.sys" "17/02/2016 8:04 AM" ""
+ "NNSSMTP" "Smtp Parser" "Panda Security, S.L." "c:\windows\system32\drivers\nnssmtp.sys" "03/12/2015 1:10 PM" ""
+ "NNSSTRM" "Streamer" "Panda Security, S.L." "c:\windows\system32\drivers\nnsstrm.sys" "17/02/2016 8:18 AM" ""
+ "NNSTLSC" "Transport Layer Session Colorizer" "Panda Security, S.L." "c:\windows\system32\drivers\nnstlsc.sys" "03/12/2015 12:22 PM" ""
+ "NPF" "npf.sys (NT5/6 x86) Kernel Driver" "CACE Technologies, Inc." "c:\windows\system32\drivers\npf.sys" "25/06/2010 11:47 AM" ""
+ "OADevice" "" "" "c:\windows\system32\drivers\oadriver.sys" "10/10/2013 8:40 PM" ""
+ "oahlpXX" "" "" "c:\windows\system32\drivers\oahlp32.sys" "05/07/2012 12:30 PM" ""
+ "OAmon" "TDI Helper Driver" "Emsisoft" "c:\windows\system32\drivers\oamon.sys" "10/10/2013 8:40 PM" ""
+ "OAnet" "OA Helper Driver" "Emsisoft" "c:\windows\system32\drivers\oanet.sys" "10/10/2013 8:40 PM" ""
+ "pccsmcfd" "PCCS Mode Change Filter Driver" "Nokia" "c:\windows\system32\drivers\pccsmcfd.sys" "26/08/2008 2:26 AM" ""
+ "PSINAflt" "PSINAflt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinaflt.sys" "04/08/2016 9:27 PM" ""
+ "PSINFile" "PSINFile Mini-Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinfile.sys" "04/08/2016 9:31 PM" ""
+ "PSINKNC" "PSINKNC Kernel Controller for Vista32" "Panda Security, S.L." "c:\windows\system32\drivers\psinknc.sys" "04/08/2016 9:21 PM" ""
+ "PSINProc" "PSINProc Filter Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinproc.sys" "04/08/2016 9:39 PM" ""
+ "PSINProt" "PSINProt Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinprot.sys" "04/08/2016 9:44 PM" ""
+ "PSINReg" "PSINReg Driver" "Panda Security, S.L." "c:\windows\system32\drivers\psinreg.sys" "04/08/2016 9:35 PM" ""
+ "PSKMAD" "Panda Kernel Memory Access Driver (x86)" "Panda Security, S.L." "c:\windows\system32\drivers\pskmad.sys" "08/08/2016 3:59 AM" ""
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys" "20/06/2007 5:26 PM" ""
+ "rimmptsk" "RICOH SD Driver" "REDC" "c:\windows\system32\drivers\rimmptsk.sys" "24/02/2007 12:42 AM" ""
+ "rimsptsk" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimsptsk.sys" "23/01/2007 2:40 AM" ""
+ "rismxdp" "RICOH XD SM Driver" "REDC" "c:\windows\system32\drivers\rixdptsk.sys" "21/03/2007 8:02 AM" ""
+ "RTL8169" "Realtek 8136/8168/8169 NDIS6 32-bit Driver " "Realtek " "c:\windows\system32\drivers\rtlh86.sys" "23/06/2010 4:21 AM" ""
+ "snapman380" "Acronis Snapshot API" "Acronis" "c:\windows\system32\drivers\snman380.sys" "16/09/2008 12:09 PM" ""
+ "stdriver" "stdriver.sys" "NCH Software" "c:\windows\system32\drivers\stdriver32.sys" "12/12/2010 10:30 PM" ""
+ "sxuptp" "SXUPTP Driver" "silex technology, Inc." "c:\windows\system32\drivers\sxuptp.sys" "07/05/2009 11:13 PM" ""
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics, Inc." "c:\windows\system32\drivers\syntp.sys" "14/08/2008 9:02 PM" ""
+ "tap0901" "TAP-Win32 Virtual Network Driver" "The OpenVPN Project" "c:\windows\system32\drivers\tap0901.sys" "19/11/2008 1:22 PM" ""
+ "tdrpman147" "Acronis Try&Decide Volume Filter Driver" "Acronis" "c:\windows\system32\drivers\tdrpm147.sys" "13/10/2008 5:15 AM" ""
+ "teamviewervpn" "TeamViewerVPN Network Adapter" "TeamViewer GmbH" "c:\windows\system32\drivers\teamviewervpn.sys" "29/11/2007 3:27 AM" ""
+ "tos_sps32" "tos_sps2" "TOSHIBA Corporation" "c:\windows\system32\drivers\tos_sps32.sys" "26/10/2006 3:52 AM" ""
+ "tosrfec" "TOSHIBA Bluetooth EC Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tosrfec.sys" "23/10/2006 2:32 AM" ""
+ "TVALZ" "TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver" "TOSHIBA Corporation" "c:\windows\system32\drivers\tvalz_o.sys" "08/11/2007 10:07 PM" ""
+ "upperdev" "Filter Driver for Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\usbser_lowerflt.sys" "18/05/2011 2:12 AM" ""
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys" "16/09/2010 9:19 PM" ""
+ "UsbserFilt" "Filter Driver for Nokia USB Phone Bus Driver" "Nokia" "c:\windows\system32\drivers\usbser_lowerfltj.sys" "18/05/2011 2:12 AM" ""
+ "UVCFTR" "UVCFTR_S.sys" "Chicony Electronics Co., Ltd." "c:\windows\system32\drivers\uvcftr_s.sys" "27/11/2007 5:38 AM" ""
+ "ZAM" "ZAM" "Zemana Ltd." "c:\windows\system32\drivers\zam32.sys" "17/08/2016 12:07 PM" ""
+ "ZAM_Guard" "ZAM" "Zemana Ltd." "c:\windows\system32\drivers\zamguard32.sys" "17/08/2016 12:07 PM" ""
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers" "" "" "" "19/10/2014 3:58 PM" ""
+ "Adobe Type Manager" "Windows NT OpenType/Type 1 Font Driver" "Adobe Systems Incorporated" "c:\windows\system32\atmfd.dll" "05/02/2016 7:33 PM" ""
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "07/10/2016 7:30 AM" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "21/01/2010 10:05 AM" ""
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll" "27/05/2010 3:08 PM" ""
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "19/10/2014 4:40 PM" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "AAC Encoder" "AACEnc" "InterVider" "c:\program files\intervideo\common\bin\aacenc.ax" "08/06/2007 4:25 AM" ""
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "AsyncEx" "VisioForge AsyncEx Filter" "VisioForge" "c:\users\psimoes\appdata\roaming\windsolutions\copytransmanager\copytransmanager.ax" "19/06/1992 5:22 PM" ""
+ "Audio Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll" "11/12/2002 8:34 PM" ""
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "CyberLink Audio Commercial Cut Analyzer" "CLAudCM" "Cyberlink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\claudcm.ax" "25/08/2005 10:54 PM" ""
+ "CyberLink Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\claud.ax" "21/11/2007 5:40 AM" ""
+ "CyberLink Audio Decoder (PCM45)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\claud.ax" "21/11/2007 5:40 AM" ""
+ "CyberLink Audio Effect (PCM45)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powercinema for toshiba\kernel\video\claudfx.ax" "22/12/2004 10:16 PM" ""
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\claunrwrapper.ax" "11/04/2006 2:35 AM" ""
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\claursmpl.ax" "10/04/2006 10:34 PM" ""
+ "CyberLink Audio Spectrum Analyzer" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\claudspa.ax" "24/09/2004 6:08 AM" ""
+ "CyberLink Audio Wizard (PCM45)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\claudwizard.ax" "15/12/2006 8:35 AM" ""
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\claudiocd.ax" "02/08/2006 6:37 PM" ""
+ "CyberLink Demultiplexer" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\cldemuxer.ax" "05/06/2007 9:44 AM" ""
+ "CyberLink Demultiplexer (PCM45)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\cldemuxer.ax" "05/06/2007 9:44 AM" ""
+ "CyberLink DVD Navigator (PCM45)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\clnavx.ax" "01/11/2007 10:05 PM" ""
+ "CyberLink Line21 Decoder Filter (PCM45)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\clline21.ax" "27/03/2007 8:05 AM" ""
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\climage.ax" "07/09/2005 9:52 AM" ""
+ "CyberLink MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\clsplter.ax" "28/07/2006 2:48 AM" ""
+ "CyberLink Scene Detect Filter 2" "CLScnDt2" "訊連科技" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\clscndt2.dll" "02/08/2006 1:35 AM" ""
+ "Cyberlink SubTitle Importor (PCM45)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\clsubtitle.ax" "04/04/2005 2:48 AM" ""
+ "CyberLink TimeStretch Filter" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\clauts.ax" "22/06/2007 10:28 PM" ""
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\cltlmsplter.ax" "15/06/2006 4:17 AM" ""
+ "Cyberlink TS Filter Filter" "TSFF" "Cyberlink" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\cltsff.ax" "22/09/2005 5:00 AM" ""
+ "Cyberlink TS Information" "CLTSInfo" "Cyberlink" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\cltsinfo.ax" "24/05/2006 9:45 AM" ""
+ "CyberLink Video Effect (PCM45)" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powercinema for toshiba\kernel\video\clvidfx.ax" "23/03/2005 3:15 AM" ""
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\clrgl.ax" "02/02/2007 6:36 AM" ""
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\clvsd.ax" "15/07/2007 10:57 PM" ""
+ "CyberLink Video/SP Decoder (PCM45)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\clvsd.ax" "25/12/2007 3:38 AM" ""
+ "CyberLink Video/SP Decoder (ShEX)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powercinema for toshiba\kernel\video\climagevsd.ax" "01/08/2006 11:22 PM" ""
+ "Dib Output" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\diboutput.ax" "05/09/2005 10:16 PM" ""
+ "Dib Receive" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dibreceive.ax" "05/09/2005 10:16 PM" ""
+ "DV ACM V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dvsf.ax" "05/09/2005 11:09 PM" ""
+ "DV V/A Source Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dvsf.ax" "05/09/2005 11:09 PM" ""
+ "DV Video Source Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\dvsf.ax" "05/09/2005 11:09 PM" ""
+ "Emuzed AAC/AAC+ Decoder TFilter" "Emuzed AAC/AAC+ Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzaacdecfilter.dll" "22/04/2009 6:46 AM" ""
+ "Emuzed AMR/3GPP/MP4/MP3 Multiplexer-Filter" "Emuzed MP4/3GP2/AMR/QCP Multiplexer/Sink Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdmp4muxfilter.dll" "20/04/2009 3:33 AM" ""
+ "Emuzed AMR/QCP/3GPP/MP4/3G2 Source Filter" "Emuzed MP4/3GP2/AMR/QCP Source Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp4source.dll" "20/04/2009 3:33 AM" ""
+ "Emuzed H264 Video Decoder-Filter" "Emuzed H.264 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdh264dectfilter.dll" "20/04/2009 3:35 AM" ""
+ "Emuzed MP3 Source/Decoder Filter" "Emuzed MP3 Source/Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp3sourcefilter.dll" "20/04/2009 3:33 AM" ""
+ "Emuzed MP4SP/H263 Video Decoder-Filter" "Emuzed MP4SP/H.263 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzdecmp4_h263.dll" "20/04/2009 3:35 AM" ""
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "IDM Filter" "idmf" "Cyberlink" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\idmf.ax" "09/03/2006 10:29 AM" ""
+ "Intervideo 3gFileSource" "Intervideo 3G File Source Filter" "Microsoft Corporation" "c:\program files\intervideo\common\bin\source3g.ax" "08/06/2007 4:12 AM" ""
+ "Intervideo 3gFileWrite" "Intervideo 3G File Write Filter" "Microsoft Corporation" "c:\program files\intervideo\common\bin\write3g.ax" "08/06/2007 4:12 AM" ""
+ "InterVideo AAC (XForm) Decoder" "InterVideo AAC Decoder" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaacdec.ax" "08/06/2007 4:24 AM" ""
+ "Intervideo AMR Decoder" "IVI AMR Decoding" "Intervideo, Inc." "c:\program files\intervideo\common\bin\amrdec.ax" "08/06/2007 4:22 AM" ""
+ "Intervideo AMR Encoder" "IVI AMR Encoding" "Intervideo, Inc." "c:\program files\intervideo\common\bin\amrenc.ax" "08/06/2007 4:22 AM" ""
+ "InterVideo Audio Encoder" "InterVideo?Audio Encoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaenc.ax" "08/06/2007 4:31 AM" ""
+ "InterVideo Demux" "InterVideo® MPEG System Demultiplexer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ividemxx.ax" "08/06/2007 4:36 AM" ""
+ "InterVideo Down Scale Filter" "InterVideo® Down Scale Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ividowns.ax" "08/06/2007 4:37 AM" ""
+ "InterVideo DV Pre-Process" "InterVideo DV Pre-Process Filter" "InterVideo" "c:\program files\intervideo\common\bin\dvprocs.ax" "08/06/2007 4:14 AM" ""
+ "InterVideo DVB DSM-CC Filter" "InterVideo DVB DSM-CC Decoder" "InterVideo, Inc." "c:\program files\intervideo\common\bin\dvbdsmcc.ax" "08/06/2007 4:16 AM" ""
+ "InterVideo DVB Subpicture Filter" "InterVideo DVB Subtitle Decoder" "InterVideo, Inc." "c:\program files\intervideo\common\bin\dvbspic.ax" "08/06/2007 4:17 AM" ""
+ "InterVideo File Writer" "InterVideo® File Writer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviwrite.ax" "08/06/2007 4:30 AM" ""
+ "InterVideo MPEG4 Video Decoder" "InterVideo® MPEG4 Video Decoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\mp4vdec.ax" "08/06/2007 4:28 AM" ""
+ "InterVideo MPEG4 Video Encoder" "InterVideo® MPEG4 Video Encoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\mp4venc.ax" "08/06/2007 4:27 AM" ""
+ "InterVideo Multiplexer" "InterVideo® MPEG System Multiplexer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivimux.ax" "08/06/2007 4:35 AM" ""
+ "InterVideo Pre-scaling Filter" "InterVideo® PreScale Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviscale.ax" "08/06/2007 4:34 AM" ""
+ "InterVideo PSIP/SI Filter" "InterVideo PSIP/SI Sections/Tables Filter" "InterVideo, Inc." "c:\program files\intervideo\common\bin\psidecod.ax" "08/06/2007 4:15 AM" ""
+ "InterVideo Still Capture" "InterVideo® Still Capture Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviscapt.ax" "08/06/2007 4:34 AM" ""
+ "InterVideo Stream Buffer Filter" "InterVideo Stream Buffer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\smbuffer.ax" "08/06/2007 4:22 AM" ""
+ "InterVideo Stream Writer" "InterVideo© Stream File Writer" "InterVideo, Inc." "c:\program files\intervideo\common\bin\stmrite.ax" "08/06/2007 4:22 AM" ""
+ "InterVideo Time Shift" "InterVideo Time Shifting Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivits.ax" "08/06/2007 4:29 AM" ""
+ "InterVideo Transport to Program Stream" "InterVideo© Transport to Program Stream Converter" "InterVideo, Inc." "c:\program files\intervideo\common\bin\trtoprog.ax" "08/06/2007 4:14 AM" ""
+ "InterVideo VBI Decoder" "InterVideo VBI Decoder Filter" "InterVideo, Inc." "c:\program files\intervideo\common\bin\ivvbidec.ax" "08/06/2007 4:16 AM" ""
+ "InterVideo Video Encoder" "InterVideo® MPEG Video Encoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivivenc.ax" "08/06/2007 4:33 AM" ""
+ "MPEG2 TS Source" "" "" "c:\program files\intervideo\common\bin\mpgtsrdr.ax" "08/06/2007 4:17 AM" ""
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "QTSrc" "QuickTime Source Filter" "CyberLink Corp" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\clqtsrc.ax" "01/09/2006 4:49 AM" ""
+ "Record Queue" "WME Record Queue" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmedque.dll" "11/12/2002 8:34 PM" ""
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "SFVCaptureFilter" "SmartFaceVCapt" "" "c:\windows\system32\smartfacevcapt.dll" "28/01/2008 4:01 AM" ""
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "TOSHIBA Audio Decoder DVD" "TOSHIBA Audio Decoder DVD" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba dvd player\tosauddecl.ax" "20/01/2008 5:17 AM" ""
+ "TOSHIBA Audio Rate Converter" "TOSHIBA Audio Rate Converter" "TOSHIBA Corporation" "c:\program files\common files\toshiba shared\tosarc.ax" "13/11/2006 3:32 AM" ""
+ "TOSHIBA DualMono" "TOSHIBA DualMono" "TOSHIBA Corporation" "c:\program files\common files\toshiba shared\tosdualmono.ax" "13/11/2006 3:34 AM" ""
+ "TOSHIBA DVD Navigator" "TOSHIBA DVD Navigator" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba dvd player\tdvdnavi.ax" "20/01/2008 5:20 AM" ""
+ "TOSHIBA DVD VR Navigator" "TOSHIBA DVD Player" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba dvd player\tvrnavi.ax" "20/01/2008 5:22 AM" ""
+ "TOSHIBA MPEG-2 Video Decoder (DVD)" "TOSHIBA DVD Video Decoder Filter" "TOSHIBA Corporation" "c:\program files\toshiba\toshiba dvd player\tosmp2dvd.ax" "20/01/2008 5:25 AM" ""
+ "Ulead Audio Dual Channel Filter" "Ulead Audio Dual Channel Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uaudiodcfilter.ax" "25/04/2004 10:30 PM" ""
+ "Ulead DV Scene Detect" "ulDvScDt" "Ulead system Inc." "c:\program files\common files\ulead systems\capture\uldvscdt.ax" "15/11/2006 1:05 AM" ""
+ "Ulead DV Writer" "ulDVWriter" "Ulead System Inc." "c:\program files\common files\ulead systems\capture\uldvrite.ax" "05/01/2006 1:35 AM" ""
+ "Ulead DVB Parser" "Ulead DVB Parser Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uldvbparser.ax" "26/10/2005 2:27 AM" ""
+ "Ulead DVD Audio Decoder 2" "Audio Decoder" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uldvdaudio.ax" "17/08/2005 11:23 AM" ""
+ "Ulead DVD Navigator" "DVD Navigator filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\dvd\uleaddvdnavigator.ax" "21/01/2005 4:15 AM" ""
+ "Ulead DVD Video decoder 2" "DVD Video Decoder with DxVA Support" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uldvdvideo.ax" "02/03/2007 12:58 AM" ""
+ "ULead File Source (Async.)" "Ulead Async Filter" "Ulead Systems" "c:\program files\common files\ulead systems\mpeg\ulasync.ax" "26/05/2005 12:06 PM" ""
+ "ULead File Writer" "File Dump Filter" "ULead Systems" "c:\program files\common files\ulead systems\filters\uldump.ax" "23/11/2004 1:39 AM" ""
+ "ULead Infinite Pin Tee" "Ulead Infinite Tee Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uinftee.ax" "07/01/2003 3:11 AM" ""
+ "Ulead MPEG Audio Decoder" "Audio Decoder" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uldvdaudio.ax" "17/08/2005 11:23 AM" ""
+ "Ulead MPEG Encoder" "MPEG Encoder and Muxer" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\ulesmpeg.ax" "24/10/2005 1:32 AM" ""
+ "Ulead MPEG Muxer" "MPEG Muxer" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\ulmxmpeg.ax" "25/05/2007 7:02 PM" ""
+ "Ulead MPEG Splitter" "ULead Mpeg I/II Splitter" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\ulspmpeg.ax" "06/03/2006 7:52 AM" ""
+ "Ulead MPEG Transcoder" "ulMPGTrans" "Ulead com" "c:\program files\common files\ulead systems\mpeg\ulmpgtrans.ax" "13/04/2005 2:06 AM" ""
+ "Ulead MPEG Video Decoder" "MPEG Video and Audio Decoder" "ULead Systems" "c:\program files\common files\ulead systems\mpeg\uldsmpeg.ax" "03/05/2007 4:17 AM" ""
+ "Ulead MPEG-4 Audio Decoder" "MP4 AAC Audio Decoder Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uladmp4.ax" "01/11/2005 2:18 AM" ""
+ "Ulead MPEG-4 Splitter" "MP4 Splitter Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulspmp4.ax" "13/11/2005 11:01 PM" ""
+ "Ulead MPEG-4 Video Decoder" "MP4 Video Decoder Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulvdmp4.ax" "16/02/2006 3:13 AM" ""
+ "Ulead Ogg Parser" "ulOggParserFilter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uloggparserfilter.ax" "18/11/2005 2:13 AM" ""
+ "Ulead OggVorbis Decoder" "ulOggVorbisDecoderFilter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uloggvorbisdecoderfilter.ax" "01/02/2005 10:25 PM" ""
+ "Ulead OggVorbis Encoder" "ulOggVorbisEncoderFilter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\uloggvorbisencoderfilter.ax" "29/09/2004 4:46 AM" ""
+ "Ulead Push Source Filter" "Ulead Push Source Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulpushsource.ax" "23/11/2003 9:44 PM" ""
+ "Ulead Sub-Picture Push Source Filter" "Ulead Sub-Picture Push Source Filter" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\mpeg\ulsubpicpushsource.ax" "09/11/2004 11:29 PM" ""
+ "Ulead Video Deinterlace Filter" "" "Ulead Systems, Inc." "c:\program files\common files\ulead systems\filters\deinterlace.ax" "24/06/2005 2:10 AM" ""
+ "Video Source" "Windows Media Preview Object" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmprevu.dll" "11/12/2002 8:34 PM" ""
+ "WAV Dest" "" "" "c:\program files\cyberlink\powercinema for toshiba\kernel\clml\wavdest.ax" "02/09/1998 10:24 AM" ""
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMEnc Screen Capture Filter" "WMESrcWp Module" "Microsoft Corporation" "c:\program files\windows media components\encoder\wmesrcwp.dll" "11/12/2002 8:34 PM" ""
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll" "11/04/2009 1:28 AM" ""
"HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command\(Default)" "" "" "" "19/10/2014 4:03 PM" ""
+ "C:\Program Files\Internet Explorer\iexplore.exe" "Internet Explorer" "Microsoft Corporation" "c:\program files\internet explorer\iexplore.exe" "03/02/2015 3:31 AM" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "19/10/2014 3:54 PM" ""
+ "Fingerprint Logon Credential Provider" "Fingerprint Credential Provider" "AuthenTec,Inc." "c:\windows\system32\fpcredprov.dll" "24/01/2008 12:49 AM" ""
+ "{B65F237C-AAFF-4df7-8872-91B65663E41F}" "" "" "c:\windows\system32\smartfacevcp.dll" "28/01/2008 4:01 AM" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Provider Filters" "" "" "" "19/10/2014 3:54 PM" ""
+ "Fingerprint Logon Credential Provider Filter" "Fingerprint Credential Provider" "AuthenTec,Inc." "c:\windows\system32\fpcredprov.dll" "24/01/2008 12:49 AM" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "19/10/2014 5:28 PM" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "27/07/2010 8:38 PM" ""
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "19/10/2014 4:00 PM" ""
+ "Toshiba Bluetooth Monitor" "" "TOSHIBA CORPORATION." "c:\windows\system32\tbtmon.dll" "07/12/2006 9:05 PM" ""
"C:\Users\psimoes\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" "" "16/06/2012 12:06 AM" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-us\Gadget.xml" "02/11/2006 7:41 AM" ""
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-us\Gadget.xml" "20/01/2008 9:25 PM" ""
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-us\Gadget.xml" "02/11/2006 7:41 AM" ""
"HKLM\Software\Microsoft\Office\Outlook\Addins" "" "" "" "21/10/2016 12:47 PM" ""
+ "Connect Class" "OutlookChangeNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\outlookchangenotifieraddin.dll" "15/10/2010 11:18 PM" ""
X "Groove OutlookProxyAddIn" "GrooveTransceiver Module" "Microsoft Corporation" "c:\program files\microsoft office\office12\groovetransceiver.dll" "27/10/2006 5:30 PM" ""
+ "Microsoft VBA for Outlook Addin" "Outlook VBA Integration Add-In" "Microsoft Corporation" "c:\program files\microsoft office\office12\addins\outlvba.dll" "26/10/2006 10:41 PM" ""
+ "OMS Connect class" "Microsoft Outlook Mobile Service" "Microsoft Corporation" "c:\program files\microsoft office\office12\omsmain.dll" "26/10/2006 10:33 PM" ""
+ "OneNote Notes about Outlook Items" "Microsoft Office OneNote Outlook Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office12\onbttnol.dll" "27/10/2006 5:39 PM" ""
"HKCU\Software\Microsoft\Office\Outlook\Addins" "" "" "" "19/10/2014 3:40 PM" ""
+ "Access COM Addin for Outlook" "Access Outlook Data Collection Addin" "Microsoft Corporation" "c:\program files\microsoft office\office12\addins\accolk.dll" "26/10/2006 11:08 PM" ""
+ "CalendarHelper Class" "iTunes Outlook Add-in" "Apple Inc." "c:\program files\itunes\itunesoutlookaddin.dll" "13/12/2010 7:17 PM" ""
+ "ColleagueImportAddIn Class" "" "" "c:\program files\microsoft office\office12\addins\colleagueimport.dll" "26/10/2006 11:25 PM" ""
+ "FormRegionAddin Class" "" "" "c:\program files\microsoft office\office12\addins\umoutlookaddin.dll" "27/10/2006 5:34 PM" ""
+ "Google Desktop Office Addin" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktopoffice.dll" "27/03/2007 1:36 AM" ""
+ "{D614B4AF-F5E6-4A03-AE81-37BA64372538}" "Microsoft Office Outlook Calendar Gadget for Windows SideShow" "Microsoft Corporation" "c:\program files\microsoft office\office12\olsideshow.dll" "26/10/2006 10:31 PM" ""
"HKLM\Software\Microsoft\Office\Excel\Addins" "" "" "" "19/10/2014 3:54 PM" ""
+ "Connect Class" "SnagIt Add-In for Microsoft Office" "TechSmith Corporation" "c:\program files\techsmith\snagit 9\snagitofficeaddin.dll" "15/05/2008 3:39 PM" ""
"HKCU\Software\Microsoft\Office\Excel\Addins" "" "" "" "19/10/2014 3:40 PM" ""
+ "Google Desktop Office Addin" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktopoffice.dll" "27/03/2007 1:36 AM" ""
"HKLM\Software\Microsoft\Office\Word\Addins" "" "" "" "19/10/2014 3:54 PM" ""
+ "Connect Class" "SnagIt Add-In for Microsoft Office" "TechSmith Corporation" "c:\program files\techsmith\snagit 9\snagitofficeaddin.dll" "15/05/2008 3:39 PM" ""
"HKCU\Software\Microsoft\Office\Word\Addins" "" "" "" "19/10/2014 3:40 PM" ""
+ "Google Desktop Office Addin" "Google Desktop" "Google" "c:\program files\google\google desktop search\googledesktopoffice.dll" "27/03/2007 1:36 AM" ""
"HKCU\Software\Microsoft\Office\Access\Addins" "" "" "" "19/10/2014 3:40 PM" ""
+ "AceCnfViewer.sortie" "Replication Conflict Viewing and Resolution for Microsoft Access" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\acecnf.dll" "26/10/2006 9:59 PM" ""
 
Remove these programs with Geek Uninstaller, if something is missing from the list, then use D-Uninstaller to see and remove hidden items.

Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{308B6AEA-DE50-4666-996D-0FA461719D6B}) (Version: 3.3.0.69 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auslogics DiskDefrag (HKLM\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.4.0.0 - Auslogics Labs Pty Ltd)
Bonjour (HKLM\...\{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}) (Version: 2.0.3.0 - Apple Inc.)
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.02.01 - TOSHIBA)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
GearDrvs (Version: 1 - Symantec Corporation) Hidden
GearDrvs (Version: 1.00.0000 - GEAR Software) Hidden
Google Talk Plugin (HKLM\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.670 - Oracle)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.01.05 - TOSHIBA)
TOSHIBA ConfigFree (HKLM\...\{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}) (Version: 7.1.27 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 1.20.10 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 1.0.3.32 - TOSHIBA)
TOSHIBA Hardware Setup (HKLM\...\{2883F6F5-0509-43F3-868C-D50330DD9DD3}) (Version: 2.00.06 - )
Toshiba Registration (HKLM\...\{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}) (Version: 1.00.0000 - Datalode Inc.)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.8.1.1 - TOSHIBA)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.3 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}) (Version: 2.00.03 - )
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.1.14 - TOSHIBA Corporation)



Fix with HijackThis!



Close all other programs!
Right Click Hijack this, run as administrator.
Click do a system scan only.
Place a tick next to the items below.



O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [UsbMonitor] "C:\Program Files\TrueSuite Access Manager\usbnotify.exe"
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [ZAM] "C:\Program Files\Zemana AntiMalware\ZAM.exe" /minimized
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
O4 - HKCU\..\Run: [cdloader] "C:\Users\psimoes\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe"


Click fix checked.
Accept the prompt.
Reboot the machine after.



Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: 
    :filefind
*tljkva*
*wayuia*

:Regfind
tljkva
wayuia


  • Click the Look button to start the scan.
    Because of the Registry searches, the scan may take 15 minutes or a bit more to run on a large machine. Please be patient.
    (Takes about 4 minutes on my XP net book)
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
 
Regarding post 16416 quoted below, all except the following were done ...

Disable IPV6 - ran the diagcab file, using the method below

Press Winkey + R. Delete what's already in the dialog.
Click Browse to insert the diagcab file into the dialog.
Insert before the filename msdt /cab ( msdt space/cab )
msdt /cab "C:\the filename you dragged in .diagcab"

but got the following Error message ...
2016.11.17_IPV6-MS.Tool.JPG


My internet connection is fine. What do you recommend?
I found the following ....
Simple Way to Disable IPV6 in Windows Vista
http://www.home-network-help.com/disable-ipv6.html

Can I remove the Tunnel adaptors even though IPV6 has not been disabled?

Changing DNS
You recommend DNS Jumper but the software hasn't been updated since June 2015. I've used OpenDns in the past and they're software is updated regularly. Your thoughts?

Also Reset Browser. Software not updated since Sept. 2015. OK to proceed?

Thanks for the excellent suggestions !!!!

«:::F:::» «:::A:::» «:::B:::» «:::U:::» «:::L:::» «:::O:::» «:::U:::»«:::S:::» !


Malnutrition said:
Might not be a bad idea to reset your browsers, considering the age of this machine.... :)

Also, a quick little bit of info to get your internet settings in the optimum area. (y)

Disable IPV6


https://support.microsoft.com/en-us/kb/929852


Change some settings.


Use this tool to remove the Tunnel adapters.


Disable Computer Browser Service

1. Press the Windows + R key at the same time, a Run Window will appear
2. Type or copy and paste Services.msc hit enter.
3. Scroll to the Computer Browser Service
4. Right-Click Computer Browser Service and choose Stop the service.
5. Right Click Computer Browser Service again select Properties.
6. Change the Startup type to disabled.

8cPC1j3.png

7. Hit Apply then Ok.


Uninstall Netbt Driver.


1. Press the Windows + R key at the same time, a Run Window will appear.
2. Now enter or copy and paste devmgmt.msc in the Run Window and click on OK
3. Click on View and select Show Hidden Devices

Crp3oNM.png




4. Then click on and unfold Non-Plug and Play Driver

27sS1dS.png



5. Then find NET BT, Right-click the device and choose to Uninstall the Driver.
6. Reboot your device when asked.


Hit enter after each command.


1. Open Start and type cmd, then right-click Command Prompt and choose Run as Administrator

2. Once Command Prompt has started enter the following command. nbtstat -R

3. Wait for that command to complete, a new line will appear, now enter the following command. nbtstat -RR

4 Wait for that command to complete, a new line will appear, now enter the following command. Shutdown – R


Disable netbios over tcpip.

Windows key & r at the same time.
Type or copy and paste ncpa.cpl hit enter.
Right click your connection hit properties.
Select internet protocol version 4 then properties.
Select Advanced, then Wins tab.
Put a tick next to Disable Net Bios over TCPIP.

Use DNS Jumper to set your dns to google dns.

http://www.sordum.org/7952/dns-jumper-v2-0/
Click to expand...
 
Last edited:
Paul Simoes said:
Can I remove the Tunnel adaptors even though IPV6 has not been disabled?
Click to expand...


Yes.

Paul Simoes said:
Also Reset Browser. Software not updated since Sept. 2015. OK to proceed?
Click to expand...

There is no need to have this software updated considering what it does, and it does a fine job of doing. :)

Paul Simoes said:
You recommend DNS Jumper but the software hasn't been updated since June 2015. I've used OpenDns in the past and they're software is updated regularly. Your thoughts?
Click to expand...


Yes, there is no need to have the tool updated, since it does what it does just fine. You could use this tool to change your dns in 2070 even if it is not updated from this point on.
 
Just use the link you just posted, and simply untick IPV6, a reboot is required to complete the task. I would not go digging in the registry.
 
OK, here is the SystemLook file ....

SystemLook 30.07.11 by jpshortstuff
Log created at 21:01 on 17/11/2016 by psimoes
Administrator - Elevation successful

========== filefind ==========

Searching for "*tljkva*"
No files found.

Searching for "*wayuia*"
No files found.

========== Regfind ==========

Searching for "tljkva"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TLJKVA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TLJKVA\0000]
"Service"="tljkva"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TLJKVA\0000]
"DeviceDesc"="tljkva"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TLJKVA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TLJKVA\0000]
"Service"="tljkva"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_TLJKVA\0000]
"DeviceDesc"="tljkva"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TLJKVA]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TLJKVA\0000]
"Service"="tljkva"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TLJKVA\0000]
"DeviceDesc"="tljkva"

Searching for "wayuia"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WAYUIA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WAYUIA\0000]
"Service"="wayuia"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_WAYUIA\0000]
"DeviceDesc"="wayuia"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WAYUIA]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WAYUIA\0000]
"Service"="wayuia"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_WAYUIA\0000]
"DeviceDesc"="wayuia"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WAYUIA]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WAYUIA\0000]
"Service"="wayuia"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_WAYUIA\0000]
"DeviceDesc"="wayuia"

-= EOF =-
 
Alright, we will remove those registry keys, but lets make sure nothing else needs to go with it before I make a fix with FRST for you.

ZHP Diag.


Download ZHP Diag to your desktop.


1. Right Click Run as Admin.
2. Click the Scanner button.

upload_2016-11-17_20-37-4.png


When complete please push the report button.
A notepad will open... copy and paste the report in your next reply.
 
Thanks for your quick responses.
Here's the ZHPDiag scan report ......

~ ZHPDiag v2016.11.16.220 By Nicolas Coolman (2016/11/16)
~ Run by psimoes (Administrator) (2016/11/17 22:13:27)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\psimoes\Desktop\ZHPDiag.txt
~ Report: C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows VISTA, 32-bit Service Pack 2 (Build 6002)

---\\ Internet Browsers (4) - 0s
~ GCIE: Google Chrome v49.0.2623.112
~ MFIE: Mozilla Firefox 50.0 (x86 en-US)
~ OPIE: Opera 36.0.2130.80
~ MSIE: Internet Explorer v8.0.6001.19600

---\\ Windows Product Information (4) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (3) - 12s
Malwarebytes Anti-Malware version 2.2.1.1043 =>.Software.Protection
Panda Devices Agent v1.08.00 =>.Software.Protection
Panda Free Antivirus v8.31.00 =>.Software.Protection

---\\ System protection software (Superfluous) (1) - 13s
Zemana AntiMalware v2.60.1 =>.Software.Superfluous

---\\ System optimization software (1) - 13s
CCleaner v5.24 =>.Software.Optimization

---\\ Surveillance software (2) - 13s
Adobe Flash Player 23 PPAPI =>.Software.Surveillance
Adobe Reader X =>.Software.Surveillance

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3142.876 MB (46% free)
System Restore: Activé (Enable)
System drive C: has 6 GB () free of 189 GB =>Alerte espace disque inférieur à 20 Go

---\\ Connection to the system mode (3) - 0s
~ Computer Name: PS-TOSHIBA
~ User Name: psimoes
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 6 GB free of 189 GB (System)
~ Drive D: has 95 GB free of 190 GB

---\\ State of the Windows Security Center (16) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] EnableShellExecuteHooks: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (23) - 5s
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - 11/04/2009 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2926592] =>.Microsoft Corporation
[MD5.4B555106290BD117334E9A08761C035A] - 02/11/2006 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - 20/01/2008 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [96768] =>.Microsoft Corporation
[MD5.0F4E2EB111B898DEF0211D6CFD4A3B0C] - 07/03/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [916992] =>.Microsoft Corporation
[MD5.898E7C06A350D4A1A64A9EA264D55452] - 11/04/2009 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [314368] =>.Microsoft Corporation
[MD5.85E861D0B88DB2B54ACB0839654C09F7] - 02/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [168448] =>.Microsoft Corporation
[MD5.4A0978779958D8FE8F5849F452BCC812] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [273408] =>.Microsoft Corporation
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - 11/04/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [19944] =>.Microsoft Windows®
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - 20/01/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70144] =>.Microsoft Corporation
[MD5.6B4BFFB9BECD728097024276430DB314] - 10/04/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [67072] =>.Microsoft Corporation
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - 14/04/2011 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [75264] =>.Microsoft Corporation
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - 10/04/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [561152] =>.Microsoft Corporation
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - 20/01/2008 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [54784] =>.Microsoft Corporation
[MD5.8793643A67B42CEC66490B2A0CF92D68] - 20/01/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [100864] =>.Microsoft Corporation
[MD5.1B864548B2ACEC1C0BB29B615CC42978] - 05/09/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [107008] =>.Microsoft Corporation
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - 10/04/2009 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [185856] =>.Microsoft Corporation
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - 03/03/2013 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1082232] =>.Microsoft Windows®
[MD5.0FA9B5055484649D63C303FE404E5F4D] - 02/11/2006 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - 20/01/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [76288] =>.Microsoft Corporation
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - 20/01/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [248832] =>.Microsoft Corporation
[MD5.7B75299A4D201D6A6533603D6914AB04] - 10/04/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [66560] =>.Microsoft Corporation
[MD5.EC565DFA3D9C45D8083B72DEC5B33710] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [72192] =>.Microsoft Corporation
[MD5.786DB5771F05EF300390399F626BF30A] - 21/08/2012 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [224640] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (28) - 4s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: AffinegyService (AffinegyService) . (.Affinegy, Inc. - BelkinService.) - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe {6A8B8367285B702071BD17F1C2DF68CD}
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems - Agere Soft Modem Call Progress Service.) - C:\Windows\System32\agrsmsvc.exe =>.Agere Systems
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
O23 - Service: (AppMgmt) . (...) - C:\Windows\System32\appmgmts.dll (.not file.)
O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\System32\Ati2evxx.exe =>.ATI Technologies Inc.
O23 - Service: Authentec memory manager service (Authentec memory manager) . (.AuthenTec Inc. - Fingerprint system initialization service.) - C:\Windows\System32\TAMSvr.exe =>.AuthenTec Inc.
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) - C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe =>.AOMEI Tech Co., Ltd.
O23 - Service: Belkin Local Backup Service (Belkin Local Backup Service) . (...) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
O23 - Service: Belkin Network USB Helper (Belkin Network USB Helper) . (...) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe =>.Intel Corporation
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Panda Protection Service (NanoServiceMain) . (.Panda Security, S.L. - Application Host Service.) - C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe =>.Panda Security S.L®
O23 - Service: Online Armor Helper Service (OAcat) . (.Emsisoft GmbH - Online Armor Component.) - C:\Program Files\Online Armor\OAcat.exe =>.Emsisoft GmbH®
O23 - Service: Panda Devices Agent (PandaAgent) . (.Panda Security, S.L. - Agent Service.) - C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe =>.Panda Security S.L®
O23 - Service: Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012 - PassThruSvr Application.) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: pinger (pinger) . (...) - C:\Toshiba\IVP\ISM\pinger.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
O23 - Service: Panda Product Service (PSUAService) . (.Panda Security, S.L. - PSUAService.) - C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe =>.Panda Security S.L®
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe =>.Intel Corporation
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: Online Armor (SvcOnlineArmor) . (.Emsisoft GmbH - Online Armor Component.) - C:\Program Files\Online Armor\OAsrv.exe =>.Emsisoft GmbH®
O23 - Service: Swupdtmr (Swupdtmr) . (...) - c:\Toshiba\IVP\swupdate\swupdtmr.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (...) - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe (.not file.)
O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (...) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (.not file.)
O23 - Service: TOSHIBA SMART Log Service (TOSHIBA SMART Log Service) . (...) - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe (.not file.)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe =>.Ulead Systems, Inc.
O23 - Service: ZAM Controller Service (ZAMSvc) . (.Zemana Ltd. - ZAM.) - C:\Program Files\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.®

---\\ Services not Microsoft (SR=Run, SS=Stop) (32) - 131s
SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [08/11/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [23/02/2012] [ 563104] AffinegyService (AffinegyService) . (.Affinegy, Inc..) - C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe {6A8B8367285B702071BD17F1C2DF68CD}
SR - Auto [05/10/2006] [ 9216] Agere Modem Call Progress Audio (AgereModemAudio) . (.Agere Systems.) - C:\Windows\System32\agrsmsvc.exe =>.Agere Systems
SS - Auto [22/09/2016] [ 67384] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.®
SR - Auto [30/01/2008] [ 643072] (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe =>.ATI Technologies Inc.
SR - Auto [15/10/2007] [ 49152] Authentec memory manager service (Authentec memory manager) . (.AuthenTec Inc..) - C:\Windows\System32\TAMSvr.exe =>.AuthenTec Inc.
SR - Auto [21/08/2014] [ 29912] AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd..) - C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe =>.AOMEI Tech Co., Ltd.
SR - Auto [19/04/2011] [ 152576] Belkin Local Backup Service (Belkin Local Backup Service) . (...) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
SR - Auto [09/02/2010] [ 49152] Belkin Network USB Helper (Belkin Network USB Helper) . (...) - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
SR - Auto [12/08/2015] [ 390416] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.®
SR - Auto [08/10/2007] [ 794624] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe =>.Intel Corporation
SS - Demand [02/07/2011] [ 34728] Gizmo Central (Gizmo Central) . (.Arainia Solutions.) - C:\Program Files\Gizmo\gservice.exe =>.Arainia Solutions, LLC®
SS - Demand [12/02/2008] [ 1862144] GoogleDesktopManager (GoogleDesktopManager) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe =>.Google
SS - Auto [28/08/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [28/08/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [21/08/2012] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc®
SS - Demand [14/11/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe =>.Macrovision Corporation
SS - Demand [05/11/2016] [ 172488] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [04/08/2016] [ 153096] Panda Protection Service (NanoServiceMain) . (.Panda Security, S.L..) - C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe =>.Panda Security S.L®
SR - Auto [15/10/2013] [ 584864] Online Armor Helper Service (OAcat) . (.Emsisoft GmbH.) - C:\Program Files\Online Armor\OAcat.exe =>.Emsisoft GmbH®
SR - Auto [19/07/2016] [ 86104] Panda Devices Agent (PandaAgent) . (.Panda Security, S.L..) - C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe =>.Panda Security S.L®
SR - Auto [17/10/2013] [ 166912] Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012.) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
SR - Auto [25/01/2007] [ 136816] pinger (pinger) . (...) - C:\Toshiba\IVP\ISM\pinger.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
SR - Auto [04/08/2016] [ 48584] Panda Product Service (PSUAService) . (.Panda Security, S.L..) - C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe =>.Panda Security S.L®
SR - Auto [08/10/2007] [ 483328] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe =>.Intel Corporation
SS - Demand [08/06/2011] [ 633856] ServiceLayer (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe =>.Nokia
SS - Auto [20/09/2016] [ 324224] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SS - Auto [20/09/2016] [ 324224] Online Armor (SvcOnlineArmor) . (.Emsisoft GmbH.) - C:\Program Files\Online Armor\OAsrv.exe =>.Emsisoft GmbH®
SR - Auto [20/09/2016] [ 324224] Swupdtmr (Swupdtmr) . (...) - c:\Toshiba\IVP\swupdate\swupdtmr.exe =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
SR - Auto [20/09/2016] [ 324224] Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe =>.Ulead Systems, Inc.
SR - Auto [20/09/2016] [ 324224] ZAM Controller Service (ZAMSvc) . (.Zemana Ltd..) - C:\Program Files\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.®

---\\ Task Planned Automatically (18) - 5s
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [324224]
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [324224]
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [324224]
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core.job [324224]
O39 - APT: Unknown - (...) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA.job [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\CrystalDiskInfo [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000Core [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3399307451-3074549587-1771456082-1000UA [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1382066025 [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\PCMAgent.exe_1826580705 [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1458652480 [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\{C074CB77-8752-4695-819D-DF00F7AAE9A6} [324224]
O39 - APT: Unknown - (...) -- C:\Windows\System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} [324224]

---\\ Auto loading programs from Registry and folders (6) - 0s
O4 - HKLM\..\Run: [FingerPrintNotifer] . (.AuthenTec, Inc - Fingerprint Suite Notifier Application.) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe
O4 - HKLM\..\Run: [PwdBank] . (.Arachnoid Biometrics Identification Group - .) -- C:\Program Files\TrueSuite Access Manager\PwdBank.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] . (.Emsisoft GmbH - Online Armor Component.) -- C:\Program Files\Online Armor\OAui.exe =>.Emsisoft GmbH®
O4 - HKLM\..\Run: [PSUAMain] . (.Panda Security, S.L. - AV Console.) -- C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe =>.Panda Security S.L®
O4 - HKCU\..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) -- C:\Users\psimoes\AppData\Roaming\mjusbsp\cdloader2.exe =>.magicJack, L.P.®
O4 - HKUS\S-1-5-21-3399307451-3074549587-1771456082-1000\..\Run: [cdloader] . (.magicJack L.P. - magicJack (cdloader2).) -- C:\Users\psimoes\AppData\Roaming\mjusbsp\cdloader2.exe =>.magicJack, L.P.®

---\\ Process running (29) - 3s
[MD5.530FE40A1420E7E3992DDB58AF12B8B9] - (.AuthenTec Inc. - Fingerprint system initialization service.) -- C:\Windows\System32\TAMSvr.exe [49152] [PID.1040] =>.AuthenTec Inc.
[MD5.26757A5A06C37EF44BE544EB7E98D9D3] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\System32\Ati2evxx.exe [643072] [PID.1104] =>.ATI Technologies Inc.
[MD5.26757A5A06C37EF44BE544EB7E98D9D3] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\System32\Ati2evxx.exe [643072] [PID.1584] =>.ATI Technologies Inc.
[MD5.C1342DDE1D9D33B670DC91F146AFEBAA] - (.Emsisoft GmbH - Online Armor Component.) -- C:\Program Files\Online Armor\OAcat.exe [584864] [PID.1668] =>.Emsisoft GmbH®
[MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2388] =>.Adobe Systems, Incorporated®
[MD5.91637684AFBC847A563654C9B39A642C] - (.Affinegy, Inc. - BelkinService.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe [563104] [PID.2436] {6A8B8367285B702071BD17F1C2DF68CD}
[MD5.39E435C90C9C4F780FA0ED05CA3C3A1B] - (.Agere Systems - Agere Soft Modem Call Progress Service.) -- C:\Windows\System32\agrsmsvc.exe [9216] [PID.2492] =>.Agere Systems
[MD5.FB6F64FA0C5A2EF8179AEC0C13FA1E3F] - (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) -- C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe [29912] [PID.2684] =>.AOMEI Tech Co., Ltd.
[MD5.B899B0945A36FC8DEC8E1B0006B43DB4] - (...) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [152576] [PID.2732]
[MD5.E23AF2900A4E3CA7FF22F1C80A013305] - (...) -- C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [49152] [PID.2768]
[MD5.5EA9C80F18CBC393EA7D9A2991DED4B5] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390416] [PID.2812] =>.Apple Inc.®
[MD5.F10E7AA8BDF4488E3DFA989B8E7F7C9F] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [794624] [PID.3136] =>.Intel Corporation
[MD5.984A6039BC06C2857599AF2CF8A40AD8] - (.Panda Security, S.L. - Application Host Service.) -- C:\Program Files\Panda Security\Panda Security Protection\PSANHost.exe [153096] [PID.3396] =>.Panda Security S.L®
[MD5.823079C4FF6CE5AB1C61A332FFA8918E] - (.Panda Security, S.L. - Agent Service.) -- C:\Program Files\Panda Security\Panda Devices Agent\AgentSvc.exe [86104] [PID.3508] =>.Panda Security S.L®
[MD5.446462BBA744DA60379574926FD51EAB] - (.Copyright (C) 2012 - PassThruSvr Application.) -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912] [PID.3592]
[MD5.6DBF2AC2BDAFF355995AB25ECCC4CFE1] - (...) -- C:\Toshiba\IVP\ISM\pinger.exe [136816] [PID.3656] =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
[MD5.D6BB4A20AED4C85645494C1B0C2D1472] - (.Panda Security, S.L. - PSUAService.) -- C:\Program Files\Panda Security\Panda Security Protection\PSUAService.exe [48584] [PID.3740] =>.Panda Security S.L®
[MD5.7274BD434B6165BAA382BDD87F6CA4CE] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [483328] [PID.3804] =>.Intel Corporation
[MD5.E1292C1ED4DEB17B8A9B586D22CB2061] - (...) -- c:\Toshiba\IVP\swupdate\swupdtmr.exe [66928] [PID.4004] =>.TOSHIBA AMERICA INFORMATION SYSTEMS, INC.®
[MD5.332D341D92B933600D41953B08360DFB] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.1504] =>.Ulead Systems, Inc.
[MD5.FB01D4AE207B9EFDBABFC55DC95C7E31] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536] [PID.2696] =>.Microsoft Corporation®
[MD5.C649F293B8B047A2694F3C615D09BF17] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [193920] [PID.2900] =>.Microsoft Corporation®
[MD5.ADE093D9F6D3FE36B0A0F66F0EC84598] - (.Zemana Ltd. - ZAM.) -- C:\Program Files\Zemana AntiMalware\ZAM.exe [13900016] [PID.3652] =>.Zemana Ltd.®
[MD5.661AA917612243229CE7AEF66FDBF81E] - (.AuthenTec, Inc - Fingerprint Suite Notifier Application.) -- C:\Program Files\TrueSuite Access Manager\FpNotifier.exe [671744] [PID.2228]
[MD5.7961110EA15F869E1DAA820D335A9C35] - (.Arachnoid Biometrics Identification Group - .) -- C:\Program Files\TrueSuite Access Manager\PwdBank.exe [3150848] [PID.5076]
[MD5.8C9E624E902A40A8FCDEB35D676455BC] - (.Panda Security, S.L. - AV Console.) -- C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe [109824] [PID.5588] =>.Panda Security S.L®
[MD5.BA6FEF846B9633C21149D3D8CE67BAA4] - (.Arachnoid Biometrics Identification Group Corp. - .) -- C:\Program Files\TrueSuite Access Manager\CssSvr.exe [163840] [PID.5108] =>.Arachnoid Biometrics Identification Group Corp.
[MD5.CB64D7154D984DE902C85E4E02B80215] - (.Crystal Dew World - CrystalDiskInfo.) -- C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_2\DiskInfo.exe [2385016] [PID.6032] =>.Noriyuki MIYAZAKI®
[MD5.545706A0FA9B65DF1F5E5F3E2ED50184] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\psimoes\Desktop\ZHPDiag3.exe [2455040] [PID.5424] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (35) - 2s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients4.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pchelpforum.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.ca =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [beobeededemalmllhkmnkinmfembdimh] __MSG_tv_name__
G2 - GCE: Preference [User Data\Default] [bepbmhgboaologfdajaanbcjmnhjmhfn] Google Voice Search Hotword (Beta)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [clljlcapeomdokpgadmegpabakieebci] Thesaurus.com - Synonyms and Antonyms
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dadgddaepklpemjojmnhgdjmmkmefihe] Learn Italian - Molto Bene
G2 - GCE: Preference [User Data\Default] [egfjlnahigndmbebpdhnnkcfnahhhglp] Trading Dashboard to Fructify your Money
G2 - GCE: Preference [User Data\Default] [ehmnelfmlmpladgddfgghoaigjhfkhdj] Zoho Invoice and Time Tracking
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gmbmikajjgmnabiglmofipeabaddhgne] __MSG_CHROME_EXTENSION_NAME__
G2 - GCE: Preference [User Data\Default] [hihbikoooaenkpdooehgemieligjejcb] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [iaichpenkdlohcjgagagapnegbjmfnfh] Learn Portuguese - Tudo Bem
G2 - GCE: Preference [User Data\Default] [kajibbejlbohfaggdiogboambcijhkke] __MSG_ext_name__
G2 - GCE: Preference [User Data\Default] [mdanidgdpmkimeiiojknlnekblgmpdll] Boomerang for Gmail
G2 - GCE: Preference [User Data\Default] [meddmiakkfjlledfhjljjjdebajikafa] Vend
G2 - GCE: Preference [User Data\Default] [ndnaehgpjlnokgebbaldlmgkapkpjkkb] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nnbmlagghjjcbdhgmkedmbmedengocbn] __MSG_ext_name__
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pmcdjmebmeoobmdghjbjhbifoocbcmaj] Learn Spanish - Qué Onda
G2 - GCE: Preference [User Data\Default] [pnnfemgpilpdaojpnkjdgfgbnnjojfik] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (4) - 2s
P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated®
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\QuickTimePlugin.class
P2 - EXT: (...) -- C:\Users\psimoes\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_23_0_0_207.dll =>.Adobe Systems Incorporated

---\\ Opera, Plugins,Start,Search (1) - 0s
B0 - SPO: C:\Users\psimoes\AppData\Roaming\Opera\Opera\operaprefs.ini [psimoes] https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http://mail.google.com/mail/?hl=en-GB&ui=html&zy=l&bsv=llya694le36z&scc=1&ltmpl=default&ltmplcache=2&hl=en-GB

---\\ Internet Explorer Extensions, Start, Search (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ =>.Microsoft Corporation
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer, Proxy Management (6) - 0s
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (1)

---\\ Browser Helper Object (BHO) (2) - 0s
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation®

---\\ Global shortcuts Startup (195) - 24s
O4 - GS\Desktop [Administrator]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [Administrator]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [Administrator]: Downloads - Shortcut.lnk . (...) C:\Users\psimoes\Downloads
O4 - GS\Desktop [Administrator]: Edu - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [Administrator]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [Administrator]: Ideal DVD Copy.lnk . (...) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [Administrator]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Learned_optimism_how_to_change your mind and your life.pdf
O4 - GS\Desktop [Administrator]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [Administrator]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [Administrator]: MMFX Webinars - Shortcut.lnk . (...) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [Administrator]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [Administrator]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [Administrator]: PC_Info - Shortcut.lnk . (...) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Administrator]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamViewer.exe =>.TeamViewer®
O4 - GS\Desktop [Administrator]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\Rosetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [Administrator]: Videos - Shortcut.lnk . (...) C:\Users\psimoes\Videos
O4 - GS\Desktop [Administrator]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Microsoft Office Picture Manager.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [Administrator]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [Administrator]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [Administrator]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Administrator]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Programs [Administrator]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [Administrator]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [Administrator]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Desktop [Guest]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [Guest]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [Guest]: Downloads - Shortcut.lnk . (...) C:\Users\psimoes\Downloads
O4 - GS\Desktop [Guest]: Edu - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [Guest]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [Guest]: Ideal DVD Copy.lnk . (...) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [Guest]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Learned_optimism_how_to_change your mind and your life.pdf
O4 - GS\Desktop [Guest]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [Guest]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [Guest]: MMFX Webinars - Shortcut.lnk . (...) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [Guest]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [Guest]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [Guest]: PC_Info - Shortcut.lnk . (...) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [Guest]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamViewer.exe =>.TeamViewer®
O4 - GS\Desktop [Guest]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\Rosetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [Guest]: Videos - Shortcut.lnk . (...) C:\Users\psimoes\Videos
O4 - GS\Desktop [Guest]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Microsoft Office Picture Manager.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [Guest]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [Guest]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [Guest]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Guest]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Programs [Guest]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [Guest]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [Guest]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Desktop [psimoes]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [psimoes]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [psimoes]: Downloads - Shortcut.lnk . (...) C:\Users\psimoes\Downloads
O4 - GS\Desktop [psimoes]: Edu - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [psimoes]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [psimoes]: Ideal DVD Copy.lnk . (...) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [psimoes]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Learned_optimism_how_to_change your mind and your life.pdf
O4 - GS\Desktop [psimoes]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [psimoes]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [psimoes]: MMFX Webinars - Shortcut.lnk . (...) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [psimoes]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [psimoes]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [psimoes]: PC_Info - Shortcut.lnk . (...) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [psimoes]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [psimoes]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamViewer.exe =>.TeamViewer®
O4 - GS\Desktop [psimoes]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\Rosetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [psimoes]: Videos - Shortcut.lnk . (...) C:\Users\psimoes\Videos
O4 - GS\Desktop [psimoes]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [psimoes]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [psimoes]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [psimoes]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [psimoes]: Microsoft Office Picture Manager.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [psimoes]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [psimoes]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [psimoes]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [psimoes]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [psimoes]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [psimoes]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [psimoes]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [psimoes]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Programs [psimoes]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [psimoes]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [psimoes]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Desktop [torrents]: Belkin Router Monitor.lnk . (.Affinegy, Inc. - .) C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe {6A8B8367285B702071BD17F1C2DF68CD}
O4 - GS\Desktop [torrents]: DiskInfo - Shortcut.lnk . (.Crystal Dew World - CrystalDiskInfo.) C:\Users\psimoes\Desktop\AntiV\CrystalDiskInfo6_2_2\DiskInfo.exe =>.Noriyuki MIYAZAKI®
O4 - GS\Desktop [torrents]: Downloads - Shortcut.lnk . (...) C:\Users\psimoes\Downloads
O4 - GS\Desktop [torrents]: Edu - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu
O4 - GS\Desktop [torrents]: Getting Things Done - The Art Of Stress-Free Productivity - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Getting Things Done - The Art Of Stress-Free Productivity.pdf
O4 - GS\Desktop [torrents]: Ideal DVD Copy.lnk . (...) C:\Program Files\IdealDVDCopy\IdealDVDCopy.exe
O4 - GS\Desktop [torrents]: Learned_optimism_how_to_change your mind and your life - Shortcut.lnk . (...) C:\Users\psimoes\Documents\Edu\Learned_optimism_how_to_change your mind and your life.pdf
O4 - GS\Desktop [torrents]: Logitech Unifying Software.lnk . (.Logitech, Inc. - Unifying Software (UNICODE).) C:\Program Files\Common Files\Logishrd\Unifying\DJCUHost.exe =>.Logitech®
O4 - GS\Desktop [torrents]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Desktop [torrents]: MMFX Webinars - Shortcut.lnk . (...) D:\Securities\Forex\Mauro, Steve - Mkt Makers Method\MMFX Webinars
O4 - GS\Desktop [torrents]: MSASCui - Shortcut.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\Desktop [torrents]: Online Armor.lnk . (.Emsisoft GmbH - Online Armor Component.) C:\Program Files\Online Armor\oaui.exe =>.Emsisoft GmbH®
O4 - GS\Desktop [torrents]: PC_Info - Shortcut.lnk . (...) C:\Users\psimoes\Documents\1PS Docs\PC_Info
O4 - GS\Desktop [torrents]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Desktop [torrents]: TeamViewer - Shortcut.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Users\psimoes\Desktop\TeamViewerPortable\TeamViewer.exe =>.TeamViewer®
O4 - GS\Desktop [torrents]: TheRosettaStone - Shortcut.lnk . (.Macromedia, Inc. - Macromedia Projector.) C:\Users\psimoes\Documents\Edu\Languages\Spanish\Rosetta Stone\The Rosetta Stone Program\TheRosettaStone.exe =>.Macromedia, Inc.
O4 - GS\Desktop [torrents]: Videos - Shortcut.lnk . (...) C:\Users\psimoes\Videos
O4 - GS\Desktop [torrents]: ZHPCleaner.lnk . (.Nicolas Coolman - ZHPCleane.) C:\Users\psimoes\ZHPCleaner.exe =>.Nicolas Coolman
O4 - GS\Desktop [torrents]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\psimoes\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [torrents]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [torrents]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [torrents]: Microsoft Office Picture Manager.lnk . (...) C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe =>.Microsoft Corporation®
O4 - GS\Quicklaunch [torrents]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Quicklaunch [torrents]: Opera 22.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Quicklaunch [torrents]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\Quicklaunch [torrents]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Quicklaunch [torrents]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\sendTo [torrents]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe /sendto: =>.Skype Software Sarl®
O4 - GS\Programs [torrents]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [torrents]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Programs [torrents]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [torrents]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [torrents]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\CommonDesktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated®
O4 - GS\CommonDesktop [Public]: AOMEI Backupper Standard Edition 2.0.2.lnk . (.AOMEI Tech Co., Ltd. - AOMEI Backupper.) C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\Backupper.exe =>.AOMEI Tech Co., Ltd.
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Gizmo.lnk . (.Arainia Solutions - Gizmo Central.) C:\Program Files\Gizmo\gizmo.exe =>.Arainia Solutions, LLC®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: ImgBurn.lnk . (.LIGHTNING UK! - ImgBurn - The Ultimate Image Burner!.) C:\Program Files\ImgBurn\ImgBurn.exe =>.LIGHTNING UK!
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Network Recording Player.lnk . (.Cisco WebEx LLC - NBR Player Execute Module.) C:\ProgramData\WebEx\WebEx\500\nbrplay.exe =>.Cisco WebEx LLC®
O4 - GS\CommonDesktop [Public]: Panda Free Antivirus.lnk . (.Panda Security, S.L. - AV Console.) C:\Program Files\Panda Security\Panda Security Protection\PSUAMain.exe =>.Panda Security S.L®
O4 - GS\CommonDesktop [Public]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files\Google\Picasa3\Picasa3.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe =>.VS Revo Group®
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: Snagit 11 Editor.lnk . (.TechSmith Corporation - Snagit Editor.) C:\Program Files\TechSmith\Snagit 11\SnagitEditor.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: Snagit 11.lnk . (.TechSmith Corporation - Snagit.) C:\Program Files\TechSmith\Snagit 11\Snagit32.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: User's Guide.lnk . (...) C:\docs\userguide.pdf
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) C:\Program Files\VideoLAN\VLC\vlc.exe =>.VideoLAN®
O4 - GS\CommonDesktop [Public]: Zemana AntiMalware.lnk . (.Zemana Ltd. - ZAM.) C:\Program Files\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.®
O4 - GS\Programs [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O4 - GS\Programs [Public]: magicJack.lnk . (.magicJack L.P. - magicJack Loader Component.) C:\Users\psimoes\AppData\Roaming\mjusbsp\magicJackLoader.exe =>.magicJack, L.P.®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (.Mozilla Corporation - Tor Browser.) C:\Users\psimoes\Desktop\Tor Browser\Browser\firefox.exe =>.Mozilla Corporation
O4 - GS\Programs [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\Programs [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Notepad.lnk . (.Microsoft Corporation - Notepad.) C:\Windows\System32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) C:\Program Files\Internet Explorer\iexplore.exe -extoff =>.Microsoft Corporation®
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) C:\Windows\System32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) C:\Windows\System32\mblctr.exe /open =>.Microsoft Corporation
O4 - GS\Accessories [Public]: NetworkProjection.lnk . (.Microsoft Corporation - Connect to a Network Projector.) C:\Windows\System32\NetProj.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) C:\Windows\System32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) C:\Windows\System32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Sidebar.) C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) C:\Windows\System32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) C:\Windows\System32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Windows Control Panel.) C:\Windows\System32\control.exe /name Microsoft.WelcomeCenter =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) C:\Program Files\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Backup.lnk . (.Microsoft Corporation - Microsoft® Windows Backup.) C:\Windows\System32\sdclt.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) C:\Windows\System32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) C:\Windows\System32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) C:\Windows\System32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: migwiz.lnk . (.Microsoft Corporation - Windows Easy Transfer.) C:\Windows\System32\migwiz\migwiz.exe =>.Microsoft Windows®
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) C:\Windows\System32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) C:\Windows\System32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\System32\taskschd.msc /s
O4 - GS\ProgramsCommon [Public]: Acrobat.com.lnk . (...) C:\Program Files\Adobe\Acrobat.com\Acrobat.com.exe
O4 - GS\ProgramsCommon [Public]: Adobe Reader X.lnk . (...) C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\ProgramsCommon [Public]: Apple Software Update.lnk . (...) C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\AppleSoftwareUpdateIco.exe
O4 - GS\ProgramsCommon [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\ProgramsCommon [Public]: ImgBurn.lnk . (.LIGHTNING UK! - ImgBurn - The Ultimate Image Burner!.) C:\Program Files\ImgBurn\ImgBurn.exe =>.LIGHTNING UK!
O4 - GS\ProgramsCommon [Public]: Media Center.lnk . (.Microsoft Corporation - Media Center.) C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\ProgramsCommon [Public]: Opera 36.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\ProgramsCommon [Public]: Windows Calendar.lnk . (.Microsoft Corporation - Windows Calendar.) C:\Program Files\Windows Calendar\WinCal.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Contacts.lnk . (.Microsoft Corporation - Windows Contacts.) C:\Program Files\Windows Mail\wab.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Defender.lnk . (.Microsoft Corporation - Windows Defender User Interface.) C:\Program Files\Windows Defender\MSASCui.exe =>.Microsoft Windows®
O4 - GS\ProgramsCommon [Public]: Windows DVD Maker.lnk . (.Microsoft Corporation - Windows DVD Maker.) C:\Program Files\Movie Maker\DVDMaker.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) C:\Program Files\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) C:\Program Files\Windows Live\Messenger\msnmsgr.exe =>.Microsoft Corporation®
O4 - GS\ProgramsCommon [Public]: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) C:\Program Files\Movie Maker\MOVIEMK.exe =>.Microsoft Corporation
O4 - GS\ProgramsCommon [Public]: Windows Photo Gallery.lnk . (.Microsoft Corporation - Windows Photo Gallery.) C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe =>.Microsoft Corporation

---\\ Lop.com/Domain Hijackers (6) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = Belkin
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}: NameServer = 8.8.8.8,8.8.4.4,192.168.2.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}: DhcpNameServer = 192.168.2.1 =>.Local IP Adress
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D540E3C-1399-47A6-BADF-78CB0BFC08EB}: DhcpDomain = Belkin
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B2222F8-C9A7-46A7-97F5-F8C4C87BF2CD}: DhcpDomain = Belkin

---\\ Extra protocols (28) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll =>.Microsoft Corporation®
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll =>.Microsoft Corporation®
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (141) - 41s
O42 - Logiciel: 7-Zip 4.65 - (...) [HKLM] -- 7-Zip
O42 - Logiciel: 7-Zip 9.20 - (.Igor Pavlov.) [HKLM] -- {23170F69-40C1-2701-0920-000001000000} =>.Igor Pavlov
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {77DCDCE3-2DED-62F3-8154-05E745472D07} =>.Adobe Systems Incorporated
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {BBEC10F9-AC15-41EE-A271-0B1077F53740} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 23 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 23 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 23 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader X (10.1.16) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated
O42 - Logiciel: Aiseesoft Blu-ray Ripper - (...) [HKLM] -- Aiseesoft Blu-ray Ripper_is1
O42 - Logiciel: Aiseesoft Streaming Video Recorder - (...) [HKLM] -- Aiseesoft Streaming Video Recorder_is1
O42 - Logiciel: AOMEI Backupper Standard Edition 2.0.2 - (.AOMEI Technology Co., Ltd..) [HKLM] -- {A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1 =>.AOMEI Technology Co., Ltd.
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {D9F3D66A-9885-4DDD-A800-9DDF488359A1} =>.Apple Inc.
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {56EC47AA-5813-4FF6-8E75-544026FBEA83} =>.Apple Inc.
O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {53BB9294-6E76-4853-4130-1CD0A01EAE45} =>.ATI Technologies, Inc.
O42 - Logiciel: Belkin Setup and Router Monitor - (...) [HKLM] -- Belkin Setup and Router Monitor_is1
O42 - Logiciel: Belkin USB Print and Storage Center - (.Belkin International, Inc..) [HKLM] -- Belkin USB Print and Storage Center =>.Belkin International, Inc.
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} =>.Toshiba Corporation
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {D168AAD0-6686-47C1-B599-CDD4888B9D1A} =>.Apple Inc.
O42 - Logiciel: Camera Assistant Software for Toshiba - (.Chicony Electronics Co.,Ltd..) [HKLM] -- {37C866E4-AA67-4725-9E95-A39968DD7960} =>.Macrovision Corporation®
O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {D58A1E94-9EEA-4C6E-B9FB-D7C63DC6C941} =>.ATI
O42 - Logiciel: Catalyst Control Center Core Implementation - (.ATI.) [HKLM] -- {91B067A5-89C8-3C29-57EE-597034D56D42} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Full Existing - (.ATI.) [HKLM] -- {44AB916C-E8AE-3A81-269A-2A55C4802C7A} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Full New - (.ATI.) [HKLM] -- {1D88A6A6-C2C6-3E2F-DDB6-A635090141B0} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Light - (.ATI.) [HKLM] -- {507DB37B-FFE7-429E-FF1B-D46F3BB0FE96} =>.ATI
O42 - Logiciel: Catalyst Control Center Graphics Previews Vista - (.ATI.) [HKLM] -- {CB685FA8-9C7A-73F5-3BBF-38B8F63A1C48} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Chinese Standard - (.ATI.) [HKLM] -- {C19D5636-D868-57D1-A36E-EF1056E9813C} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Chinese Traditional - (.ATI.) [HKLM] -- {09527978-C15B-6AF8-5582-C9784F8F3B69} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Dutch - (.ATI.) [HKLM] -- {EFD48405-94CC-71B6-A915-5B0121C6C7E3} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization French - (.ATI.) [HKLM] -- {DECF4937-8E72-5723-E82E-74A566F73197} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization German - (.ATI.) [HKLM] -- {9607BEEE-ED89-FE20-C992-AF3DC46EBEB5} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Italian - (.ATI.) [HKLM] -- {54E1A977-FC97-AAAB-A3C2-CA8ED6545951} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Japanese - (.ATI.) [HKLM] -- {0AB16A24-2465-0F1A-C12E-BFAB6F612191} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Korean - (.ATI.) [HKLM] -- {48284361-3F81-8AD3-0630-72AEDB614936} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Portuguese - (.ATI.) [HKLM] -- {16E42331-56E6-53BC-428C-6E2020E58025} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Spanish - (.ATI.) [HKLM] -- {25F83D04-6D32-5AAD-C057-AEA7B8C746E3} =>.ATI
O42 - Logiciel: Catalyst Control Center Localization Swedish - (.ATI.) [HKLM] -- {0A6A6F94-7EFC-2FEA-CC70-FB6A22188F88} =>.ATI
O42 - Logiciel: ccc-core-static - (.ATI.) [HKLM] -- {AF8B7B36-0427-22DD-8005-07869A67CE20} =>.ATI
O42 - Logiciel: ccc-utility - (.ATI.) [HKLM] -- {1B8FAB81-0811-FAE4-A77C-33683B43A9D8} =>.ATI
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cisco WebEx Meetings - (.Cisco WebEx LLC.) [HKLM] -- ActiveTouchMeetingClient =>.Cisco WebEx LLC®
O42 - Logiciel: Citrix Online Launcher - (.Citrix.) [HKLM] -- {678753E6-E526-4AE5-A144-00240772543A} =>.Citrix
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Cover Commander 3.0 by Insofta Development - (.Insofta Development.) [HKLM] -- Cover Commander
O42 - Logiciel: CyberLink PowerCinema for TOSHIBA - (.CyberLink Corp..) [HKLM] -- {2637C347-9DAD-11D6-9EA2-00055D0CA761} =>.CyberLink Corp.
O42 - Logiciel: CyberLink PowerCinema for TOSHIBA - (.CyberLink Corp..) [HKLM] -- InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761} =>.CyberLink®
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft
O42 - Logiciel: DVD MovieFactory for TOSHIBA - (.Ulead Systems, Inc..) [HKLM] -- {F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485} =>.Ulead Systems, Inc.
O42 - Logiciel: FileASSASSIN - (.Malwarebytes.) [HKLM] -- FileASSASSIN =>.Malwarebytes
O42 - Logiciel: Folder Lock - (.New Sofware.net Inc..) [HKCU] -- FolderLock6
O42 - Logiciel: FXCM Trading Station - (.FXCM.) [HKLM] -- {494367EC-82A9-4C0D-A788-74A967998E8C} =>.FXCM
O42 - Logiciel: GearDrvs - (.Symantec Corporation.) [HKLM] -- {206FD69B-F9FE-4164-81BD-D52552BC9C23} =>.Symantec Corporation
O42 - Logiciel: Gizmo Central - (.Arainia Solutions, LLC.) [HKLM] -- Gizmo Central =>.Arainia Solutions, LLC®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop =>.Google Inc.®
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM] -- {F9B579C2-D854-300A-BE62-A09EB9D722E4} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
O42 - Logiciel: GoToMeeting 7.16.0.4800 - (.CitrixOnline.) [HKCU] -- GoToMeeting =>.Citrix Online®
O42 - Logiciel: HTC BMP USB Driver - (.HTC.) [HKLM] -- {31A559C1-9E4D-423B-9DD3-34A6C5398752} =>.HTC
O42 - Logiciel: HTC Driver Installer - (.HTC Corporation.) [HKLM] -- {6D6664A9-3342-4948-9B7E-034EFE366F0F} =>.HTC Corporation
O42 - Logiciel: Ideal DVD Copy V4.1.2 - (.Ideal DVD Software, Inc..) [HKLM] -- Ideal DVD Copy_is1
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM] -- ImgBurn =>.LIGHTNING UK!
O42 - Logiciel: Intel(R) PROSet/Wireless Software - (.Intel Corporation.) [HKLM] -- ProInst =>.Intel Corporation - Mobile Wireless Group®
O42 - Logiciel: Intel® Matrix Storage Manager - (...) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} =>.Intel Corporation®
O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} =>.Microsoft Corporation
O42 - Logiciel: Logitech Unifying Software 2.50 - (.Logitech.) [HKLM] -- Logitech Unifying =>.Logitech
O42 - Logiciel: magicJack - (.magicJack L.P..) [HKCU] -- magicJack =>.magicJack, L.P.®
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: mCorev32.ism_new - (.Intel Corporation.) [HKLM] -- {A945BD16-4774-4A1F-96A7-118BEC004881} =>.Intel Corporation
O42 - Logiciel: mCPlug - (.Intel Corporation.) [HKLM] -- {F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F} =>.Intel Corporation
O42 - Logiciel: mHelp - (.Intel.) [HKLM] -- {8C6BB412-D3A8-4AAE-A01B-35B681789D68} =>.Intel
O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM] -- {95120000-00B9-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {15BC8CD0-A65B-47D0-A2DD-90A824590FA8} =>.Microsoft Corporation
O42 - Logiciel: Microsoft XML Parser - (.Microsoft Corporation.) [HKLM] -- {B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE} =>.Microsoft Corporation
O42 - Logiciel: mMHouse - (.Intel Corporation.) [HKLM] -- {F0BFC7EF-9CF8-44EE-91B0-158884CD87C5} =>.Intel Corporation
O42 - Logiciel: Mozilla Firefox 50.0 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 50.0 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: mPfMgr - (.Intel Corporation.) [HKLM] -- {8B928BA1-EDEC-4227-A2DA-DD83026C36F5} =>.Intel Corporation
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D} =>.Nokia
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft
O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser - (.Microsoft Corporation.) [HKLM] -- {196467F1-C11F-4F76-858B-5812ADC83B94} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2721691) - (.Microsoft Corporation.) [HKLM] -- {355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} =>.Microsoft Corporation
O42 - Logiciel: Network Recording Player - (.Cisco WebEx LLC.) [HKLM] -- {FDA24BB0-8462-4356-B30E-C74FDC25C6DF} =>.Cisco WebEx LLC
O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {2D99A593-C841-43A7-B7C9-D6F3AE70B756} =>.Nokia
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- {D0D14551-3A2D-433B-861F-F4DCE5422759} =>.Nokia
O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite =>.Nokia®
O42 - Logiciel: Online Armor 6.0 - (.Emsisoft GmbH.) [HKLM] -- OnlineArmor_is1 =>.Emsisoft GmbH®
O42 - Logiciel: Opera Stable 36.0.2130.80 - (.Opera Software.) [HKLM] -- Opera 36.0.2130.80 =>.Opera Software ASA®
O42 - Logiciel: Panda Devices Agent - (.Panda Security.) [HKLM] -- {3F9548B2-0B34-4453-A92E-35056B053F19} =>.Panda Security
O42 - Logiciel: Panda Devices Agent - (.Panda Security.) [HKLM] -- Panda Devices Agent =>.Panda Security
O42 - Logiciel: Panda Free Antivirus - (.Panda Security.) [HKLM] -- {62692A64-8661-4040-AC6C-F24E48393E20} =>.Panda Security
O42 - Logiciel: Panda Free Antivirus - (.Panda Security.) [HKLM] -- Panda Universal Agent Endpoint =>.Panda Security S.L®
O42 - Logiciel: Panda Safe Web - (.Panda Security and Visicom Media Inc..) [HKLM] -- pandasecuritytb
O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {C373F7C4-05D2-4047-96D1-6AF30661C6AA} =>.Nokia
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3 =>.Google, Inc.
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} =>Riskware.QuickTime
O42 - Logiciel: Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Window - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Macrovision Corporation®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.
O42 - Logiciel: Revo Uninstaller 2.0.1 - (.VS Revo Group, Ltd..) [HKLM] -- {A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1 =>.VS Revo Group, Ltd.
O42 - Logiciel: RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 - (...) [HKLM] -- {59F6A514-9813-47A3-948C-8A155460CC2A}
O42 - Logiciel: Security Update for Windows Media Encoder (KB2447961) - (.Microsoft Corporation.) [HKLM] -- KB2447961 =>.Microsoft Corporation
O42 - Logiciel: Security Update for Windows Media Encoder (KB954156) - (.Microsoft Corporation.) [HKLM] -- KB954156 =>.Microsoft Corporation
O42 - Logiciel: Security Update for Windows Media Encoder (KB979332) - (.Microsoft Corporation.) [HKLM] -- KB979332 =>.Microsoft Corporation
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} =>.Microsoft Corp
O42 - Logiciel: Skins - (.ATI.) [HKLM] -- {F06B8809-3C26-E6A0-3D80-084331666B73} =>.ATI
O42 - Logiciel: Skype™ 7.29 - (.Skype Technologies S.A..) [HKLM] -- {FC965A47-4839-40CA-B618-18F486F042C6} =>.Skype Technologies S.A.
O42 - Logiciel: Snagit 11 - (.TechSmith Corporation.) [HKLM] -- {A56C6348-59D0-433B-A48A-75914858664E} =>.TechSmith Corporation
O42 - Logiciel: SnagIt 9 - (.TechSmith Corporation.) [HKLM] -- {59991D18-A988-45AB-B1BF-5ADE6E64CD3F} =>.TechSmith Corporation
O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004} =>.Adobe Systems Incorporated
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey =>.Synaptics
O42 - Logiciel: TOSHIBA Software Upgrades - (.TOSHIBA.) [HKLM] -- {425A2BC2-AA64-4107-9C29-484245BBEA05} =>.TOSHIBA
O42 - Logiciel: TOSHIBA Speech System Applications - (...) [HKLM] -- {EE033C1F-443E-41EC-A0E2-559B539A4E4D}
O42 - Logiciel: TOSHIBA Speech System SR Engine(U.S.) Version1.0 - (...) [HKLM] -- {008D69EB-70FF-46AB-9C75-924620DF191A}
O42 - Logiciel: TOSHIBA Speech System TTS Engine(U.S.) Version1.0 - (...) [HKLM] -- {3FBF6F99-8EC6-41B4-8527-0A32241B5496}
O42 - Logiciel: TOSHIBA Supervisor Password - (...) [HKLM] -- {4B1E87C3-00DE-4898-8E39-E390AAEF2391}
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- {FEDD27A0-B306-45EF-BF58-B527406B42C8} =>.Toshiba Corporation
O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM] -- InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8} =>.Toshiba Corporation
O42 - Logiciel: TrueSuite Access Manager - (.ABIG.) [HKLM] -- {A2075A09-28AA-4D30-9BCC-82EAD9FA51BD} =>.Macrovision Corporation®
O42 - Logiciel: TRW conferencing - (.Digitalweb.) [HKLM] -- {E23E9487-2B6B-42CA-AE8D-E2369563AB02}
O42 - Logiciel: TurboMeeting - (.RHUB Communications, Inc..) [HKCU] -- TurboMeeting =>.RHUB Communications Inc®
O42 - Logiciel: Unlocker 1.9.0 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: Video Mover - (...) [HKLM] -- Video Mover_is1
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Windows Driver Package - Nokia Modem (02/25/2011 4.7) - (.Nokia.) [HKLM] -- E0AC723A3DE3A04256288CADBBB011B112AED454 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Nokia Modem (02/25/2011 7.01.0.9) - (.Nokia.) [HKLM] -- 72A50F48CC5601190B9C4E74D81161693133E7F7 =>.Microsoft Windows Component Publisher®
O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 =>.Microsoft Windows®
O42 - Logiciel: Windows Media Encoder 9 Series - (...) [HKLM] -- Windows Media Encoder 9
O42 - Logiciel: Windows Media Encoder 9 Series - (.Microsoft Corporation.) [HKLM] -- {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E} =>.Microsoft Corporation
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst =>.CACE Technologies
O42 - Logiciel: Your monster voice 1 - (...) [HKLM] -- Your monster voice 1
O42 - Logiciel: Zemana AntiMalware - (.Zemana Ltd..) [HKLM] -- {8F0CD7D1-42F3-4195-95CD-833578D45057}_is1 =>.Zemana Ltd.®

---\\ HKCU & HKLM Software Keys (185) - 42s
HKLM\SOFTWARE\2BrightSparks =>.2BrightSparks
HKLM\SOFTWARE\7-PDF =>.7-PDF
HKLM\SOFTWARE\7-Zip =>.Igor Pavlov
HKLM\SOFTWARE\Acronis =>.Acronis
HKLM\SOFTWARE\ActiveTouch
HKLM\SOFTWARE\Adobe =>.Adobe
HKLM\SOFTWARE\AdwCleaner =>.Malwarebytes
HKLM\SOFTWARE\Affinegy
HKLM\SOFTWARE\Agere
HKLM\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc. =>.Apple Inc.
HKLM\SOFTWARE\Arainia =>.Arainia Solutions, LLC
HKLM\SOFTWARE\ASProtect
HKLM\SOFTWARE\ATI =>.ATI
HKLM\SOFTWARE\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Auslogics =>.Auslogics
HKLM\SOFTWARE\AuthenTec =>.AuthenTec
HKLM\SOFTWARE\BCL Technologies =>.BCL Technologies
HKLM\SOFTWARE\Belkin =>.Belkin
HKLM\SOFTWARE\CandleWorks
HKLM\SOFTWARE\Citrix =>.Citrix
HKLM\SOFTWARE\CodeGear =>.CodeGear
HKLM\SOFTWARE\ComodoGroup =>.ComodoGroup
HKLM\SOFTWARE\CyberLink =>.CyberLink
HKLM\SOFTWARE\Data Fellows
HKLM\SOFTWARE\DivXNetworks =>.DivXNetworks
HKLM\SOFTWARE\Eset =>.ESET
HKLM\SOFTWARE\F-Secure =>.F-Secure
HKLM\SOFTWARE\GEAR Software =>.GEAR Software
HKLM\SOFTWARE\Global IP Solutions
HKLM\SOFTWARE\Google =>.Google
HKLM\SOFTWARE\HTC =>.HTC
HKLM\SOFTWARE\idc
HKLM\SOFTWARE\IM Providers =>.IM Providers
HKLM\SOFTWARE\ImgBurn
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\InstallShield =>.InstallShield
HKLM\SOFTWARE\Intel =>.Intel
HKLM\SOFTWARE\InterVideo =>.InterVideo
HKLM\SOFTWARE\IObit =>.IObit
HKLM\SOFTWARE\JavaSoft =>.JavaSoft
HKLM\SOFTWARE\JreMetrics =>.JreMetrics
HKLM\SOFTWARE\Kodak =>.Kodak
HKLM\SOFTWARE\Licenses =>.Microsoft Corporation
HKLM\SOFTWARE\Logitech =>.Logitech
HKLM\SOFTWARE\Lucent
HKLM\SOFTWARE\Macromedia =>.Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
HKLM\SOFTWARE\McAfee =>.McAfee
HKLM\SOFTWARE\MetaQuotes Software =>.MetaQuotes Software
HKLM\SOFTWARE\MicroWorld
HKLM\SOFTWARE\Mozilla =>.Mozilla
HKLM\SOFTWARE\mozilla.org =>.mozilla.org
HKLM\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Napster
HKLM\SOFTWARE\NCH Software =>.NCH Software
HKLM\SOFTWARE\NCH Swift Sound =>.NCH Swift Sound
HKLM\SOFTWARE\Netscape =>.Netscape
HKLM\SOFTWARE\Nokia =>.Nokia
HKLM\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKLM\SOFTWARE\Online Armor
HKLM\SOFTWARE\Opera Software =>.Opera Software
HKLM\SOFTWARE\Panda Security =>.Panda Security
HKLM\SOFTWARE\Panda Software =>.Panda Software
HKLM\SOFTWARE\pandasecuritytb
HKLM\SOFTWARE\Patch My PC
HKLM\SOFTWARE\PC Connectivity Solution
HKLM\SOFTWARE\PCSuite
HKLM\SOFTWARE\Piriform =>.Piriform
HKLM\SOFTWARE\Realtek =>.Realtek
HKLM\SOFTWARE\RegisteredApplications =>.Microsoft Corporation
HKLM\SOFTWARE\RTLSetup
HKLM\SOFTWARE\RtWLan =>.REALTEK Semiconductor Corp.
HKLM\SOFTWARE\Skype =>.Skype
HKLM\SOFTWARE\Sonic =>.Sonic
HKLM\SOFTWARE\SRS Labs =>.SRS Labs
HKLM\SOFTWARE\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
HKLM\SOFTWARE\Swearware =>.Swearware
HKLM\SOFTWARE\Sxuptp Driver
HKLM\SOFTWARE\SymNRT
HKLM\SOFTWARE\Synaptics =>.Synaptics
HKLM\SOFTWARE\Sys Modules
HKLM\SOFTWARE\TeamViewer =>.TeamViewer
HKLM\SOFTWARE\TechSmith =>.TechSmith
HKLM\SOFTWARE\The Silicon Realms Toolworks
HKLM\SOFTWARE\Toshiba =>.TOSHIBA
HKLM\SOFTWARE\TrendMicro =>.TrendMicro
HKLM\SOFTWARE\TrueSuite Access Manager
HKLM\SOFTWARE\Ulead Systems =>.Ulead Systems
HKLM\SOFTWARE\Unlocker
HKLM\SOFTWARE\VideoLAN =>.VideoLAN
HKLM\SOFTWARE\VidSoft
HKLM\SOFTWARE\Volatile =>.Microsoft Corporation
HKLM\SOFTWARE\Waves Audio
HKLM\SOFTWARE\WebEx
HKLM\SOFTWARE\WildTangent =>.WildTangent
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WiseCleaner =>.wisecleaner
HKLM\SOFTWARE\WOW6432Node =>.Microsoft Corporation
HKLM\SOFTWARE\Zemana =>.Zemana
HKLM\SOFTWARE\ZmnGlobalSDK =>.Zemana Ltd
HKCU\SOFTWARE\2BrightSparks =>.2BrightSparks
HKCU\SOFTWARE\7-Zip =>.Igor Pavlov
HKCU\SOFTWARE\Adobe =>.Adobe
HKCU\SOFTWARE\Affinegy
HKCU\SOFTWARE\AnVir
HKCU\SOFTWARE\AOMEI
HKCU\SOFTWARE\AppDataLow =>.Microsoft Corporation
HKCU\SOFTWARE\Apple Computer, Inc. =>.Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc. =>.Apple Inc.
HKCU\SOFTWARE\Arainia =>.Arainia Solutions, LLC
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\ATI Technologies Inc. =>.ATI Technologies Inc.
HKCU\SOFTWARE\Belkin =>.Belkin
HKCU\SOFTWARE\CEC_CM_SW
HKCU\SOFTWARE\Citrix =>.Citrix
HKCU\SOFTWARE\ComodoGroup =>.ComodoGroup
HKCU\SOFTWARE\CyberLink =>.CyberLink
HKCU\SOFTWARE\DataLode
HKCU\SOFTWARE\DigitalWeb
HKCU\SOFTWARE\DVD Decrypter
HKCU\SOFTWARE\DVD Shrink =>.DVD Shrink
HKCU\SOFTWARE\EasyBits =>.EasyBits
HKCU\SOFTWARE\ESET =>.ESET
HKCU\SOFTWARE\Facebook =>.Facebook
HKCU\SOFTWARE\Gabest =>.Gabest
HKCU\SOFTWARE\Garmin =>.Garmin
HKCU\SOFTWARE\Geek Uninstaller =>.Geek Uninstaller
HKCU\SOFTWARE\giveawayoftheday.com
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\IM Providers =>.IM Providers
HKCU\SOFTWARE\ImgBurn
HKCU\SOFTWARE\Insofta Development
HKCU\SOFTWARE\InterVideo =>.InterVideo
HKCU\SOFTWARE\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Logitech =>.Logitech
HKCU\SOFTWARE\Macromedia =>.Macromedia
HKCU\SOFTWARE\MainConcept =>.MainConcept
HKCU\SOFTWARE\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
HKCU\SOFTWARE\McAfee =>.McAfee
HKCU\SOFTWARE\Memeo =>.Memeo
HKCU\SOFTWARE\MetaQuotes Software =>.MetaQuotes Software
HKCU\SOFTWARE\MicroWorld
HKCU\SOFTWARE\MimarSinan =>.Mimar Sinan
HKCU\SOFTWARE\Mozilla =>.Mozilla
HKCU\SOFTWARE\MozillaPlugins =>.MozillaPlugins
HKCU\SOFTWARE\NCH Software =>.NCH Software
HKCU\SOFTWARE\NCH Swift Sound =>.NCH Swift Sound
HKCU\SOFTWARE\Netscape =>.Netscape
HKCU\SOFTWARE\Nokia =>.Nokia
HKCU\SOFTWARE\ODBC =>.DB Connectivity Solutions
HKCU\SOFTWARE\OnlineArmor
HKCU\SOFTWARE\Opera Software =>.Opera Software
HKCU\SOFTWARE\Perfect Uninstaller
HKCU\SOFTWARE\Piriform =>.Piriform
HKCU\SOFTWARE\QtProject =>.QtProject
HKCU\SOFTWARE\Raxco
HKCU\SOFTWARE\Realtek =>.Realtek
HKCU\SOFTWARE\Skype =>.Skype
HKCU\SOFTWARE\SkypeApps
HKCU\SOFTWARE\SUPERAntiSpyware.com =>.SUPERAntiSpyware.com
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\Sysinternals =>.Sysinternals
HKCU\SOFTWARE\talk4free
HKCU\SOFTWARE\TechSmith =>.TechSmith
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\TOSHIBA =>.TOSHIBA
HKCU\SOFTWARE\Trolltech =>.Trolltech
HKCU\SOFTWARE\TrueSuite Access Manager
HKCU\SOFTWARE\Ulead
HKCU\SOFTWARE\Ulead Systems =>.Ulead Systems
HKCU\SOFTWARE\VidSoft
HKCU\SOFTWARE\VS Revo Group =>.VS Revo Group
HKCU\SOFTWARE\WebEx
HKCU\SOFTWARE\Wget
HKCU\SOFTWARE\Wow6432Node =>.Microsoft Corporation
HKCU\SOFTWARE\ZebHelpProcess Helper =>.Nicolas Coolman
HKCU\SOFTWARE\Zemana =>.Zemana
HKCU\SOFTWARE\AppDataLow\LastScanTime
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft =>.JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\panda
HKCU\SOFTWARE\AppDataLow\Software\pandasecuritytb

---\\ Contents of the Common Files folders (334) - 47s
O43 - CFD: 25/02/2016 - [] D -- C:\Program Files\2BrightSparks =>.2BrightSparks
O43 - CFD: 08/03/2013 - [] D -- C:\Program Files\7-Zip =>.Igor Pavlov
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 06/09/2015 - [] D -- C:\Program Files\Adware-Removal-Tool =>.Pawan Kumar®
O43 - CFD: 14/01/2011 - [] D -- C:\Program Files\Aiseesoft Studio =>.Aiseesoft Studio
O43 - CFD: 19/07/2016 - [] D -- C:\Program Files\AOMEI Backupper Standard Edition 2.0.2
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Apple Software Update =>.Apple Inc.®
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\ATI =>.ATI
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\ATI Technologies =>.ATI Technologies
O43 - CFD: 27/06/2013 - [] D -- C:\Program Files\Belkin {6A8B8367285B702071BD17F1C2DF68CD} =>.Belkin
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Bonjour =>.Apple Inc.®
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\Camera Assistant Software for Toshiba
O43 - CFD: 17/11/2016 - [0] D -- C:\Program Files\Candleworks
O43 - CFD: 29/09/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\Cisco =>.Cisco
O43 - CFD: 19/03/2009 - [] D -- C:\Program Files\Citrix {5C5F2BA5C9994BE5EF254FFE511288E1} =>.Citrix
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Common Files =>.Microsoft Corporation
O43 - CFD: 21/02/2008 - [] D -- C:\Program Files\CyberLink =>.CyberLink
O43 - CFD: 04/08/2011 - [] D -- C:\Program Files\DIFX =>.Microsoft Windows®
O43 - CFD: 18/12/2013 - [] D -- C:\Program Files\FairStars CD Ripper
O43 - CFD: 21/03/2011 - [] D -- C:\Program Files\FileASSASSIN
O43 - CFD: 12/07/2013 - [] D -- C:\Program Files\FxPro - MetaTrader
O43 - CFD: 02/07/2011 - [] D -- C:\Program Files\Gizmo =>.Arainia Solutions, LLC®
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 09/08/2014 - [] D -- C:\Program Files\HTC =>.HTC
O43 - CFD: 04/05/2012 - [] D -- C:\Program Files\ImgBurn =>.Lightning UK
O43 - CFD: 28/12/2014 - [] D -- C:\Program Files\Insofta Cover Commander
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\InstallShield Installation Information =>.InstallShield Software
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\Intel =>.Intel Corporation
O43 - CFD: 07/03/2015 - [] D -- C:\Program Files\Internet Explorer =>.Microsoft Corporation
O43 - CFD: 12/02/2008 - [] D -- C:\Program Files\InterVideo =>.InterVideo
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Java =>.Sun Microsystems, Inc.®
O43 - CFD: 16/07/2011 - [] D -- C:\Program Files\Logitech =>.Logitech
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\ltmoh
O43 - CFD: 15/11/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 15/11/2016 - [] D -- C:\Program Files\Malwarebytes' Anti-Malware =>.Malwarebytes' Anti-Malware
O43 - CFD: 02/11/2006 - [] D -- C:\Program Files\Microsoft Games =>.Microsoft Corporation
O43 - CFD: 24/01/2011 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 24/01/2011 - [] D -- C:\Program Files\Microsoft Visual Studio =>.Microsoft Corporation
O43 - CFD: 24/01/2011 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 24/01/2011 - [] D -- C:\Program Files\Microsoft Works =>.Microsoft Corporation
O43 - CFD: 24/01/2011 - [] D -- C:\Program Files\Microsoft.NET =>.Microsoft Corporation
O43 - CFD: 18/08/2010 - [] D -- C:\Program Files\Movie Maker =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 24/01/2011 - [] D -- C:\Program Files\MSBuild =>.Microsoft Corporation
O43 - CFD: 11/02/2011 - [] D -- C:\Program Files\NCH Software =>.NCH Software
O43 - CFD: 04/08/2011 - [] D -- C:\Program Files\Nokia =>.Nokia
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Online Armor =>.Emsisoft GmbH®
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Opera =>.Opera Software ASA®
O43 - CFD: 21/06/2012 - [] D -- C:\Program Files\Oracle =>.Oracle America, Inc.®
O43 - CFD: 21/10/2016 - [] D -- C:\Program Files\Panda Security =>.Panda Security S.L®
O43 - CFD: 15/11/2016 - [] D -- C:\Program Files\Panda Security URL Filtering =>PUP.Optional.StartSearch
O43 - CFD: 04/08/2011 - [] D -- C:\Program Files\PC Connectivity Solution =>.Microsoft Windows®
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\Realtek =>.Realtek
O43 - CFD: 02/11/2006 - [] D -- C:\Program Files\Reference Assemblies =>.Microsoft Corporation
O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\S.A.D
O43 - CFD: 17/11/2016 - [] RD -- C:\Program Files\Skype =>.Skype Software Sarl®
O43 - CFD: 25/07/2014 - [] D -- C:\Program Files\Spirent Communications =>.Spirent Communications
O43 - CFD: 12/02/2008 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 12/07/2013 - [] D -- C:\Program Files\TechSmith =>.TechSmith Corporation®
O43 - CFD: 24/07/2014 - [] D -- C:\Program Files\ToolwizCareFree
O43 - CFD: 16/02/2009 - [] D -- C:\Program Files\TrueSuite Access Manager {2BCDF59FA22D417942CA41961DA44D88}
O43 - CFD: 15/06/2009 - [] D -- C:\Program Files\TRW conferencing
O43 - CFD: 12/02/2008 - [] D -- C:\Program Files\Ulead Systems =>.Ulead Systems
O43 - CFD: 27/07/2014 - [0] D -- C:\Program Files\Uninstall Information =>.Microsoft Corporation
O43 - CFD: 21/03/2011 - [] D -- C:\Program Files\Unlocker =>.Cedrick Collomb
O43 - CFD: 22/02/2016 - [] D -- C:\Program Files\VideoLAN =>.VideoLAN
O43 - CFD: 02/05/2009 - [] D -- C:\Program Files\VS Revo Group =>.VS Revo Group®
O43 - CFD: 26/06/2009 - [] D -- C:\Program Files\Windows Calendar =>.Microsoft Corporation
O43 - CFD: 26/06/2009 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Windows®
O43 - CFD: 30/04/2016 - [] D -- C:\Program Files\Windows Journal =>.Microsoft Corporation
O43 - CFD: 13/01/2012 - [] D -- C:\Program Files\Windows Live =>.Microsoft Corporation®
O43 - CFD: 30/04/2016 - [] D -- C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 12/02/2008 - [] D -- C:\Program Files\Windows Media Components =>.Microsoft Corporation®
O43 - CFD: 05/09/2015 - [] D -- C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [] D -- C:\Program Files\Windows NT =>.Microsoft Corporation
O43 - CFD: 26/06/2009 - [] D -- C:\Program Files\Windows Photo Gallery =>.Microsoft Corporation
O43 - CFD: 29/10/2009 - [] D -- C:\Program Files\Windows Portable Devices =>.Microsoft Corporation
O43 - CFD: 26/06/2009 - [] D -- C:\Program Files\Windows Sidebar =>.Microsoft Corporation
O43 - CFD: 17/09/2010 - [] D -- C:\Program Files\WinPcap =>.CACE Technologies, Inc.®
O43 - CFD: 28/06/2009 - [] D -- C:\Program Files\Your monster voice 1
O43 - CFD: 15/11/2016 - [] D -- C:\Program Files\Zemana AntiMalware =>.Zemana Ltd.®
O43 - CFD: 08/03/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip =>.Igor Pavlov
O43 - CFD: 04/03/2011 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 04/03/2011 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 14/01/2011 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft =>.Aiseesoft
O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper Standard Edition 2.0.2
O43 - CFD: 10/05/2011 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam =>.Bandisoft
O43 - CFD: 27/06/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin =>.Belkin
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera Assistant Software
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center =>.AMD
O43 - CFD: 05/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform
O43 - CFD: 12/03/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerCinema for TOSHIBA
O43 - CFD: 12/02/2008 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD MovieFactory for TOSHIBA
O43 - CFD: 12/03/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades
O43 - CFD: 21/03/2011 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN
O43 - CFD: 12/07/2013 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FxPro - MetaTrader
O43 - CFD: 12/03/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games =>.Microsoft Corporation
O43 - CFD: 02/07/2011 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gizmo Central
O43 - CFD: 12/02/2008 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Desktop
O43 - CFD: 25/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC =>.HTC
O43 - CFD: 01/07/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ideal DVD Copy
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn =>.Lightning UK
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insofta Cover Commander
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless =>.Intel Corporation
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel® Matrix Storage Manager =>.Intel Corporation
O43 - CFD: 31/07/2013 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Interactive Brokers
O43 - CFD: 24/04/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech =>.Logitech
O43 - CFD: 12/03/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 15/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware =>.Malwarebytes
O43 - CFD: 25/01/2011 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight =>.Microsoft Corporation
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works =>.Microsoft Corporation
O43 - CFD: 12/06/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MIG Trading Station
O43 - CFD: 24/10/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
O43 - CFD: 04/08/2011 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
O43 - CFD: 07/03/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Armor
O43 - CFD: 21/10/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
O43 - CFD: 17/01/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller =>.VS Revo Group
O43 - CFD: 14/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype =>.Skype
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SnagIt 9
O43 - CFD: 25/07/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 12/03/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC =>.Wacom Technology
O43 - CFD: 12/07/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith =>.TechSmith
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA =>.Toshiba
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueSuite Access Manager
O43 - CFD: 24/10/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
O43 - CFD: 22/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN =>.VideoLAN
O43 - CFD: 01/02/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebEx
O43 - CFD: 21/12/2010 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media =>.Microsoft Corporation
O43 - CFD: 17/09/2010 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap =>.Riverbed Technology
O43 - CFD: 28/06/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your monster voice 1.0
O43 - CFD: 15/11/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware =>.Zemana
O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\360Quarant
O43 - CFD: 17/04/2013 - [] D -- C:\ProgramData\Adobe =>.Adobe
O43 - CFD: 27/06/2013 - [] D -- C:\ProgramData\Affinegy
O43 - CFD: 14/01/2011 - [] D -- C:\ProgramData\Aiseesoft Studio =>.Aiseesoft Studio
O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\AomeiBR =>.AOMEI Technology
O43 - CFD: 11/09/2010 - [] D -- C:\ProgramData\Apple =>.Apple Inc.
O43 - CFD: 11/09/2010 - [] D -- C:\ProgramData\Apple Computer =>.Apple Inc.
O43 - CFD: 02/11/2006 - [0] SHD -- C:\ProgramData\Application Data =>.Microsoft Corporation
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\ATI =>.ATI
O43 - CFD: 17/11/2016 - [0] D -- C:\ProgramData\Auslogics =>.Auslogics
O43 - CFD: 27/06/2013 - [] D -- C:\ProgramData\Belkin =>.Belkin
O43 - CFD: 07/03/2013 - [] D -- C:\ProgramData\CPA_VA
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\CyberLink =>.CyberLink
O43 - CFD: 02/11/2006 - [0] SHD -- C:\ProgramData\Desktop =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD -- C:\ProgramData\Documents =>.Microsoft Corporation
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\DVD Shrink =>.DVD Shrink
O43 - CFD: 02/11/2006 - [0] SHD -- C:\ProgramData\Favorites =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [0] D -- C:\ProgramData\Google =>.Google
O43 - CFD: 09/08/2014 - [] D -- C:\ProgramData\HTC =>.HTC
O43 - CFD: 04/08/2011 - [] D -- C:\ProgramData\Installations
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\Intel =>.Intel Corporation
O43 - CFD: 16/04/2012 - [] D -- C:\ProgramData\InterVideo =>.InterVideo
O43 - CFD: 13/10/2014 - [] D -- C:\ProgramData\Kaspersky Lab =>.Kaspersky Lab
O43 - CFD: 08/06/2011 - [] D -- C:\ProgramData\Kodak =>.Kodak
O43 - CFD: 16/07/2011 - [] D -- C:\ProgramData\LogiShrd =>.Logitech Inc.
O43 - CFD: 16/07/2011 - [] D -- C:\ProgramData\Logitech =>.Logitech
O43 - CFD: 27/04/2014 - [] D -- C:\ProgramData\magicJack
O43 - CFD: 15/11/2016 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 04/10/2013 - [] D -- C:\ProgramData\McAfee =>.McAfee
O43 - CFD: 31/12/2013 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft
O43 - CFD: 25/07/2014 - [] D -- C:\ProgramData\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 07/06/2015 - [] D -- C:\ProgramData\MicroWorld
O43 - CFD: 06/05/2012 - [] D -- C:\ProgramData\Mozilla =>.Mozilla Corporation
O43 - CFD: 18/02/2011 - [] D -- C:\ProgramData\NCH Software =>.NCH Software
O43 - CFD: 07/03/2013 - [] D -- C:\ProgramData\OnlineArmor
O43 - CFD: 21/10/2016 - [] D -- C:\ProgramData\Panda Security =>.Panda Security
O43 - CFD: 04/08/2011 - [] D -- C:\ProgramData\PC Suite =>.Nokia
O43 - CFD: 12/07/2013 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith =>.TechSmith Corporation
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\Skype =>.Skype
O43 - CFD: 02/11/2006 - [0] SHD -- C:\ProgramData\Start Menu =>.Microsoft Corporation
O43 - CFD: 27/01/2010 - [] D -- C:\ProgramData\Sun =>.Oracle
O43 - CFD: 12/07/2013 - [] D -- C:\ProgramData\TechSmith =>.TechSmith
O43 - CFD: 14/11/2010 - [0] AD -- C:\ProgramData\TEMP =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD -- C:\ProgramData\Templates =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] D -- C:\ProgramData\Toshiba =>.Toshiba
O43 - CFD: 16/02/2009 - [] D -- C:\ProgramData\TrueSuite Access Manager
O43 - CFD: 12/02/2008 - [] D -- C:\ProgramData\Ulead Systems =>.Ulead Systems
O43 - CFD: 28/09/2015 - [] D -- C:\ProgramData\WebEx
O43 - CFD: 12/02/2008 - [] D -- C:\ProgramData\WildTangent =>.WildTangent
O43 - CFD: 06/03/2011 - [] D -- C:\ProgramData\WindowsSearch =>.Microsoft Corporation
O43 - CFD: 08/01/2013 - [] D -- C:\ProgramData\WindSolutions =>.WindSolutions
O43 - CFD: 11/04/2010 - [] D -- C:\Program Files\Common Files\Acronis1
O43 - CFD: 25/04/2016 - [] D -- C:\Program Files\Common Files\Adobe =>.Adobe
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Common Files\Adobe AIR =>.Adobe Inc.
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Common Files\Apple =>.Apple Inc.
O43 - CFD: 24/01/2011 - [] D -- C:\Program Files\Common Files\DESIGNER =>.Designer
O43 - CFD: 12/02/2008 - [] D -- C:\Program Files\Common Files\InstallShield =>.InstallShield
O43 - CFD: 16/07/2011 - [] D -- C:\Program Files\Common Files\Logishrd =>.Logitech Inc.
O43 - CFD: 07/06/2015 - [] D -- C:\Program Files\Common Files\Microsoft =>.Microsoft
O43 - CFD: 13/01/2012 - [] D -- C:\Program Files\Common Files\microsoft shared =>.Microsoft Corporation
O43 - CFD: 04/08/2011 - [] D -- C:\Program Files\Common Files\Nokia =>.Nokia
O43 - CFD: 04/08/2011 - [] D -- C:\Program Files\Common Files\PCSuite
O43 - CFD: 02/11/2006 - [] D -- C:\Program Files\Common Files\Services =>.Microsoft Corporation
O43 - CFD: 17/11/2016 - [] D -- C:\Program Files\Common Files\Skype =>.Skype
O43 - CFD: 02/11/2006 - [] D -- C:\Program Files\Common Files\SpeechEngines =>.Microsoft Corporation
O43 - CFD: 14/03/2009 - [] D -- C:\Program Files\Common Files\Symantec Shared =>.Symantec
O43 - CFD: 30/04/2016 - [] D -- C:\Program Files\Common Files\System =>.Microsoft Corporation
O43 - CFD: 12/02/2008 - [] D -- C:\Program Files\Common Files\Ulead Systems =>.Ulead Systems
O43 - CFD: 13/01/2012 - [] D -- C:\Program Files\Common Files\Windows Live =>.Microsoft Corporation
O43 - CFD: 25/02/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\2BrightSparks =>.2BrightSparks
O43 - CFD: 21/03/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\ABIG
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 11/09/2010 - [] D -- C:\Users\psimoes\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\ATI =>.ATI
O43 - CFD: 17/11/2016 - [0] D -- C:\Users\psimoes\AppData\Roaming\Auslogics =>.Auslogics
O43 - CFD: 10/03/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\BitDefender =>.Bitdefender
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\CyberLink =>.CyberLink
O43 - CFD: 29/03/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\dvdcss =>.VideoLAN
O43 - CFD: 06/11/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\FairStars CD Ripper
O43 - CFD: 25/01/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\FXTS2
O43 - CFD: 11/03/2010 - [] D -- C:\Users\psimoes\AppData\Roaming\GARMIN =>.Garmin
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\Geek Uninstaller =>.Geek Uninstaller
O43 - CFD: 11/09/2012 - [] D -- C:\Users\psimoes\AppData\Roaming\Gizmo =>.Gizmo Project
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\Google =>.Google
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\Identities =>.Microsoft Corporation
O43 - CFD: 04/05/2012 - [] D -- C:\Users\psimoes\AppData\Roaming\ImgBurn =>.Lightning UK
O43 - CFD: 13/04/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\InstallShield =>.InstallShield
O43 - CFD: 01/03/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\Intel =>.Intel Corporation
O43 - CFD: 16/08/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\IObit =>.IObit
O43 - CFD: 16/07/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\Leadertech =>.Leadertech
O43 - CFD: 16/07/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\Logitech =>.Logitech
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 15/11/2016 - [0] D -- C:\Users\psimoes\AppData\Roaming\Malwarebytes =>.Malwarebytes
O43 - CFD: 02/11/2006 - [0] D -- C:\Users\psimoes\AppData\Roaming\Media Center Programs =>.Microsoft Corporation
O43 - CFD: 24/09/2012 - [] D -- C:\Users\psimoes\AppData\Roaming\MetaQuotes
O43 - CFD: 19/11/2015 - [] SD -- C:\Users\psimoes\AppData\Roaming\Microsoft =>.Microsoft
O43 - CFD: 07/10/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\mjusbsp
O43 - CFD: 10/07/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\Mozilla =>.Mozilla Corporation
O43 - CFD: 11/02/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\NCH Software =>.NCH Software
O43 - CFD: 05/08/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\Nokia =>.Nokia
O43 - CFD: 07/03/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\OnlineArmor
O43 - CFD: 09/06/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\OpenOffice.org =>.OpenOffice.org
O43 - CFD: 28/01/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\Opera =>.Opera Software
O43 - CFD: 17/10/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\Opera Software =>.Opera Software
O43 - CFD: 25/08/2014 - [] D -- C:\Users\psimoes\AppData\Roaming\Oracle =>.Oracle
O43 - CFD: 21/10/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\Panda Security =>.Panda Security
O43 - CFD: 04/08/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\PC Suite =>.Nokia
O43 - CFD: 18/08/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\ProcessLasso
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\Skype =>.Skype
O43 - CFD: 18/10/2012 - [] D -- C:\Users\psimoes\AppData\Roaming\SomePDF =>.SomePDF.com
O43 - CFD: 13/01/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\TeamViewer =>.TeamViewer
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\toshiba =>.Toshiba
O43 - CFD: 26/06/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\TurboMeeting
O43 - CFD: 25/03/2012 - [] D -- C:\Users\psimoes\AppData\Roaming\Ulead Systems =>.Ulead Systems
O43 - CFD: 30/06/2014 - [] D -- C:\Users\psimoes\AppData\Roaming\webex
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\WinBatch =>.winbatch.com
O43 - CFD: 08/01/2013 - [] D -- C:\Users\psimoes\AppData\Roaming\WindSolutions =>.WindSolutions
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\Adobe =>.Adobe
O43 - CFD: 05/02/2010 - [] D -- C:\Users\psimoes\AppData\Local\AnVir
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\Apple =>.Apple Inc.
O43 - CFD: 22/09/2010 - [] D -- C:\Users\psimoes\AppData\Local\Apple Computer =>.Apple Inc.
O43 - CFD: 16/02/2009 - [0] SHD -- C:\Users\psimoes\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 21/03/2009 - [] D -- C:\Users\psimoes\AppData\Local\Apps =>.Microsoft Corporation
O43 - CFD: 03/10/2013 - [] D -- C:\Users\psimoes\AppData\Local\assembly =>.Assembly
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Local\ATI =>.ATI
O43 - CFD: 01/07/2016 - [] D -- C:\Users\psimoes\AppData\Local\CEF =>.CEF
O43 - CFD: 19/11/2015 - [] D -- C:\Users\psimoes\AppData\Local\Citrix =>.Citrix
O43 - CFD: 16/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 09/06/2009 - [0] D -- C:\Users\psimoes\AppData\Local\Deployment =>.Microsoft Corporation
O43 - CFD: 13/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\ESET =>.ESET
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\Facebook =>.Facebook
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\Google =>.Google
O43 - CFD: 16/02/2009 - [0] SHD -- C:\Users\psimoes\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 22/06/2012 - [] D -- C:\Users\psimoes\AppData\Local\Macromedia =>.Macromedia
O43 - CFD: 29/07/2014 - [] D -- C:\Users\psimoes\AppData\Local\magicJack
O43 - CFD: 11/08/2012 - [] D -- C:\Users\psimoes\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 27/02/2009 - [0] D -- C:\Users\psimoes\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 08/12/2014 - [] D -- C:\Users\psimoes\AppData\Local\MigWiz =>.MigWiz
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Local\Mozilla =>.Mozilla Corporation
O43 - CFD: 28/01/2011 - [] D -- C:\Users\psimoes\AppData\Local\Opera =>.Opera Software
O43 - CFD: 17/10/2013 - [] D -- C:\Users\psimoes\AppData\Local\Opera Software =>.Opera Software
O43 - CFD: 21/10/2016 - [] D -- C:\Users\psimoes\AppData\Local\panda
O43 - CFD: 06/03/2011 - [] D -- C:\Users\psimoes\AppData\Local\PowerCinema =>.CyberLink Corporation
O43 - CFD: 24/01/2011 - [] D -- C:\Users\psimoes\AppData\Local\Seven Zip =>.Seven Zip
O43 - CFD: 13/05/2009 - [] D -- C:\Users\psimoes\AppData\Local\TechSmith =>.TechSmith
O43 - CFD: 17/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\Temp =>.Microsoft Corporation
O43 - CFD: 23/05/2016 - [] D -- C:\Users\psimoes\AppData\Local\temp(49)
O43 - CFD: 16/02/2009 - [0] SHD -- C:\Users\psimoes\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 28/04/2014 - [] D -- C:\Users\psimoes\AppData\Local\tjnet
O43 - CFD: 24/07/2014 - [] D -- C:\Users\psimoes\AppData\Local\ToolwizCareFree
O43 - CFD: 16/02/2009 - [] D -- C:\Users\psimoes\AppData\Local\VirtualStore =>.Microsoft Corporation
O43 - CFD: 29/09/2014 - [] D -- C:\Users\psimoes\AppData\Local\WebEx
O43 - CFD: 11/08/2012 - [] D -- C:\Users\psimoes\AppData\Local\Windows Live =>.Microsoft Corporation
O43 - CFD: 11/08/2012 - [] D -- C:\Users\psimoes\AppData\Local\Windows Live Writer =>.Microsoft Corporation
O43 - CFD: 15/11/2016 - [] D -- C:\Users\psimoes\AppData\Local\Zemana =>.Zemana
O43 - CFD: 12/03/2009 - [] RD -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories =>.Microsoft Corporation
O43 - CFD: 12/03/2009 - [] RD -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 05/07/2014 - [] D -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner =>.Piriform
O43 - CFD: 15/11/2016 - [] D -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
O43 - CFD: 12/03/2009 - [] RD -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance =>.Microsoft Corporation
O43 - CFD: 29/12/2014 - [] RD -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup =>.Microsoft Corporation
O43 - CFD: 29/04/2009 - [] D -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TRW conferencing
O43 - CFD: 21/03/2011 - [] D -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker =>.Cedrick Collomb
O43 - CFD: 28/06/2009 - [0] D -- C:\Users\psimoes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Your monster voice 1.0
O43 - CFD: 02/11/2006 - [0] SHD -- C:\Users\Default\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD -- C:\Users\Default\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - [] D -- C:\Users\Default\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 27/02/2009 - [0] D -- C:\Users\Default\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/11/2016 - [0] D -- C:\Users\Default\AppData\Local\temp =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD -- C:\Users\Default\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD -- C:\Users\Default User\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD -- C:\Users\Default User\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - [] D -- C:\Users\Default User\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 27/02/2009 - [0] D -- C:\Users\Default User\AppData\Local\Microsoft Help =>.Microsoft Corporation
O43 - CFD: 14/11/2016 - [0] D -- C:\Users\Default User\AppData\Local\temp =>.Microsoft Corporation
O43 - CFD: 02/11/2006 - [0] SHD -- C:\Users\Default User\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 27/07/2014 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Adobe =>.Adobe
O43 - CFD: 12/02/2008 - [] SHD -- C:\Windows\System32\Config\systemprofile\AppData\Local\Application Data =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\ATI =>.ATI
O43 - CFD: 17/11/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashDumps =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Google =>.Google
O43 - CFD: 12/02/2008 - [] SHD -- C:\Windows\System32\Config\systemprofile\AppData\Local\History =>.Microsoft Corporation
O43 - CFD: 24/07/2014 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 12/02/2008 - [] SHD -- C:\Windows\System32\Config\systemprofile\AppData\Local\Temporary Internet Files =>.Microsoft Corporation
O43 - CFD: 31/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\tjnet
O43 - CFD: 31/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Toshiba =>.Toshiba
O43 - CFD: 15/11/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Zemana =>.Zemana
O43 - CFD: 20/10/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\360safe =>.Qihu 360 Software
O43 - CFD: 19/11/2010 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 17/11/2010 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Apple Computer =>.Apple Inc.
O43 - CFD: 31/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\ATI =>.ATI
O43 - CFD: 25/07/2011 - [0] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\EurekaLog
O43 - CFD: 16/02/2009 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Intel =>.Intel Corporation
O43 - CFD: 13/01/2012 - [] SD -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\Microsoft =>.Microsoft
O43 - CFD: 31/12/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Roaming\OnlineArmor
O43 - CFD: 12/02/2008 - [] RD -- C:\Windows\System32\Config\systemprofile\Start Menu\Programs\Administrative Tools =>.Administrative Tools
O43 - CFD: 12/02/2008 - [] RD -- C:\Windows\System32\Config\systemprofile\Start Menu\Programs\Startup =>.Microsoft Corporation

---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: IconOvrly [IconOvrly1] - {A4EEBF66-92EB-4F2A-9F1E-2F6D14B30DA6}. (.Arachnoid Biometrics Identification Group Corp. - .) -- C:\Program Files\TrueSuite Access Manager\IconOvrly.dll =>.Arachnoid Biometrics Identification Group Corp.

---\\ ShareTools MSconfig StartupReg (7) - 1s
O53 - SMSR:HKLM\...\startupreg\CLMLServer [Key] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe =>.CyberLink
O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\psimoes\AppData\Local\Facebook\Update\FacebookUpdate.exe =>.Facebook Inc.
O53 - SMSR:HKLM\...\startupreg\GizmoDriveDelegate [Key] . (.Arainia Solutions - Gizmo Central.) -- C:\Program Files\Gizmo\gizmo.exe =>.Arainia Solutions
O53 - SMSR:HKLM\...\startupreg\Google Desktop Search [Key] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe =>.Google
O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (...) -- C:\Program Files\iTunes\iTunesHelper.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PCMAgent [Key] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe =>.CyberLink Corp.

---\\ System Drivers List (137) - 106s
O58 - SDL:2008/01/20 21:23:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:25 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:26 A . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\drivers\adpu160m.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:27 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/28 18:11:00 A . (.Agere Systems - SoftModem Device Driver.) -- C:\Windows\System32\drivers\AGRSM.sys [324224] =>.Agere Systems
O58 - SDL:2008/02/03 02:04:02 A . (.Alfa Corporation - Windows 2000 Mini-Filter Monitor Network Ed.) -- C:\Windows\System32\drivers\AlfaFF.sys [324224] {01000000000110EA1A2F68}
O58 - SDL:2008/01/20 21:23:00 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:24 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/30 19:24:00 A . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [324224] =>.ATI Technologies Inc.
O58 - SDL:2009/01/26 12:39:48 A . (.AuthenTec, Inc. - Slide Fingerprint USB Driver.) -- C:\Windows\System32\drivers\atswpdrv.sys [324224] =>.AuthenTec, Inc.®
O58 - SDL:2006/11/02 03:24:45 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [324224] =>.Brother Industries, Ltd.
O58 - SDL:2006/11/02 03:24:46 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [324224] =>.Brother Industries, Ltd.
O58 - SDL:2006/11/02 03:25:24 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2006/11/02 03:24:44 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2006/11/02 03:24:44 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2006/11/02 03:24:47 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [324224] =>.Brother Industries Ltd.
O58 - SDL:2011/05/18 09:12:28 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\drivers\ccdcmb.sys [324224] =>.Nokia
O58 - SDL:2011/05/18 09:12:32 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\drivers\ccdcmbo.sys [324224] =>.Nokia
O58 - SDL:2006/10/04 21:42:42 A . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\Windows\System32\drivers\cdr4_xp.sys [324224] =>.Sonic Solutions
O58 - SDL:2006/10/04 21:42:42 A . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\drivers\cdralw2k.sys [324224] =>.Sonic Solutions
O58 - SDL:2008/01/20 21:23:00 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [324224] =>.Microsoft Windows®
O58 - SDL:2014/03/17 13:09:20 A . (...) -- C:\Windows\System32\drivers\DasPtct.SYS [324224] =>.Panda Security S.L®
O58 - SDL:2006/11/02 04:50:11 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:24 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G60I32.sys [324224] =>.Intel Corporation
O58 - SDL:2008/01/20 21:23:22 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [324224] =>.Microsoft Windows®
O58 - SDL:2009/02/16 11:18:02 RASH . (...) -- C:\Windows\System32\drivers\fbd.sys [324224]
O58 - SDL:2006/11/20 17:11:14 A . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 32-bit Driver.) -- C:\Windows\System32\drivers\FwLnk.sys [324224] =>.Toshiba Corporation
O58 - SDL:2009/05/18 12:17:00 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [324224] =>.GEAR Software Inc.®
O58 - SDL:2011/07/02 10:00:30 A . (.Arainia Solutions LLC - Gizmo Drive, kernel-mode device driver.) -- C:\Windows\System32\drivers\gizmodrv.sys [324224] =>.Arainia Solutions, LLC®
O58 - SDL:2008/01/20 21:23:26 A . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\drivers\HpCISSs.sys [324224] =>.Microsoft Windows®
O58 - SDL:2010/06/23 09:23:44 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\drivers\htcnprot.sys [324224] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2007/09/30 02:03:12 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStor.sys [324224] =>.Intel Corporation®
O58 - SDL:2008/01/20 21:23:23 A . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\drivers\iaStorV.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:17 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:07 A . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\drivers\iteatapi.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:09 A . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\drivers\iteraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/09 01:32:00 A . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) -- C:\Windows\System32\drivers\KR10I.sys [324224] =>.Toshiba Corporation
O58 - SDL:2006/11/09 01:31:00 A . (.TOSHIBA CORPORATION - TOSHIBA RAID Driver.) -- C:\Windows\System32\drivers\KR10N.sys [324224] =>.Toshiba Corporation
O58 - SDL:2008/01/20 21:23:23 A . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:25 A . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2016/11/16 18:06:13 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2008/01/20 21:23:27 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:27 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:49:59 A . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\Mraid35x.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:00 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [324224] =>.Malwarebytes Corporation®
O58 - SDL:2008/01/20 21:23:20 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETw3v32.sys [324224] =>.Intel Corporation
O58 - SDL:2007/09/26 09:12:22 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETw4v32.sys [324224] =>.Intel Corporation
O58 - SDL:2006/11/02 04:50:19 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [324224] =>.Microsoft Windows®
O58 - SDL:2015/12/04 04:45:09 A . (.Panda Security, S.L. - Application Layer Protocol Colorizer.) -- C:\Windows\System32\drivers\NNSAlpc.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:10 A . (.Panda Security, S.L. - Http Parser.) -- C:\Windows\System32\drivers\NNSHttp.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:11 A . (.Panda Security, S.L. - Https Parser.) -- C:\Windows\System32\drivers\NNSHttps.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:11 A . (.Panda Security, S.L. - Intrusion Detection System.) -- C:\Windows\System32\drivers\NNSIds.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/04/27 04:09:59 A . (.Panda Security, S.L. - Network Activity Hook Server LWF.) -- C:\Windows\System32\drivers\NNSNAHSL.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:12 A . (.Panda Security, S.L. - Process Info Colorizer Client.) -- C:\Windows\System32\drivers\NNSpicc.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2016/03/14 05:59:51 A . (.Panda Security, S.L. - Process Info Hook Server WFP.) -- C:\Windows\System32\drivers\NNSPihsw.sys [324224] =>.Panda Security S.L®
O58 - SDL:2015/12/04 04:45:14 A . (.Panda Security, S.L. - Pop3 Parser.) -- C:\Windows\System32\drivers\NNSPop3.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2015/12/04 04:45:14 A . (.Panda Security, S.L. - Network Protector.) -- C:\Windows\System32\drivers\NNSProt.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2016/02/17 10:35:35 A . (.Panda Security, S.L. - Network Provider.) -- C:\Windows\System32\drivers\NNSPrv.sys [324224] =>.Panda Security S.L®
O58 - SDL:2015/12/04 04:45:15 A . (.Panda Security, S.L. - Smtp Parser.) -- C:\Windows\System32\drivers\NNSSmtp.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2016/02/17 10:35:54 A . (.Panda Security, S.L. - Streamer.) -- C:\Windows\System32\drivers\NNSStrm.sys [324224] =>.Panda Security S.L®
O58 - SDL:2015/12/04 04:45:16 A . (.Panda Security, S.L. - Transport Layer Session Colorizer.) -- C:\Windows\System32\drivers\NNStlsc.sys [324224] =>.Panda Security S.L.®
O58 - SDL:2010/06/25 12:07:14 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [324224] =>.CACE Technologies, Inc.®
O58 - SDL:2006/11/02 02:36:50 A . (.N-trig Innovative Technologies - N-trig tablet digitizer in-box driver.) -- C:\Windows\System32\drivers\ntrigdigi.sys [324224] =>.N-trig Innovative Technologies
O58 - SDL:2008/01/20 21:23:21 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:21 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [324224] =>.Microsoft Windows®
O58 - SDL:2013/10/15 10:19:55 A . (...) -- C:\Windows\System32\drivers\OADriver.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2013/10/15 10:19:59 A . (...) -- C:\Windows\System32\drivers\oahlp32.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2013/10/15 10:20:08 A . (.Emsisoft - TDI Helper Driver.) -- C:\Windows\System32\drivers\OAmon.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2013/10/15 10:20:08 A . (.Emsisoft - OA Helper Driver.) -- C:\Windows\System32\drivers\OAnet.sys [324224] =>.Emsisoft GmbH®
O58 - SDL:2008/08/26 09:26:12 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\drivers\pccsmcfd.sys [324224] =>.Nokia
O58 - SDL:2016/08/04 21:28:16 A . (.Panda Security, S.L. - PSINAflt Filter Driver for Vista32.) -- C:\Windows\System32\drivers\PSINAflt.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:32:08 A . (.Panda Security, S.L. - PSINFile Filter Driver for Vista32.) -- C:\Windows\System32\drivers\PSINFile.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:22:40 A . (.Panda Security, S.L. - PSINKNC Kernel Controller for Vista32.) -- C:\Windows\System32\drivers\PSINKNC.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:40:39 A . (.Panda Security, S.L. - PSINProc Filter Driver for Vista32.) -- C:\Windows\System32\drivers\PSINProc.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:45:46 A . (.Panda Security, S.L. - PSINProt for Vista32.) -- C:\Windows\System32\drivers\PSINProt.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/04 21:36:13 A . (.Panda Security, S.L. - PSINReg Filter Driver for Vista32.) -- C:\Windows\System32\drivers\PSINReg.sys [324224] =>.Panda Security S.L®
O58 - SDL:2016/08/08 04:00:47 A . (.Panda Security, S.L. - Panda Kernel Memory Access Driver (x86).) -- C:\Windows\System32\drivers\PSKMAD.sys [324224] =>.Panda Security S.L®
O58 - SDL:2008/11/20 14:19:06 A . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\drivers\pxhelp20.sys [324224] =>.Sonic Solutions®
O58 - SDL:2008/01/20 21:23:24 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:35 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [324224] =>.Microsoft Windows®
O58 - SDL:2007/02/24 17:42:22 A . (.REDC - RICOH SD Driver.) -- C:\Windows\System32\drivers\rimmptsk.sys [324224] =>.REDC
O58 - SDL:2007/01/23 19:40:20 A . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\drivers\rimsptsk.sys [324224] =>.REDC
O58 - SDL:2007/03/22 01:02:04 A . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\drivers\rixdptsk.sys [324224] =>.REDC
O58 - SDL:2008/01/30 14:34:20 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [324224] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/06/23 09:21:32 A . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\drivers\Rtlh86.sys [324224] =>.Realtek Semiconductor Corp®
O58 - SDL:2006/11/02 01:37:21 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [324224] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2008/01/20 21:23:26 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [324224] =>.Microsoft Windows®
O58 - SDL:2009/03/14 20:32:52 A . (.Acronis - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snman380.sys [324224] =>.Acronis, Inc®
O58 - SDL:2016/08/31 07:49:31 A . (...) -- C:\Windows\System32\drivers\staport.sys [324224] =>.AVAST Software a.s.®
O58 - SDL:2011/02/11 22:55:59 A . (.NCH Software - stdriver.sys.) -- C:\Windows\System32\drivers\stdriver32.sys [324224] {2B24FDF675AB9FACF9226943B579512D} =>.NCH Software
O58 - SDL:2009/06/22 15:49:00 A . (.silex technology, Inc. - SXUPTP Driver.) -- C:\Windows\System32\drivers\sxuptp.sys [324224] {48B6DCB1174D010AEC98B059A4F4849A} =>.silex technology, Inc.
O58 - SDL:2006/11/02 04:50:05 A . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\drivers\symc8xx.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:49:56 A . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\drivers\sym_hi.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:03 A . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\drivers\sym_u3.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/08/14 10:40:40 A . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [324224] =>.Synaptics Incorporated®
O58 - SDL:2008/03/17 22:36:21 A . (...) -- C:\Windows\System32\drivers\taishop.sys [324224]
O58 - SDL:2010/02/25 17:51:02 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [324224] =>.The OpenVPN Project
O58 - SDL:2009/03/14 20:33:01 A . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\System32\drivers\tdrpm147.sys [324224] =>.Acronis, Inc®
O58 - SDL:2013/10/17 10:32:56 A . (.TeamViewer GmbH - TeamViewerVPN Network Adapter.) -- C:\Windows\System32\drivers\teamviewervpn.sys [324224] =>.TeamViewer GmbH
O58 - SDL:2009/03/14 16:32:04 A . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\System32\drivers\tifsfilt.sys [324224] =>.Acronis, Inc®
O58 - SDL:2009/03/14 20:32:55 A . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\System32\drivers\timntr.sys [324224] =>.Acronis, Inc®
O58 - SDL:2006/10/23 19:32:20 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\drivers\tosrfec.sys [324224] =>.Toshiba Corporation
O58 - SDL:2008/01/21 18:42:24 A . (.TOSHIBA Corporation - tos_sps2.) -- C:\Windows\System32\drivers\tos_sps32.sys [324224] =>.Toshiba Corporation
O58 - SDL:2015/06/07 17:57:06 A . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\Windows\System32\drivers\trufos.sys [324224] =>.Bitdefender SRL®
O58 - SDL:2007/11/09 17:00:52 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ_O.SYS [324224] =>.TOSHIBA CORPORATION®
O58 - SDL:2008/01/20 21:23:20 A . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\drivers\uliahci.sys [324224] =>.Microsoft Windows®
O58 - SDL:2006/11/02 04:50:35 A . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) -- C:\Windows\System32\drivers\ulsata.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\drivers\ulsata2.sys [324224] =>.Microsoft Windows®
O58 - SDL:2011/05/18 09:12:36 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\Windows\System32\drivers\usbser_lowerflt.sys [324224] =>.Nokia
O58 - SDL:2011/05/18 09:12:38 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys [324224] =>.Nokia
O58 - SDL:2007/12/17 14:45:20 A . (.Chicony Electronics Co., Ltd. - UVCFTR_S.sys.) -- C:\Windows\System32\drivers\UVCFTR_S.SYS [324224] =>.Chicony Electronics Co., Ltd.
O58 - SDL:2008/01/20 21:23:00 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [324224] =>.Microsoft Windows®
O58 - SDL:2008/01/20 21:23:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [324224] =>.Microsoft Windows®
O58 - SDL:2016/11/15 14:33:16 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zam32.sys [324224] =>.Zemana Ltd.®
O58 - SDL:2016/11/15 14:33:15 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zamguard32.sys [324224] =>.Zemana Ltd.®
O58 - SDL:2014/08/19 14:47:14 A . (...) -- C:\Windows\System32\ambakdrv.sys [324224] =>.AOMEI Tech Co
O58 - SDL:2014/08/19 14:47:14 A . (...) -- C:\Windows\System32\ammntdrv.sys [324224] =>.AOMEI Tech Co
O58 - SDL:2014/08/19 14:47:14 A . (...) -- C:\Windows\System32\amwrtdrv.sys [324224] =>.AOMEI Tech Co
O58 - SDL:2006/11/02 02:09:42 A . (...) -- C:\Windows\System32\ANSI.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:45 A . (...) -- C:\Windows\System32\country.sys [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:41 A . (...) -- C:\Windows\System32\HIMEM.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:44 A . (...) -- C:\Windows\System32\KEY01.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:44 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:29 A . (...) -- C:\Windows\System32\NTDOS.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:35 A . (...) -- C:\Windows\System32\NTDOS404.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:38 A . (...) -- C:\Windows\System32\NTDOS411.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:40 A . (...) -- C:\Windows\System32\NTDOS412.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:31 A . (...) -- C:\Windows\System32\NTDOS804.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:20 A . (...) -- C:\Windows\System32\NTIO.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:23 A . (...) -- C:\Windows\System32\NTIO404.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:24 A . (...) -- C:\Windows\System32\NTIO411.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:26 A . (...) -- C:\Windows\System32\NTIO412.SYS [324224] =>.Microsoft Corporation
O58 - SDL:2006/11/02 02:09:22 A . (...) -- C:\Windows\System32\NTIO804.SYS [324224] =>.Microsoft Corporation

---\\ Last modified or created user files (6) - 33s
O61 - LFC: 2016/11/17 12:44:27 A . (..) -- C:\Users\psimoes\Desktop\OpenDNS-Updater-2.2.1.exe [225336] {7680189BD7F3A03993677393F1F067C7}
O61 - LFC: 2016/11/15 20:40:38 A . (.glax24 (safezone.cc).) -- C:\Users\psimoes\Desktop\SecurityCheck.exe [507938]
O61 - LFC: 2016/11/17 17:46:22 A . (..) -- C:\Users\psimoes\Desktop\SystemLook.exe [139264]
O61 - LFC: 2016/11/14 14:33:28 A . (..) -- C:\Users\psimoes\Desktop\zoek.exe [1309184]
O61 - LFC: 2016/11/15 14:16:45 A . (..) -- C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [308]
O61 - LFC: 2016/11/17 16:00:54 A . (..) -- C:\Users\psimoes\AppData\Local\ATI\ACE\Manifest.Bin [14938]

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (24) - 1s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe
O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\Opera.exe
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe =>.Opera Software ASA®
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Opera\Opera.exe (.not file.)
O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software

---\\ Search Browser Infection (3) - 11s
O69 - SBI: SearchScopes [HKCU] {012E1000-F331-11DB-8314-0800200C9A66} - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKCU] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.
O69 - SBI: SearchScopes [HKLM] {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} [DefaultScope] - (Google) - http://www.google.com/ =>.Google Inc.

---\\ Search Svchost Services (31) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Terminal Server Remote Connections Manager.) -- C:\Windows\System32\termsrv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [324224] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Terminal Services Configuration service.) -- C:\Windows\System32\SessEnv.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [324224] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [324224] =>.Microsoft Corporation

---\\ Firewall Active Exception List (4) - 3s
O87 - FAEL: "WinCollab-Out-UDP" [Out-None-P17-FALSE] .(...) -- C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-UDP" [In-None-P17-FALSE] .(...) -- C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-Out-TCP" [Out-None-P6-FALSE] .(...) -- C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)
O87 - FAEL: "WinCollab-In-TCP" [In-None-P6-FALSE] .(...) -- C:\Program Files\Windows Collaboration\WinCollab.exe (.not file.)

---\\ Additional Scan (O88) (7) - 2s
C:\Users\psimoes\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} =>PUP.Optional.Wajam
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} =>Riskware.QuickTime
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A} =>Riskware.QuickTime
C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage =>.Superfluous.CloudfrontNet
C:\Users\psimoes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal =>.Superfluous.CloudfrontNet

---\\ Summary of the elements found (5) - 0s
https://www.anti-malware.top/2016/05/07/pup-optional-wajam/ =>PUP.Optional.Wajam
https://www.anti-malware.top/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect
https://www.anti-malware.top/2016/04/21/riskware-quicktime/ =>Riskware.QuickTime
https://www.nicolascoolman.com/fr/pup-optional-startsearch/ =>PUP.Optional.StartSearch
https://www.anti-malware.top/2016/08/31/cloudfront-net/ =>.Superfluous.CloudfrontNet

~ End of the scan, 41006 items in 00h08mn03s (1466)
 
Status
Not open for further replies.
Top Bottom