Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2015.9.7.137 By Nicolas Coolman (2015/09/7)
~ Run by TCC-HAIL (Administrator) (2015/09/11 20:47:39)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: No network file
~ Mode: Scan
~ Report: C:\Users\TCC-HAIL\Desktop\ZHPDiag.txt
~ Report: C:\Users\TCC-HAIL\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 8 Single Language, 64-bit (Build 9200)
---\\ Internet Browsers (4) - 0s
GCIE: Google Chrome v44.0.2403.125
MFIE: Mozilla Firefox 25.0 (x86 en-US) v25.0
OPIE: Opera 11.11.2109 v11.11.2109
MSIE: Internet Explorer v10.0.9200.16384
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (2) - 4s
Malwarebytes Anti-Malware version 2.1.8.1057
Windows Defender W8 (Deactivate)
---\\ System protection software (Superfluous) (1) - 5s
SUPERAntiSpyware v6.0.1170
---\\ System optimization software (2) - 5s
CCleaner v3.24
RegCure Pro v3.1.7.0
---\\ Surveillance software (2) - 5s
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ Sharing software PeerToPeer (1) - 6s
µTorrent v1.8.5
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4047.092 MB (43% free)
~ System Restore: Activé (Enable)
~ System drive C: has 8 GB free of 76 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: TCC
~ User Name: TCC-HAIL
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 8 GB free of 76 GB (System)
~ Drive D: has 118 GB free of 382 GB
---\\ State of the Windows Security Center (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (24) - 2s
[MD5.928791755FDDEA721B053535EF84FA17] - (.Microsoft Corporation - Windows Explorer.) () -- C:\windows\Explorer.exe [2380440] ©
[MD5.3A6209AC494296C24C2065CB4392B5F4] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\windows\System32\rundll32.exe [51712] ©
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\windows\System32\Wininit.exe [132608] ©
[MD5.3DA7E6053DB9BE3EADC70CE20B1FB92B] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\windows\System32\wininet.dll [2246656] ©
[MD5.93AB226C07A9789B2EC7B41F73602F76] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\windows\System32\Winlogon.exe [516608] ©
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\windows\System32\sppcomapi.dll [273408] ©
[MD5.4D10F9BB8243BCBF39774BF4D6B0D108] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\windows\System32\dnsapi.dll [604672] ©
[MD5.6356C0630362CC80E4318A672FF66804] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\windows\Syswow64\dnsapi.dll [461312] ©
[MD5.9E975BDC89C83900B2C534C4E1B018F8] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\windows\System32\drivers\AFD.sys [561152] ©
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\windows\System32\drivers\atapi.sys [25840] ©
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\windows\System32\drivers\Cdfs.sys [108544] ©
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\windows\System32\drivers\Cdrom.sys [174080] ©
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\windows\System32\drivers\DfsC.sys [118784] ©
[MD5.8D6810577E9C4F56DCB8E9BACAC7287B] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\windows\System32\drivers\HDAudBus.sys [71168] ©
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\windows\System32\drivers\i8042prt.sys [112640] ©
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\windows\System32\drivers\IpNat.sys [145920] ©
[MD5.1EEAA5A62E8C49DDF58798F06F78BFFA] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\windows\System32\drivers\MRxSmb.sys [368128] ©
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\windows\System32\drivers\netBT.sys [331776] ©
[MD5.4A7EEA9C4AD5CBFDA3C0E5B821C99CAD] - (.Microsoft Corporation - NT File System Driver.) () -- C:\windows\System32\drivers\ntfs.sys [1934064] ©
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\windows\System32\drivers\Parport.sys [105984] ©
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\windows\System32\drivers\Rasl2tp.sys [124928] ©
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\windows\System32\drivers\rdpdr.sys [179712] ©
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\windows\System32\drivers\tdx.sys [117248] ©
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\windows\System32\drivers\volsnap.sys [332016] ©
---\\ Process running (42) - 2s
[MD5.EDEF3B2D77698F9FF8BD9A56D297638B] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 305.4.) -- C:\windows\system32\nvvsvc.exe [891240] [PID.1004] ©
[MD5.350F8DFC8A098F5F2818E45DADB7025B] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1125224] [PID.1200] ©
[MD5.970C70F6B2953ED43822D3797855D84C] - (.SUPERAntiSpyware.com - Core Service.) -- D:\Program Files (x86)\SASCORE64.EXE [172344] [PID.1848]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.1868] ©
[MD5.0CE79F00BC069F94BBE8139CAE38A9C2] - (...) -- D:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [318312] [PID.1960]
[MD5.D39434B5E11CE057E4C289A3D08EBDAC] - (.Broadcom Corporation. - Bluetooth Radio Management Support.) -- C:\windows\system32\BtwRSupportService.exe [2252088] [PID.1980] ©
[MD5.E7E83F8C4D988AA152F23B26FF26FC49] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [957304] [PID.1292] ©
[MD5.426D951F2DE2D4DFCBE0D1A42BBBA72F] - (.DTS, Inc - DTS Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328] [PID.2216] ©
[MD5.52F63774A1866258BF64488A75CA1757] - (.ESET - ESET Service.) -- D:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1288104] [PID.2272] ©
[MD5.E67E289FA8AA393223AD7F9AFB738FD6] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [627504] [PID.2292] ©
[MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.2360] ©
[MD5.3C4002D339491AF73D663FFC7F6E5ECB] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760] [PID.2396] ©
[MD5.5879C87FD883B0B092A588E595D6DE62] - (.FUJITSU LIMITED - PSUService.) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe [51608] [PID.2780]
[MD5.D4F8266D63800FF9ACFAC838005A974C] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [149296] [PID.2816] ©
[MD5.97D3DCBBF3915782644DB56F5C191B9F] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568] [PID.2104] ©
[MD5.ABEFA4BD23329FD9BD47496BF2E58774] - (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456] [PID.4828] ©
[MD5.4269D44BB47A6DA5D80B11F4C8536458] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [276864] [PID.4972] ©
[MD5.DBE2E6388379D5CC78099650541E9566] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [364416] [PID.2544] ©
[MD5.BF5DE14131C7E137D728830FDB58DAD3] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [651672] [PID.2844] ©
[MD5.B0666DF6D554879AE8A7C91E26A5972F] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872] [PID.3348] ©
[MD5.5E53A66C680A06E26B1234CB0C3CD99B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608] [PID.2076] ©
[MD5.BC0A3C03E1DF23746F999F0576690B75] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [69968] [PID.924] ©
[MD5.1B0E5412AB8F30B8ED2AEAC2C530EB90] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Hidfind.exe [98672] [PID.4996] ©
[MD5.6F9BB9BF205C2E61982B1C9A7AB5D337] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- D:\Program Files (x86)\Athan\Athan.exe [1204224] [PID.3196]
[MD5.C8B2CE01333ED2D08C7A56CF49922077] - (.ESET - ESET Main GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe [5634800] [PID.5544] ©
[MD5.5A42370A885E2629A7C46BF743CE9CC9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe [941936] [PID.4880] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5928] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.1020] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5816] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.1936] ©
[MD5.5337B7D4DA78302798CFC9969BF08D0A] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2448744] [PID.40] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4000] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.2212] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.444] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4116] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4540] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.3088] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5132] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5660] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.3108] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.292] ©
[MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\TCC-HAIL\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.1364] ©
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 1s
P2 - EXT: (.Internet Download Manager, Tonec Inc. - IDM CC.) -- C:\Users\TCC-HAIL\AppData\Roaming\Mozilla\Firefox\Profiles\h9yxo8jj.default\extensions\mozilla_cc@internetdownloadmanager.com
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ©
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=15.0.6.14] - (.RealPlayer.) -- C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
---\\ Internet Explorer Extensions, Start, Search (16) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.eg/?gfe_rd=cr&ei=Wsm7Va6ICYKJ8Qe8o7PICQ&gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)
---\\ Hosts file redirection (2) - 0s
127
~ Le fichier hôte est sain (The hosts file is clean) (26)
---\\ Browser Helper Object (BHO) (4) - 0s
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ©
O2 - BHO: CutThePrice [64Bits] - {F79B460B-F4FB-49B3-92DA-ABCB80DB9D1B} . (...) -- C:\Program Files (x86)\CutThePrice\E7xTvFvDHUDoGm.x64.dll (.not file.) =>PUP.Optional.Multiplug
---\\ Auto loading programs from Registry and folders (33) - 2s
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe ©
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe ©
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ©
O4 - HKLM\..\Run: [RtHDVBg_DTS] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe ©
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe ©
O4 - HKLM\..\Run: [Connectify Hotspot] . (.Connectify - Connectify Hotspot.) -- C:\Program Files (x86)\Connectify\Connectify.exe
O4 - HKLM\..\Run: [Connectify Dispatch] . (.Connectify - Connectify Dispatch.) -- C:\Program Files (x86)\Connectify\DispatchUI.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe ©
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\TCC-HAIL\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [CloudSystemBooster] . (.Anvisoft - Cloud System Booster Application.) -- D:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe ©
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ©
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe ©
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- D:\Program Files (x86)\SUPERAntiSpyware.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O4 - HKLM\..\Wow6432Node\Run: [YouCam Service] . (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe ©
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- D:\Program Files (x86)\Athan\Athan.exe
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- D:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Alfa Autorun Killer 3] . (.Alfa Programs ® - Get red of all known and unknown autorun vi.) -- D:\Program Files (x86)\Alfa Programs\Alfa Autorun Killer 3.0\Alfa Autorun Killer 3.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe ©
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Computer, Inc. - .) -- C:\Program Files (x86)\QuickTime\qttask.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\TCC-HAIL\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [CloudSystemBooster] . (.Anvisoft - Cloud System Booster Application.) -- D:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- D:\Program Files (x86)\SUPERAntiSpyware.exe
---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 37.220.8.190 5.152.219.52
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 37.220.8.190 5.152.219.52
---\\ Extra protocols (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ©
---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL (.not file.)
---\\ Non Microsoft non disabled Windows Services (32) - 4s
O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - D:\Program Files (x86)\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) . (...) - D:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
O23 - Service: @oem17.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\windows\system32\BtwRSupportService.exe ©
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files (x86)\BlueStacks\HD-Service.exe ©
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe ©
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe ©
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe ©
O23 - Service: Change Modem Device Service (Change Modem Device Service) . (...) - C:\Windows\SysWOW64\ChgService.exe
O23 - Service: Connectify (Connectify) . (.Connectify - Connectify Service Stub.) - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: DTSAudioSvc (DTSAudioSvc) . (.DTS, Inc - DTS Audio Service.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe ©
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - D:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe ©
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe ©
O23 - Service: FUJ02E3Service (FUJ02E3Service) . (.FUJITSU LIMITED - Fujitsu System Extension Utility / FUJ02E3.) - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) . (.SurfRight B.V. - HitmanPro Scheduler.) - C:\Program Files\HitmanPro\hmpsched.exe ©
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe ©
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 305.4.) - C:\windows\system32\nvvsvc.exe ©
O23 - Service: PFNService (PFNService) . (.FUJITSU LIMITED - Plugfree NETWORK.) - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: PowerSavingUtilityService (PowerSavingUtilityService) . (.FUJITSU LIMITED - PSUService.) - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe ©
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ©
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe ©
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
O23 - Service: @C:\Program Files (x86)\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (.not file.)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ©
---\\ Task Planned Automatically (30) - 10s
[MD5.A5062EA164067050F2DFA9DCA98CA63A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3157856] ©
[MD5.E6019253451DBB67740F7027AD9E1CB5] [APT] [RealUpgradeLogonTaskS-1-5-21-879740390-4067418799-3724441332-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840] ©
[MD5.E6019253451DBB67740F7027AD9E1CB5] [APT] [RealUpgradeScheduledTaskS-1-5-21-879740390-4067418799-3724441332-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840] ©
[MD5.AF02603D6637C69DAD2E69B80D14CAEA] [APT] [WpsNotifyTask_TCC-HAIL] (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- D:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe [364392]
[MD5.182E368D346439E8650E0CD798B84CB7] [APT] [WpsUpdateTask_TCC-HAIL] (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- D:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [424808]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndCheckOnWakeup] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndCheckOnWakeupBySwitch] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN1S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN2S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN3S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN4S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN5S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN6S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndSetWakeupSetting] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartBtnHndHKB] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN1S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN2S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN3S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN4S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN5S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN6S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupNow] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\DisableBtnHndStartQuickTouchOnWakeupAtLogon] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
O39 - APT: WpsNotifyTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\Tasks\WpsNotifyTask_TCC-HAIL.job [388]
O39 - APT: WpsUpdateTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\Tasks\WpsUpdateTask_TCC-HAIL.job [388]
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\windows\System32\Tasks\CCleanerSkipUAC [2778] ©
O39 - APT: RealUpgradeLogonTaskS-1-5-21-879740390-4067418799-3724441332-1002 - (.RealNetworks, Inc..) -- C:\windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-879740390-4067418799-3724441332-1002 [3208] ©
O39 - APT: RealUpgradeScheduledTaskS-1-5-21-879740390-4067418799-3724441332-1002 - (.RealNetworks, Inc..) -- C:\windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-879740390-4067418799-3724441332-1002 [3336] ©
O39 - APT: WpsNotifyTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\System32\Tasks\WpsNotifyTask_TCC-HAIL [3342]
O39 - APT: WpsUpdateTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\System32\Tasks\WpsUpdateTask_TCC-HAIL [3342]
---\\ Software installed (100) - 26s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Connectify - (.Connectify.) [HKLM][64Bits] -- Connectify
O42 - Logiciel: HitmanPro 3.7 - (.SurfRight B.V..) [HKLM][64Bits] -- HitmanPro37 ©
O42 - Logiciel: Java(TM) 7 Update 5 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417005FF} ©
O42 - Logiciel: Plugfree NETWORK - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {55AEBE91-AFDB-4300-82D8-0834BFE8D65E}
O42 - Logiciel: LIFEBOOK Application Panel - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {6226477E-444F-4DFE-BA19-9F4F7D4565BC}
O42 - Logiciel: Fujitsu BIOS Driver - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {7292FFCF-FA9A-4585-AB80-A71961F931AF}
O42 - Logiciel: Plugfree NETWORK - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {7BA64D21-EE46-4a9a-8145-52B0175C3F86}
O42 - Logiciel: HHD Software Free Hex Editor Neo 5.14 - (.HHD Software, Ltd..) [HKLM][64Bits] -- {8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {99FDAE3B-6905-45A6-8F73-595363AAD3D1} ©
O42 - Logiciel: ALPS Touch Pad Driver - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} ©
O42 - Logiciel: NVIDIA 3D Vision Driver 305.46 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision ©
O42 - Logiciel: NVIDIA Graphics Driver 305.46 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver ©
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {C6D9ED03-6FCF-4410-9CB7-45CA285F9E11} ©
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM][64Bits] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} ©
O42 - Logiciel: Oracle VM VirtualBox 4.3.6 - (.Oracle Corporation.) [HKLM][64Bits] -- {DC65DFD8-E175-4A85-948A-42965853B2E8} ©
O42 - Logiciel: Pointing Device Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {DDC49774-40B9-47AE-9C63-5569C08C4082}
O42 - Logiciel: Power Saving Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {E50AF275-8A41-4FCF-847B-D6E60018F388}
O42 - Logiciel: Fujitsu System Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}
O42 - Logiciel: Fujitsu MobilityCenter Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {EC314CDF-3521-482B-A21C-65AC95664814}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} ©
O42 - Logiciel: 7-Zip 4.57 - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Cars - (...) [HKLM][64Bits] -- 76322c23820ae7473cdebbff3eceb262
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR ©
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin ©
O42 - Logiciel: Athan Basic 4.2 - (...) [HKLM][64Bits] -- Athan
O42 - Logiciel: Cloud System Booster - (.Anvisoft.) [HKLM][64Bits] -- Cloud System Booster ©
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite ©
O42 - Logiciel: DeskUpdate 4.13 - (.Fujitsu Technology Solutions.) [HKLM][64Bits] -- DeskUpdate_is1
O42 - Logiciel: F1 2012 - (...) [HKLM][64Bits] -- F1 2012_is1
O42 - Logiciel: Foxit Reader 5.0 - (.Foxit Corporation.) [HKLM][64Bits] -- Foxit Reader_is1 ©
O42 - Logiciel: Go West - (.ATARI Europe.) [HKLM][64Bits] -- Go West
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: CyberLink YouCam 5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} ©
O42 - Logiciel: LIFEBOOK Application Panel - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}
O42 - Logiciel: Fujitsu BIOS Driver - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}
O42 - Logiciel: Pointing Device Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}
O42 - Logiciel: Power Saving Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{E50AF275-8A41-4FCF-847B-D6E60018F388}
O42 - Logiciel: Fujitsu System Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}
O42 - Logiciel: Fujitsu MobilityCenter Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}
O42 - Logiciel: Internet Download Manager - (...) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: Internet-based TOEFL - (.Kaplan.) [HKLM][64Bits] -- Internet-based TOEFL_is1
O42 - Logiciel: Kingsoft Office 2013 (9.1.0.4550) - (.Kingsoft Corp..) [HKLM][64Bits] -- Kingsoft Office
O42 - Logiciel: Kiwix 0.9 rc2 - (.Kiwix.) [HKLM][64Bits] -- Kiwix
O42 - Logiciel: Longman iBT - (...) [HKLM][64Bits] -- Longman iBT
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Mozilla Firefox 25.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 25.0 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo ©
O42 - Logiciel: Opera 11.11 - (.Opera Software ASA.) [HKLM][64Bits] -- Opera 11.11.2109 ©
O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: QUICKnet - (...) [HKLM][64Bits] -- QUICKnet 5.577
O42 - Logiciel: QuickTime - (...) [HKLM][64Bits] -- QuickTime
O42 - Logiciel: Quran - (...) [HKLM][64Bits] -- Quran
O42 - Logiciel: RadiAnt DICOM Viewer (64-bit) - (.Medixant.) [HKLM][64Bits] -- RadiAnt64
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 15.0 ©
O42 - Logiciel: ResearchSoft Direct Export Helper - (...) [HKLM][64Bits] -- ResearchSoft Direct Export Helper
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- sa.edu.ksa.ayat
O42 - Logiciel: Satellite Antenna Alignment v2.35 - (.AL Softwate Team.) [HKLM][64Bits] -- Satellite Antenna Alignment_is1
O42 - Logiciel: STDU Viewer version 1.6.251.0 - (.STDUtility.) [HKLM][64Bits] -- STDU Viewer_is1 ©
O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 8 ©
O42 - Logiciel: µTorrent - (...) [HKLM][64Bits] -- uTorrent
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger ©
O42 - Logiciel: Your Free net - (.Your Free net.) [HKLM][64Bits] -- Your Free net1.7
O42 - Logiciel: Youtube Video Downloader PRO 3.9.0.2 - (...) [HKLM][64Bits] -- Youtube Video Downloader PRO 3.9.0.2
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} ©
O42 - Logiciel: CyberLink YouCam 5 - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} ©
O42 - Logiciel: Game Graphic Studio - (.Obocaman.) [HKLM][64Bits] -- {0A36AAD3-461C-4F21-B695-0754AEEC0B1B} ©
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} ©
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} ©
O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77} ©
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {34927EBC-98D4-4D53-98BE-510DF5999F50} ©
O42 - Logiciel: FJ Camera - (.Sonix.) [HKLM][64Bits] -- {399C37FB-08AF-493B-BFED-20FBD85EDF7F} ©
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- {41E2E6F7-F831-A443-D7D8-3B164D6B936F}
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {5C1A66E7-6794-4931-835A-5C7F7F003B30} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: EndNote X6 - (.Thomson Reuters.) [HKLM][64Bits] -- {86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}
O42 - Logiciel: DLL Suite 2013 - (...) [HKLM][64Bits] -- {885843E7-6CAC-4791-B7BF-1CD516017954}_is1
O42 - Logiciel: Etisalat USB modem - (.Etisalat.) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} ©
O42 - Logiciel: Adobe Reader X (10.1.3) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} ©
O42 - Logiciel: Disney-Pixar WALL-E - (.THQ.) [HKLM][64Bits] -- {B94C6815-7BCC-4124-AC39-9208A06FFFA7} ©
O42 - Logiciel: RegCure Pro - (.ParetoLogic, Inc..) [HKLM][64Bits] -- {C547F361-5750-4CD1-9FB6-BC93827CB6C1} =>PUP.Optional.Paretologic
O42 - Logiciel: Rapture3D 2.4.4 Game - (.Blue Ripple Sound.) [HKLM][64Bits] -- {D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1
O42 - Logiciel: COWON Media Center - jetAudio Basic VX - (.COWON.) [HKLM][64Bits] -- {DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} ©
O42 - Logiciel: Pro Evolution Soccer 2012 - (.KONAMI.) [HKLM][64Bits] -- {E737A098-F161-4B6F-AF22-86AAE34F6FBD} ©
O42 - Logiciel: Alfa Autorun Killer 3 version 3.0.6 - (.Alfa Programs(R)2005 - 2010.) [HKLM][64Bits] -- {EB8D4BC8-AAF7-4014-8A8C-95C4520316D5}_is1
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} ©
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox ©
O42 - Logiciel: Mozilla Firefox 25.0.1 (x86 en-US) - (.Mozilla.) [HKCU][64Bits] -- Mozilla Firefox 25.0.1 (x86 en-US) ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: XBMC - (.Team XBMC.) [HKCU][64Bits] -- XBMC
---\\ HKCU & HKLM Software Keys (149) - 26s
HKLM\SOFTWARE\Wow6432Node\2K Sports
HKLM\SOFTWARE\Wow6432Node\7-Zip
HKLM\SOFTWARE\Wow6432Node\ACE Compression Software
HKLM\SOFTWARE\Wow6432Node\Activision
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\Alfa Programs
HKLM\SOFTWARE\Wow6432Node\Anvisoft
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\BlueRippleSound
HKLM\SOFTWARE\Wow6432Node\BlueStacks
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Connectify
HKLM\SOFTWARE\Wow6432Node\COWON
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\Etisalat
HKLM\SOFTWARE\Wow6432Node\FarStone
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader
HKLM\SOFTWARE\Wow6432Node\Free Zip Viewer
HKLM\SOFTWARE\Wow6432Node\Fujitsu
HKLM\SOFTWARE\Wow6432Node\Go West
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GRETECH
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\ISI ResearchSoft
HKLM\SOFTWARE\Wow6432Node\Islamic Encyclopedia
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Kaplan
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Kingsoft
HKLM\SOFTWARE\Wow6432Node\KONAMI
HKLM\SOFTWARE\Wow6432Node\KONAMIPES6
HKLM\SOFTWARE\Wow6432Node\Longman
HKLM\SOFTWARE\Wow6432Node\LphcmModem
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Netscape
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Sierra
HKLM\SOFTWARE\Wow6432Node\Sierra Entertainment, Inc.
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Sonix
HKLM\SOFTWARE\Wow6432Node\Swearware
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\THQ
HKLM\SOFTWARE\Wow6432Node\Toshiba
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WALL-E
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\x264 Video Codec
HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp.
HKLM\SOFTWARE\Wow6432Node\yahoo
HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\2K Sports
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Activision
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Alps
HKCU\SOFTWARE\Antirun
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Asobo Studio
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\COWON
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\EA Sports
HKCU\SOFTWARE\eFilm Medical
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FLT
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreenTree Applications
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HHD Software
HKCU\SOFTWARE\HOW Inc.
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Info_DMT_Patches
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\ISI ResearchSoft
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\Kingsoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Oracle
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RadiAnt Viewer
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\REDitor II
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Satlist
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\SimpleTV by SergeyVS#3
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SUPERAntiSpyware.com
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\THQ
HKCU\SOFTWARE\Toshiba
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WALL-E
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Widcomm
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\XBMC
HKCU\SOFTWARE\yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\RealNetworks
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
---\\ Contents of the Common Files folders (280) - 28s
O43 - CFD: 2015/07/17 06:46:38 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2013/12/02 06:01:20 - [] D -- C:\Program Files (x86)\Alfa Programs
O43 - CFD: 2013/07/20 18:49:07 - [] D -- C:\Program Files (x86)\Athan
O43 - CFD: 2015/07/17 06:46:55 - [] D -- C:\Program Files (x86)\Ayat
O43 - CFD: 2014/08/01 11:05:23 - [] D -- C:\Program Files (x86)\BlueStacks
O43 - CFD: 2013/07/21 17:55:11 - [] D -- C:\Program Files (x86)\BRS
O43 - CFD: 2013/03/05 08:06:28 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 2015/07/17 06:46:37 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/02/05 12:27:59 - [] D -- C:\Program Files (x86)\Connectify
O43 - CFD: 2013/03/05 08:04:43 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2013/11/27 12:50:28 - [] D -- C:\Program Files (x86)\DriverUninstall
O43 - CFD: 2013/10/04 04:16:24 - [] D -- C:\Program Files (x86)\Free Zip Viewer
O43 - CFD: 2012/11/21 21:42:21 - [] D -- C:\Program Files (x86)\Fujitsu
O43 - CFD: 2015/07/31 17:08:52 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2013/07/17 23:09:43 - [] D -- C:\Program Files (x86)\GRETECH
O43 - CFD: 2015/07/17 06:47:03 - [] HD -- C:\Program Files (x86)\InstallJammer Registry
O43 - CFD: 2014/01/08 23:59:26 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/03/05 08:06:28 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2013/07/20 18:18:41 - [0] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2013/10/09 08:08:12 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2013/11/20 13:10:06 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2013/07/17 23:09:36 - [] D -- C:\Program Files (x86)\JetAudio
O43 - CFD: 2013/07/21 18:42:19 - [] D -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 2013/07/17 23:18:54 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2013/07/17 23:18:46 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2013/07/17 23:15:36 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2013/07/17 23:19:11 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2013/07/17 23:18:13 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2013/11/09 02:23:04 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2013/07/17 23:19:02 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/10/06 21:34:18 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2013/07/21 17:55:01 - [] D -- C:\Program Files (x86)\OpenAL
O43 - CFD: 2013/12/06 16:21:12 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2013/07/18 00:06:22 - [] D -- C:\Program Files (x86)\QUICKnet
O43 - CFD: 2015/02/28 06:24:39 - [] D -- C:\Program Files (x86)\QuickTime
O43 - CFD: 2013/07/17 23:07:54 - [] D -- C:\Program Files (x86)\Real
O43 - CFD: 2012/11/21 21:52:49 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2012/11/17 00:52:29 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/05/30 22:36:29 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/03/07 14:09:43 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2012/11/21 21:52:50 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2013/11/12 19:17:49 - [] D -- C:\Program Files (x86)\THQ
O43 - CFD: 2014/08/01 10:58:47 - [] D -- C:\Program Files (x86)\Toshiba
O43 - CFD: 2014/12/12 18:25:57 - [] D -- C:\Program Files (x86)\uTorrent
O43 - CFD: 2013/07/18 16:06:22 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/07/18 16:06:28 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2013/07/18 16:06:27 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2012/07/26 10:12:59 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/07/18 16:06:26 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2012/07/26 10:12:59 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/07/17 23:04:37 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2013/07/17 23:12:47 - [] D -- C:\Program Files (x86)\Yahoo!
O43 - CFD: 2014/03/06 09:55:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
O43 - CFD: 2013/07/20 18:53:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2012/07/26 10:13:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 09:52:57 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/10/09 08:08:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/10/17 20:49:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AL-Software
O43 - CFD: 2013/12/02 06:01:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alfa Programs
O43 - CFD: 2013/10/02 08:46:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amirsys
O43 - CFD: 2013/07/20 18:49:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Athan
O43 - CFD: 2013/07/21 17:55:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
O43 - CFD: 2014/06/11 00:25:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
O43 - CFD: 2013/12/02 01:37:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/02/05 12:10:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
O43 - CFD: 2013/07/17 23:09:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COWON Media Center - jetAudio
O43 - CFD: 2013/12/16 11:32:51 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CureROM
O43 - CFD: 2013/03/05 08:05:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 5
O43 - CFD: 2014/04/06 17:14:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
O43 - CFD: 2013/10/06 05:51:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
O43 - CFD: 2013/12/02 01:26:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2013/12/08 19:36:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etisalat USB modem
O43 - CFD: 2013/07/30 07:53:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F1 2012
O43 - CFD: 2013/07/20 18:48:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.0
O43 - CFD: 2013/12/16 11:32:51 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Zip Viewer
O43 - CFD: 2013/03/05 07:59:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fujitsu
O43 - CFD: 2012/11/21 21:41:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJITSU - LIFEBOOK Application Panel
O43 - CFD: 2012/11/21 21:40:39 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJITSU - Power Saving Utility
O43 - CFD: 2013/10/15 21:11:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Graphic Studio
O43 - CFD: 2013/07/23 23:41:31 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2013/07/17 23:09:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
O43 - CFD: 2015/08/04 01:31:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2013/10/15 23:42:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
O43 - CFD: 2015/07/30 05:44:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
O43 - CFD: 2013/03/05 08:06:37 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
O43 - CFD: 2013/07/20 18:19:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/07/28 11:42:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Islamic Encyclopedia
O43 - CFD: 2013/11/20 13:10:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/02/27 17:08:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaplan
O43 - CFD: 2015/05/23 14:34:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Office
O43 - CFD: 2014/01/09 08:44:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kiwix
O43 - CFD: 2015/02/28 06:24:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Longman iBT
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/30 05:33:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2013/07/21 18:42:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
O43 - CFD: 2013/07/17 23:21:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2013/10/06 22:27:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2014/03/21 23:42:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
O43 - CFD: 2014/07/23 03:46:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2012 Patch
O43 - CFD: 2012/11/21 21:41:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugfree NETWORK
O43 - CFD: 2012/11/21 21:41:23 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pointing Device Utility
O43 - CFD: 2013/07/20 18:52:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2013/07/18 00:06:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QUICKnet
O43 - CFD: 2015/02/28 06:24:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 2013/11/03 14:07:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadiAnt DICOM Viewer
O43 - CFD: 2013/07/17 23:08:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
O43 - CFD: 2014/09/26 22:01:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/10/05 15:51:50 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2013/08/07 21:21:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STDUtility
O43 - CFD: 2015/03/07 06:47:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
O43 - CFD: 2012/07/26 10:13:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2012/07/26 09:52:57 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/08/01 10:58:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 2014/12/10 06:42:53 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2013/07/17 23:04:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2013/07/17 23:12:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
O43 - CFD: 2013/12/13 00:11:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Free net
O43 - CFD: 2015/07/31 20:41:51 - [] D -- C:\ProgramData\29540409256740362
O43 - CFD: 2013/12/03 03:00:58 - [] D -- C:\ProgramData\Activision
O43 - CFD: 2015/07/17 06:46:41 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/11/30 06:14:05 - [] D -- C:\ProgramData\Avira
O43 - CFD: 2014/06/11 00:31:13 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 2014/12/10 06:43:33 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2013/07/30 08:48:58 - [] D -- C:\ProgramData\Codemasters
O43 - CFD: 2015/02/05 12:20:12 - [] D -- C:\ProgramData\Connectify
O43 - CFD: 2013/03/05 08:05:24 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2013/07/21 04:17:43 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2013/12/02 01:25:59 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2012/11/21 21:42:30 - [] D -- C:\ProgramData\Fujitsu
O43 - CFD: 2014/01/02 00:26:05 - [] D -- C:\ProgramData\Go West
O43 - CFD: 2013/07/21 02:23:36 - [] D -- C:\ProgramData\Hi
O43 - CFD: 2015/07/30 13:58:00 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 2013/12/16 11:33:01 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2013/03/05 08:06:28 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2013/03/05 08:06:24 - [] D -- C:\ProgramData\Intel.sav
O43 - CFD: 2015/05/23 14:33:46 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 2013/10/06 20:53:46 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2013/12/16 11:33:01 - [0] D -- C:\ProgramData\Logs
O43 - CFD: 2015/07/30 05:33:07 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/03/02 10:39:51 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2013/07/17 23:21:40 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2013/11/09 02:23:04 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/10/08 21:15:49 - [] D -- C:\ProgramData\Norton
O43 - CFD: 2013/10/06 17:32:38 - [0] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 2015/09/11 06:24:23 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2013/03/05 08:00:54 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2012/11/17 03:04:35 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2015/02/28 06:24:40 - [] D -- C:\ProgramData\QuickTime
O43 - CFD: 2013/11/03 14:07:28 - [] D -- C:\ProgramData\RadiAntViewer
O43 - CFD: 2013/07/18 00:12:38 - [] D -- C:\ProgramData\Real
O43 - CFD: 2012/07/26 09:52:57 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2013/03/05 08:07:21 - [] D -- C:\ProgramData\Roaming
O43 - CFD: 2015/05/08 16:24:59 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/11/20 13:10:57 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/02/21 06:46:53 - [] D -- C:\ProgramData\SUPERAntiSpyware.com
O43 - CFD: 2013/07/21 18:13:14 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2013/10/06 05:51:12 - [] D -- C:\ProgramData\Thomson.ResearchSoft.Installers
O43 - CFD: 2013/07/17 23:12:57 - [] D -- C:\ProgramData\Yahoo!
O43 - CFD: 2012/11/21 21:41:34 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/07/17 06:46:37 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2013/07/17 23:09:35 - [] D -- C:\Program Files (x86)\Common Files\COWON
O43 - CFD: 2013/07/17 23:18:46 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2013/10/16 10:22:04 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2012/11/21 21:31:27 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2013/11/20 13:10:55 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2013/07/17 23:19:07 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2012/11/21 21:29:33 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2013/10/06 05:51:11 - [] D -- C:\Program Files (x86)\Common Files\ResearchSoft
O43 - CFD: 2013/10/06 05:51:13 - [] D -- C:\Program Files (x86)\Common Files\Risxtd
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/09/26 22:01:16 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2013/03/05 07:57:04 - [] D -- C:\Program Files (x86)\Common Files\SNP2UVC
O43 - CFD: 2013/08/07 21:21:44 - [] D -- C:\Program Files (x86)\Common Files\STDUtility
O43 - CFD: 2013/10/04 03:02:39 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 2013/07/18 16:06:23 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2013/10/06 05:48:25 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2013/07/17 23:07:52 - [] D -- C:\Program Files (x86)\Common Files\xing shared
O43 - CFD: 2014/03/06 10:05:32 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\2K Sports
O43 - CFD: 2013/11/12 19:19:48 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Ace
O43 - CFD: 2013/12/03 03:00:58 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Activision
O43 - CFD: 2015/07/17 06:46:41 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Adobe
O43 - CFD: 2013/07/19 04:25:59 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\COWON
O43 - CFD: 2014/12/10 07:44:44 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Crash Reports
O43 - CFD: 2014/08/17 19:25:31 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/09/11 00:32:41 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\DMCache
O43 - CFD: 2015/09/11 06:30:39 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Dropbox
O43 - CFD: 2014/12/10 06:43:34 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\EndNote
O43 - CFD: 2013/12/02 01:28:15 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\ESET
O43 - CFD: 2013/10/08 08:12:31 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Foxit Software
O43 - CFD: 2013/07/17 22:57:04 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Fujitsu
O43 - CFD: 2013/07/19 04:25:36 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\GRETECH
O43 - CFD: 2013/07/26 11:09:14 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Ice Age 2
O43 - CFD: 2013/07/20 16:06:39 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Identities
O43 - CFD: 2015/08/10 16:09:24 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\IDM
O43 - CFD: 2013/11/12 19:17:28 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\InstallShield
O43 - CFD: 2013/07/17 22:54:55 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Intel
O43 - CFD: 2015/05/23 14:31:35 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Kingsoft
O43 - CFD: 2013/07/17 23:13:09 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Macromedia
O43 - CFD: 2014/11/29 15:17:28 - [] SD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft
O43 - CFD: 2013/07/20 19:37:43 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Mozilla
O43 - CFD: 2013/07/21 10:45:26 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\NVIDIA
O43 - CFD: 2015/01/03 23:42:59 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Opera
O43 - CFD: 2013/12/02 10:32:00 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Opera Software
O43 - CFD: 2014/12/10 07:44:44 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Profiles
O43 - CFD: 2013/07/28 19:35:56 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Real
O43 - CFD: 2014/04/02 01:29:20 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\REDitor II
O43 - CFD: 2015/07/17 06:47:06 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\sa.edu.ksa.ayat
O43 - CFD: 2013/07/28 04:41:07 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\shamela
O43 - CFD: 2015/09/11 06:30:54 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Skype
O43 - CFD: 2013/08/30 01:32:27 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Super-Cow
O43 - CFD: 2015/02/21 06:47:05 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\SUPERAntiSpyware.com
O43 - CFD: 2014/12/10 06:43:33 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\TeamViewer
O43 - CFD: 2015/05/08 09:57:53 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Thinstall
O43 - CFD: 2015/07/31 17:44:42 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\uTorrent
O43 - CFD: 2014/06/06 10:41:06 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\vlc
O43 - CFD: 2013/07/17 23:04:51 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\WinRAR
O43 - CFD: 2014/01/09 08:44:07 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\www.kiwix.org
O43 - CFD: 2014/12/10 06:43:33 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\XBMC
O43 - CFD: 2015/09/11 20:47:51 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\ZHP
O43 - CFD: 2014/01/09 00:02:18 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Activision
O43 - CFD: 2015/07/17 06:46:17 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Adobe
O43 - CFD: 2013/07/17 22:54:52 - [0] SHD -- C:\Users\TCC-HAIL\AppData\Local\Application Data
O43 - CFD: 2013/10/14 10:29:36 - [] D -- C:\Users\TCC-HAIL\AppData\Local\ApplicationHistory
O43 - CFD: 2014/04/02 01:48:30 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Apps
O43 - CFD: 2013/07/30 14:59:14 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Asobo Studio
O43 - CFD: 2013/07/17 22:57:05 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Broadcom
O43 - CFD: 2015/09/11 15:33:43 - [] D -- C:\Users\TCC-HAIL\AppData\Local\CrashDumps
O43 - CFD: 2013/07/17 22:58:28 - [] D -- C:\Users\TCC-HAIL\AppData\Local\CyberLink
O43 - CFD: 2015/07/31 16:41:08 - [0] D -- C:\Users\TCC-HAIL\AppData\Local\Deployment
O43 - CFD: 2015/07/23 03:01:20 - [0] D -- C:\Users\TCC-HAIL\AppData\Local\Diagnostics
O43 - CFD: 2014/04/06 17:15:17 - [] D -- C:\Users\TCC-HAIL\AppData\Local\DOSBox
O43 - CFD: 2015/09/03 04:31:14 - [0] D -- C:\Users\TCC-HAIL\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2013/12/02 01:28:15 - [] D -- C:\Users\TCC-HAIL\AppData\Local\ESET
O43 - CFD: 2013/07/30 08:48:58 - [] D -- C:\Users\TCC-HAIL\AppData\Local\FLT
O43 - CFD: 2013/07/21 09:39:25 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Free Zip Viewer
O43 - CFD: 2015/07/31 16:36:49 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Google
O43 - CFD: 2013/10/15 23:42:01 - [] D -- C:\Users\TCC-HAIL\AppData\Local\HHD Software
O43 - CFD: 2013/07/17 22:54:52 - [0] SHD -- C:\Users\TCC-HAIL\AppData\Local\History
O43 - CFD: 2014/04/02 01:39:46 - [] D -- C:\Users\TCC-HAIL\AppData\Local\JerseyEditor
O43 - CFD: 2015/05/23 15:03:14 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Kingsoft
O43 - CFD: 2014/11/29 15:17:28 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Microsoft
O43 - CFD: 2015/05/30 23:22:29 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Microsoft Help
O43 - CFD: 2013/07/20 19:37:31 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Mozilla
O43 - CFD: 2013/10/12 08:37:09 - [] D -- C:\Users\TCC-HAIL\AppData\Local\NPE
O43 - CFD: 2015/01/03 23:42:59 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Opera
O43 - CFD: 2013/12/02 10:32:01 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Opera Software
O43 - CFD: 2013/10/08 16:24:42 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Packages
O43 - CFD: 2014/12/10 07:44:44 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Profiles
O43 - CFD: 2014/10/05 06:58:01 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Programs
O43 - CFD: 2014/09/19 14:23:52 - [] D -- C:\Users\TCC-HAIL\AppData\Local\RadiantViewer
O43 - CFD: 2014/03/07 20:20:29 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Skype
O43 - CFD: 2013/08/09 10:39:43 - [] D -- C:\Users\TCC-HAIL\AppData\Local\STDUViewer
O43 - CFD: 2013/09/20 11:29:36 - [] D -- C:\Users\TCC-HAIL\AppData\Local\storage
O43 - CFD: 2015/09/11 20:48:48 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Temp
O43 - CFD: 2013/07/17 22:54:52 - [0] SHD -- C:\Users\TCC-HAIL\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/05/08 09:57:53 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Thinstall
O43 - CFD: 2014/06/24 16:51:37 - [] D -- C:\Users\TCC-HAIL\AppData\Local\VirtualStore
O43 - CFD: 2014/01/09 08:44:07 - [] D -- C:\Users\TCC-HAIL\AppData\Local\www.kiwix.org
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/07/17 22:56:15 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/11/10 23:21:32 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
O43 - CFD: 2015/05/07 17:47:59 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
O43 - CFD: 2015/07/20 12:12:54 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2014
O43 - CFD: 2015/04/19 00:02:51 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 2013/07/20 18:19:33 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2012/07/26 10:13:00 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/19 00:03:09 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/07/20 19:50:25 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
O43 - CFD: 2013/07/17 23:04:38 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2013/12/02 01:54:22 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec
O43 - CFD: 2014/03/22 14:14:38 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
---\\ System Drivers List (79) - 8s
O58 - SDL:2012/07/26 07:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\windows\System32\drivers\3ware.sys [106736] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\System32\drivers\adp94xx.sys [492272] ©
O58 - SDL:2012/07/26 07:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\System32\drivers\adpahci.sys [340720] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\windows\System32\drivers\adpu320.sys [184048] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\System32\drivers\amdsata.sys [76016] ©
O58 - SDL:2012/07/26 07:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\windows\System32\drivers\amdsbs.sys [258288] ©
O58 - SDL:2012/07/26 07:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\System32\drivers\amdxata.sys [26352] ©
O58 - SDL:2012/07/24 10:35:56 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\windows\System32\drivers\Apfiltr.sys [445816] ©
O58 - SDL:2012/07/26 07:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\System32\drivers\arc.sys [104688] ©
O58 - SDL:2012/07/26 07:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\System32\drivers\arcsas.sys [108272] ©
O58 - SDL:2014/01/02 00:17:52 A . (...) -- C:\windows\System32\drivers\atksgt.sys [88480]
O58 - SDL:2012/08/25 04:32:54 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\windows\System32\drivers\bcbtums.sys [165688] ©
O58 - SDL:2012/09/05 00:59:54 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\windows\System32\drivers\btwampfl.sys [157560] ©
O58 - SDL:2012/08/30 07:53:58 A . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\windows\System32\drivers\btwaudio.sys [186648] ©
O58 - SDL:2012/08/30 07:53:56 A . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\windows\System32\drivers\btwavdt.sys [212792] ©
O58 - SDL:2012/07/27 05:18:26 A . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\windows\System32\drivers\btwl2cap.sys [40248] ©
O58 - SDL:2012/08/30 07:53:54 A . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\windows\System32\drivers\btwrchid.sys [22328] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\System32\drivers\bxvbda.sys [539376] ©
O58 - SDL:2012/12/21 09:40:38 A . (.QUALCOMM Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\cmnsusbser.sys [126080] ©
O58 - SDL:2015/02/05 12:07:36 A . (.Connectify - NDISRD helper driver.) -- C:\windows\System32\drivers\cnnctfy3.sys [35352]
O58 - SDL:2014/01/01 23:32:19 A . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\windows\System32\drivers\dtsoftbus01.sys [283200] ©
O58 - SDL:2012/06/02 16:31:38 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\windows\System32\drivers\e1i63x64.sys [333824] ©
O58 - SDL:2012/06/14 16:33:30 A . (.ESET - Amon monitor.) -- C:\windows\System32\drivers\eamonm.sys [211344] ©
O58 - SDL:2012/06/14 16:33:54 A . (.ESET - ESET Helper driver.) -- C:\windows\System32\drivers\ehdrv.sys [149592] ©
O58 - SDL:2012/06/14 16:34:14 A . (.ESET - ESET Personal Firewall driver.) -- C:\windows\System32\drivers\epfw.sys [188696] ©
O58 - SDL:2012/06/14 16:34:14 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\windows\System32\drivers\EpfwLWF.sys [38328] ©
O58 - SDL:2012/06/14 16:34:18 A . (.ESET - ESET Personal Firewall driver.) -- C:\windows\System32\drivers\epfwwfp.sys [62536] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\System32\drivers\evbda.sys [3295984] ©
O58 - SDL:2012/08/01 15:35:34 A . (.FUJITSU LIMITED - Fujitsu BIOS Driver.) -- C:\windows\System32\drivers\FBIOSDRV.sys [20848]
O58 - SDL:2012/08/01 15:34:02 A . (.FUJITSU LIMITED - WDM driver for FUJ02B1 PnP device.) -- C:\windows\System32\drivers\fuj02b1.sys [16368]
O58 - SDL:2012/08/01 15:32:34 A . (.FUJITSU LIMITED - WDM driver for FUJ02E3 PnP device.) -- C:\windows\System32\drivers\fuj02e3.sys [17264]
O58 - SDL:2012/07/02 08:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\windows\System32\drivers\HECIx64.sys [62784] ©
O58 - SDL:2015/09/11 06:29:54 A . (.© 2014 SurfRight B.V. - HitmanPro 3.7 Support Driver.) -- C:\windows\System32\drivers\hitmanpro37.sys [43664] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\windows\System32\drivers\HpSAMD.sys [64752] ©
O58 - SDL:2012/07/31 20:21:58 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\windows\System32\drivers\iaStorA.sys [645952] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\windows\System32\drivers\iaStorV.sys [411888] ©
O58 - SDL:2012/08/07 09:14:12 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\System32\drivers\igdkmd64.sys [8982208] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\System32\drivers\iirsp.sys [45296] ©
O58 - SDL:2012/06/19 00:40:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\windows\System32\drivers\IntcDAud.sys [342528] ©
O58 - SDL:2014/01/02 00:17:52 A . (...) -- C:\windows\System32\drivers\lirsgt.sys [46400]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas.sys [108784] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas2.sys [92400] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\System32\drivers\lsi_scsi.sys [116976] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sss.sys [81136] ©
O58 - SDL:2011/03/26 10:37:12 A . (.MBB Incorporated - CDROM Filter.) -- C:\windows\System32\drivers\massfilter.sys [11776]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\mbam.sys [25816] ©
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\windows\System32\drivers\mbamchameleon.sys [109272] ©
O58 - SDL:2015/09/11 06:29:24 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\MBAMSwissArmy.sys [113880] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\megasas.sys [51952] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\System32\drivers\MegaSR.sys [353008] ©
O58 - SDL:2012/07/26 07:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\windows\System32\drivers\mvumis.sys [64240] ©
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\windows\System32\drivers\mwac.sys [64216] ©
O58 - SDL:2012/08/08 01:51:58 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\System32\drivers\NETwew00.sys [4273192] ©
O58 - SDL:2012/06/02 16:31:47 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\System32\drivers\NETwNe64.sys [11400192] ©
O58 - SDL:2012/07/26 07:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\System32\drivers\nfrd960.sys [52464] ©
O58 - SDL:2012/07/31 17:02:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\windows\System32\drivers\nvlddmkm.sys [13406056] ©
O58 - SDL:2012/07/31 17:02:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\windows\System32\drivers\nvpciflt.sys [30056] ©
O58 - SDL:2012/07/26 07:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\System32\drivers\nvraid.sys [150256] ©
O58 - SDL:2012/07/26 07:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\System32\drivers\nvstor.sys [168176] ©
O58 - SDL:2012/06/12 14:41:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\windows\System32\drivers\Rt630x64.sys [683664] ©
O58 - SDL:2012/07/31 11:10:34 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\windows\System32\drivers\RTKVHD64.sys [4102928] ©
O58 - SDL:2012/07/05 04:18:06 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\windows\System32\drivers\RtsUStor.sys [252048] ©
O58 - SDL:2010/04/12 10:55:00 A . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\windows\System32\drivers\scdemu.sys [91568]
O58 - SDL:2012/07/26 10:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2012/07/26 07:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\System32\drivers\sisraid2.sys [44784] ©
O58 - SDL:2012/07/26 07:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\System32\drivers\sisraid4.sys [81648] ©
O58 - SDL:2012/09/06 03:44:08 A . (.Sonix Co. Ltd. - Sonix SN9C290 driver.) -- C:\windows\System32\drivers\snp2uvc.sys [1849608]
O58 - SDL:2013/07/21 04:48:12 A . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\windows\System32\drivers\sptd.sys [564824] ©
O58 - SDL:2012/07/26 07:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\windows\System32\drivers\stexstor.sys [30960] ©
O58 - SDL:2013/12/18 17:19:54 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\windows\System32\drivers\VBoxDrv.sys [252688] ©
O58 - SDL:2013/12/18 17:16:44 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\windows\System32\drivers\VBoxNetAdp.sys [140560] ©
O58 - SDL:2013/12/18 17:16:44 A . (.Oracle Corporation - VirtualBox Bridged Networking Driver.) -- C:\windows\System32\drivers\VBoxNetFlt.sys [154896] ©
O58 - SDL:2013/12/18 17:16:44 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\windows\System32\drivers\VBoxUSBMon.sys [126736] ©
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\System32\drivers\viaide.sys [19184] ©
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\System32\drivers\vsmraid.sys [164080] ©
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\windows\System32\drivers\VSTXRAID.SYS [322800] ©
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\ZTEusbmdm6k.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\ZTEusbnmea.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\ZTEusbser6k.sys [123520]
---\\ Last modified or created user files (4) - 9s
O61 - LFC: 2015/09/11 06:30:48 A . (..) -- C:\Users\TCC-HAIL\Dropbox\.dropbox.cache\dropbox-upgrade-3.8.8.exe [0]
O61 - LFC: 2015/09/11 00:33:23 A . (.Bleeping Computer, LLC.) -- C:\Users\TCC-HAIL\Documents\Downloads\Programs\rkill.exe [2019656]
O61 - LFC: 2015/09/11 00:33:23 A . (.Bleeping Computer, LLC.) -- C:\Users\TCC-HAIL\Desktop\app.exe [2019656]
O61 - LFC: 2015/09/11 16:15:11 A . (..) -- C:\Users\TCC-HAIL\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe ©
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Start Menu Internet (16) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe http://www.mystartsearch.com/ ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe ©
---\\ Search Browser Infection (8) - 11s
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("browser.search.searchengine.ptid", "wpc"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("browser.search.searchengine.uid", "TOSHIBAXMQ01ABD050_2369P1RYTXX2369P1RYT"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.aul", "1386456399865"); =>PUP.Optional.SecretSauce
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.irl", true); =>PUP.Optional.SecretSauce
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.is", "fmxqteg"); =>PUP.Optional.SecretSauce
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.ug", "1B47C7B0-B1D6-4860-AF5A-35CF135D3B62"); =>PUP.Optional.SecretSauce
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (34) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\windows\System32\aelupsvc.dll [190976] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\windows\System32\certprop.dll [149504] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\windows\System32\certprop.dll [149504] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\windows\System32\srvsvc.dll [309248] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\windows\System32\gpsvc.dll [1366016] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\windows\System32\ikeext.dll [1071104] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\windows\System32\rasauto.dll [99840] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\windows\System32\rasmans.dll [358400] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [107520] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\windows\System32\sens.dll [62976] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\windows\System32\ipnathlp.dll [438784] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [305664] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\windows\system32\wuaueng.dll [3318784] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\windows\System32\qmgr.dll [826368] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [565760] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\windows\System32\iphlpsvc.dll [894464] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\windows\System32\appinfo.dll [69632] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\windows\system32\iscsiexe.dll [151552] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\windows\System32\eapsvc.dll [105472] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\windows\system32\schedsvc.dll [1282560] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\windows\system32\wbem\WMIsvc.dll [219648] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\windows\system32\mmcss.dll [80384] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\windows\System32\browser.dll [134144] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\windows\system32\profsvc.dll [209920] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [291328] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\windows\System32\wercplsupport.dll [84992] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\windows\system32\kmsvc.dll [97792] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\windows\System32\bdesvc.dll [190464] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\windows\system32\wlidsvc.dll [1968128] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\windows\system32\themeservice.dll [47104] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\windows\System32\DeviceSetupManager.dll [207872] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\windows\System32\ncasvc.dll [161792] ©
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) -- C:\windows\System32\SystemEventsBrokerServer.dll [178176] ©
---\\ Firewall Active Exception List (2) - 2s
O87 - FAEL: "{2F140AFD-1F4C-4DEA-828A-26C2A53BC10F}" [In-None-P6-TRUE] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{04D5B8C5-0EE3-40F8-AC95-2345766AB71F}" [In-None-P17-TRUE] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (35) - 107s
SR - Auto [2014/07/23 01:31:23] [ 172344] SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com.) - D:\Program Files (x86)\SASCORE64.EXE
SR - Auto [2012/04/04 08:53:50] [ 63928] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SR - Auto [2012/12/14 10:33:08] [ 318312] Anvi Cloud System Booster Speed Service (AnviCsbSvc) . (...) - D:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
SR - Auto [2012/08/25 03:33:01] [ 2252088] @oem17.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control (BcmBtRSupport) . (.Broadcom Corporation..) - C:\windows\system32\BtwRSupportService.exe ©
SS - Auto [2014/05/21 21:01:54] [ 402192] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe ©
SS - Auto [2014/05/21 21:02:22] [ 385808] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe ©
SS - Auto [2014/05/21 21:04:14] [ 774928] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe ©
SR - Auto [2012/09/04 13:31:06] [ 957304] Bluetooth Service (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe ©
SS - Auto [2012/12/21 12:10:18] [ 114688] Change Modem Device Service (Change Modem Device Service) . (...) - C:\Windows\SysWOW64\ChgService.exe
SS - Auto [2014/03/24 19:25:34] [ 487936] Connectify (Connectify) . (.Connectify.) - C:\Program Files (x86)\Connectify\ConnectifyService.exe
SS - Demand [2012/08/07 13:01:22] [ 276288] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe ©
SR - Auto [2012/01/23 15:30:22] [ 233328] DTSAudioSvc (DTSAudioSvc) . (.DTS, Inc.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe ©
SR - Auto [2012/06/14 16:33:54] [ 1288104] ESET Service (ekrn) . (.ESET.) - D:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe ©
SR - Auto [2012/07/18 22:14:04] [ 627504] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe ©
SS - Auto [2012/07/19 05:56:16] [ 80752] FUJ02E3Service (FUJ02E3Service) . (.FUJITSU LIMITED.) - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
SS - Auto [2015/09/05 12:28:39] [ 127752] HitmanPro Scheduler (HitmanProScheduler) . (.SurfRight B.V..) - C:\Program Files\HitmanPro\hmpsched.exe ©
SR - Auto [2012/07/13 10:02:16] [ 2451456] IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe ©
SR - Auto [2012/04/21 00:16:12] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SR - Auto [2012/07/17 10:10:16] [ 165760] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
SR - Auto [2012/07/17 10:10:30] [ 276864] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SS - Auto [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2013/10/26 03:53:33] [ 119408] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SS - Demand [2012/07/18 22:14:16] [ 272176] Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ©
SR - Auto [2012/07/31 18:25:26] [ 891240] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\windows\system32\nvvsvc.exe ©
SS - Auto [2012/07/12 00:48:00] [ 2219520] PFNService (PFNService) . (.FUJITSU LIMITED.) - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
SR - Auto [2012/08/07 03:26:57] [ 51608] PowerSavingUtilityService (PowerSavingUtilityService) . (.FUJITSU LIMITED.) - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
SR - Auto [2012/07/18 22:13:40] [ 149296] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe ©
SS - Auto [2015/02/18 20:11:32] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SS - Auto [2012/07/31 09:54:52] [ 382312] NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ©
SS - Auto [2014/03/05 23:31:41] [ 3560288] TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe ©
SS - Demand [2011/04/01 17:42:56] [ 198064] TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ©
SR - Auto [2012/07/17 10:10:32] [ 364416] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
SR - Auto [2012/07/18 22:14:38] [ 2699568] Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ©
---\\ Additional Scan (O88) (2) - 0s
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F79B460B-F4FB-49B3-92DA-ABCB80DB9D1B} =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C547F361-5750-4CD1-9FB6-BC93827CB6C1} =>PUP.Optional.Paretologic
---\\ Summary of the elements found (4) - 0s
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/blog =>PUP.Optional.Paretologic
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/adware-secretsauce / =>PUP.Optional.SecretSauce
~ End of the scan, 20378 items in 300 seconds (1016)(0)()
~ Run by TCC-HAIL (Administrator) (2015/09/11 20:47:39)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: No network file
~ Mode: Scan
~ Report: C:\Users\TCC-HAIL\Desktop\ZHPDiag.txt
~ Report: C:\Users\TCC-HAIL\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 8 Single Language, 64-bit (Build 9200)
---\\ Internet Browsers (4) - 0s
GCIE: Google Chrome v44.0.2403.125
MFIE: Mozilla Firefox 25.0 (x86 en-US) v25.0
OPIE: Opera 11.11.2109 v11.11.2109
MSIE: Internet Explorer v10.0.9200.16384
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (2) - 4s
Malwarebytes Anti-Malware version 2.1.8.1057
Windows Defender W8 (Deactivate)
---\\ System protection software (Superfluous) (1) - 5s
SUPERAntiSpyware v6.0.1170
---\\ System optimization software (2) - 5s
CCleaner v3.24
RegCure Pro v3.1.7.0
---\\ Surveillance software (2) - 5s
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ Sharing software PeerToPeer (1) - 6s
µTorrent v1.8.5
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 4047.092 MB (43% free)
~ System Restore: Activé (Enable)
~ System drive C: has 8 GB free of 76 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: TCC
~ User Name: TCC-HAIL
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 8 GB free of 76 GB (System)
~ Drive D: has 118 GB free of 382 GB
---\\ State of the Windows Security Center (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (24) - 2s
[MD5.928791755FDDEA721B053535EF84FA17] - (.Microsoft Corporation - Windows Explorer.) () -- C:\windows\Explorer.exe [2380440] ©
[MD5.3A6209AC494296C24C2065CB4392B5F4] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\windows\System32\rundll32.exe [51712] ©
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\windows\System32\Wininit.exe [132608] ©
[MD5.3DA7E6053DB9BE3EADC70CE20B1FB92B] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\windows\System32\wininet.dll [2246656] ©
[MD5.93AB226C07A9789B2EC7B41F73602F76] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\windows\System32\Winlogon.exe [516608] ©
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\windows\System32\sppcomapi.dll [273408] ©
[MD5.4D10F9BB8243BCBF39774BF4D6B0D108] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\windows\System32\dnsapi.dll [604672] ©
[MD5.6356C0630362CC80E4318A672FF66804] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\windows\Syswow64\dnsapi.dll [461312] ©
[MD5.9E975BDC89C83900B2C534C4E1B018F8] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\windows\System32\drivers\AFD.sys [561152] ©
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\windows\System32\drivers\atapi.sys [25840] ©
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\windows\System32\drivers\Cdfs.sys [108544] ©
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\windows\System32\drivers\Cdrom.sys [174080] ©
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\windows\System32\drivers\DfsC.sys [118784] ©
[MD5.8D6810577E9C4F56DCB8E9BACAC7287B] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\windows\System32\drivers\HDAudBus.sys [71168] ©
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\windows\System32\drivers\i8042prt.sys [112640] ©
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\windows\System32\drivers\IpNat.sys [145920] ©
[MD5.1EEAA5A62E8C49DDF58798F06F78BFFA] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\windows\System32\drivers\MRxSmb.sys [368128] ©
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\windows\System32\drivers\netBT.sys [331776] ©
[MD5.4A7EEA9C4AD5CBFDA3C0E5B821C99CAD] - (.Microsoft Corporation - NT File System Driver.) () -- C:\windows\System32\drivers\ntfs.sys [1934064] ©
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\windows\System32\drivers\Parport.sys [105984] ©
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\windows\System32\drivers\Rasl2tp.sys [124928] ©
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\windows\System32\drivers\rdpdr.sys [179712] ©
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\windows\System32\drivers\tdx.sys [117248] ©
[MD5.2FB3CDFD5EAF4CD9D4AFAF96877D13AE] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\windows\System32\drivers\volsnap.sys [332016] ©
---\\ Process running (42) - 2s
[MD5.EDEF3B2D77698F9FF8BD9A56D297638B] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 305.4.) -- C:\windows\system32\nvvsvc.exe [891240] [PID.1004] ©
[MD5.350F8DFC8A098F5F2818E45DADB7025B] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1125224] [PID.1200] ©
[MD5.970C70F6B2953ED43822D3797855D84C] - (.SUPERAntiSpyware.com - Core Service.) -- D:\Program Files (x86)\SASCORE64.EXE [172344] [PID.1848]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63928] [PID.1868] ©
[MD5.0CE79F00BC069F94BBE8139CAE38A9C2] - (...) -- D:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [318312] [PID.1960]
[MD5.D39434B5E11CE057E4C289A3D08EBDAC] - (.Broadcom Corporation. - Bluetooth Radio Management Support.) -- C:\windows\system32\BtwRSupportService.exe [2252088] [PID.1980] ©
[MD5.E7E83F8C4D988AA152F23B26FF26FC49] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [957304] [PID.1292] ©
[MD5.426D951F2DE2D4DFCBE0D1A42BBBA72F] - (.DTS, Inc - DTS Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328] [PID.2216] ©
[MD5.52F63774A1866258BF64488A75CA1757] - (.ESET - ESET Service.) -- D:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1288104] [PID.2272] ©
[MD5.E67E289FA8AA393223AD7F9AFB738FD6] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [627504] [PID.2292] ©
[MD5.C99F8E90DE4B8F0C7FE15BB1CBCD29DC] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [635104] [PID.2360] ©
[MD5.3C4002D339491AF73D663FFC7F6E5ECB] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760] [PID.2396] ©
[MD5.5879C87FD883B0B092A588E595D6DE62] - (.FUJITSU LIMITED - PSUService.) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe [51608] [PID.2780]
[MD5.D4F8266D63800FF9ACFAC838005A974C] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [149296] [PID.2816] ©
[MD5.97D3DCBBF3915782644DB56F5C191B9F] - (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568] [PID.2104] ©
[MD5.ABEFA4BD23329FD9BD47496BF2E58774] - (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) -- C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456] [PID.4828] ©
[MD5.4269D44BB47A6DA5D80B11F4C8536458] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [276864] [PID.4972] ©
[MD5.DBE2E6388379D5CC78099650541E9566] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [364416] [PID.2544] ©
[MD5.BF5DE14131C7E137D728830FDB58DAD3] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe [651672] [PID.2844] ©
[MD5.B0666DF6D554879AE8A7C91E26A5972F] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872] [PID.3348] ©
[MD5.5E53A66C680A06E26B1234CB0C3CD99B] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608] [PID.2076] ©
[MD5.BC0A3C03E1DF23746F999F0576690B75] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe [69968] [PID.924] ©
[MD5.1B0E5412AB8F30B8ED2AEAC2C530EB90] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Hidfind.exe [98672] [PID.4996] ©
[MD5.6F9BB9BF205C2E61982B1C9A7AB5D337] - (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- D:\Program Files (x86)\Athan\Athan.exe [1204224] [PID.3196]
[MD5.C8B2CE01333ED2D08C7A56CF49922077] - (.ESET - ESET Main GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe [5634800] [PID.5544] ©
[MD5.5A42370A885E2629A7C46BF743CE9CC9] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe [941936] [PID.4880] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5928] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.1020] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5816] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.1936] ©
[MD5.5337B7D4DA78302798CFC9969BF08D0A] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2448744] [PID.40] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4000] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.2212] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.444] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4116] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4540] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.3088] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5132] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5660] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.3108] ©
[MD5.8148E859A8C771ACFC8C13881A657C75] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.292] ©
[MD5.277789334263C78BD58231766AD7C015] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\TCC-HAIL\AppData\Roaming\ZHP\ZHPDiag3.exe [1923072] [PID.1364] ©
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 1s
P2 - EXT: (.Internet Download Manager, Tonec Inc. - IDM CC.) -- C:\Users\TCC-HAIL\AppData\Roaming\Mozilla\Firefox\Profiles\h9yxo8jj.default\extensions\mozilla_cc@internetdownloadmanager.com
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ©
P2 - FPN: [HKLM] [@real.com/nprpplugin;version=15.0.6.14] - (.RealPlayer.) -- C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
---\\ Internet Explorer Extensions, Start, Search (16) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.eg/?gfe_rd=cr&ei=Wsm7Va6ICYKJ8Qe8o7PICQ&gws_rd=ssl
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)
---\\ Hosts file redirection (2) - 0s
127
~ Le fichier hôte est sain (The hosts file is clean) (26)
---\\ Browser Helper Object (BHO) (4) - 0s
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll ©
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll ©
O2 - BHO: CutThePrice [64Bits] - {F79B460B-F4FB-49B3-92DA-ABCB80DB9D1B} . (...) -- C:\Program Files (x86)\CutThePrice\E7xTvFvDHUDoGm.x64.dll (.not file.) =>PUP.Optional.Multiplug
---\\ Auto loading programs from Registry and folders (33) - 2s
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe ©
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe ©
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe ©
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ©
O4 - HKLM\..\Run: [RtHDVBg_DTS] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe ©
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- D:\Program Files\ESET\ESET Smart Security\egui.exe ©
O4 - HKLM\..\Run: [Connectify Hotspot] . (.Connectify - Connectify Hotspot.) -- C:\Program Files (x86)\Connectify\Connectify.exe
O4 - HKLM\..\Run: [Connectify Dispatch] . (.Connectify - Connectify Dispatch.) -- C:\Program Files (x86)\Connectify\DispatchUI.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe ©
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\TCC-HAIL\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [CloudSystemBooster] . (.Anvisoft - Cloud System Booster Application.) -- D:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe ©
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ©
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe ©
O4 - HKCU\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- D:\Program Files (x86)\SUPERAntiSpyware.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O4 - HKLM\..\Wow6432Node\Run: [YouCam Service] . (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe ©
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Athan] . (.www.IslamicFinder.org - Automatic Athan (Azan) five times a day f.) -- D:\Program Files (x86)\Athan\Athan.exe
O4 - HKLM\..\Wow6432Node\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- D:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ©
O4 - HKLM\..\Wow6432Node\Run: [Alfa Autorun Killer 3] . (.Alfa Programs ® - Get red of all known and unknown autorun vi.) -- D:\Program Files (x86)\Alfa Programs\Alfa Autorun Killer 3.0\Alfa Autorun Killer 3.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe ©
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Computer, Inc. - .) -- C:\Program Files (x86)\QuickTime\qttask.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\TCC-HAIL\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [CloudSystemBooster] . (.Anvisoft - Cloud System Booster Application.) -- D:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe ©
O4 - HKUS\S-1-5-21-879740390-4067418799-3724441332-1002\..\Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- D:\Program Files (x86)\SUPERAntiSpyware.exe
---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 37.220.8.190 5.152.219.52
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 37.220.8.190 5.152.219.52
---\\ Extra protocols (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ©
---\\ AppInit_DLLs Registry value Autorun (1) - 0s
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL (.not file.)
---\\ Non Microsoft non disabled Windows Services (32) - 4s
O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - D:\Program Files (x86)\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: Anvi Cloud System Booster Speed Service (AnviCsbSvc) . (...) - D:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
O23 - Service: @oem17.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\windows\system32\BtwRSupportService.exe ©
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files (x86)\BlueStacks\HD-Service.exe ©
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe ©
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe ©
O23 - Service: Bluetooth Service (btwdins) . (.Broadcom Corporation. - Bluetooth Support Server.) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe ©
O23 - Service: Change Modem Device Service (Change Modem Device Service) . (...) - C:\Windows\SysWOW64\ChgService.exe
O23 - Service: Connectify (Connectify) . (.Connectify - Connectify Service Stub.) - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: DTSAudioSvc (DTSAudioSvc) . (.DTS, Inc - DTS Audio Service.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe ©
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - D:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe ©
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe ©
O23 - Service: FUJ02E3Service (FUJ02E3Service) . (.FUJITSU LIMITED - Fujitsu System Extension Utility / FUJ02E3.) - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (...) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (.not file.)
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) . (.SurfRight B.V. - HitmanPro Scheduler.) - C:\Program Files\HitmanPro\hmpsched.exe ©
O23 - Service: IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Patch Tool..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe ©
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 305.4.) - C:\windows\system32\nvvsvc.exe ©
O23 - Service: PFNService (PFNService) . (.FUJITSU LIMITED - Plugfree NETWORK.) - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
O23 - Service: PowerSavingUtilityService (PowerSavingUtilityService) . (.FUJITSU LIMITED - PSUService.) - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe ©
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ©
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe ©
O23 - Service: Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
O23 - Service: @C:\Program Files (x86)\Windows Defender\MpAsDesc.dll,-310 (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (.not file.)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ©
---\\ Task Planned Automatically (30) - 10s
[MD5.A5062EA164067050F2DFA9DCA98CA63A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [3157856] ©
[MD5.E6019253451DBB67740F7027AD9E1CB5] [APT] [RealUpgradeLogonTaskS-1-5-21-879740390-4067418799-3724441332-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840] ©
[MD5.E6019253451DBB67740F7027AD9E1CB5] [APT] [RealUpgradeScheduledTaskS-1-5-21-879740390-4067418799-3724441332-1002] (.RealNetworks, Inc..) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [178840] ©
[MD5.AF02603D6637C69DAD2E69B80D14CAEA] [APT] [WpsNotifyTask_TCC-HAIL] (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- D:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe [364392]
[MD5.182E368D346439E8650E0CD798B84CB7] [APT] [WpsUpdateTask_TCC-HAIL] (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- D:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [424808]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndCheckOnWakeup] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndCheckOnWakeupBySwitch] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN1S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN2S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN3S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN4S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN5S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndOnABN6S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndSetWakeupSetting] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartBtnHndHKB] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN1S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN2S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN3S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN4S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN5S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnABN6S0] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\BtnHndStartQuickTouchOnWakeupNow] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Fujitsu\ApplicationPanel\DisableBtnHndStartQuickTouchOnWakeupAtLogon] (...) -- C:\Program Files (x86)\Fujitsu\Application Panel\BtnHnd.exe (.not file.) [0]
O39 - APT: WpsNotifyTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\Tasks\WpsNotifyTask_TCC-HAIL.job [388]
O39 - APT: WpsUpdateTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\Tasks\WpsUpdateTask_TCC-HAIL.job [388]
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\windows\System32\Tasks\CCleanerSkipUAC [2778] ©
O39 - APT: RealUpgradeLogonTaskS-1-5-21-879740390-4067418799-3724441332-1002 - (.RealNetworks, Inc..) -- C:\windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-879740390-4067418799-3724441332-1002 [3208] ©
O39 - APT: RealUpgradeScheduledTaskS-1-5-21-879740390-4067418799-3724441332-1002 - (.RealNetworks, Inc..) -- C:\windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-879740390-4067418799-3724441332-1002 [3336] ©
O39 - APT: WpsNotifyTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\System32\Tasks\WpsNotifyTask_TCC-HAIL [3342]
O39 - APT: WpsUpdateTask_TCC-HAIL - (.Zhuhai Kingsoft Office Software Co.,Ltd.) -- C:\windows\System32\Tasks\WpsUpdateTask_TCC-HAIL [3342]
---\\ Software installed (100) - 26s
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: Connectify - (.Connectify.) [HKLM][64Bits] -- Connectify
O42 - Logiciel: HitmanPro 3.7 - (.SurfRight B.V..) [HKLM][64Bits] -- HitmanPro37 ©
O42 - Logiciel: Java(TM) 7 Update 5 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86417005FF} ©
O42 - Logiciel: Plugfree NETWORK - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {55AEBE91-AFDB-4300-82D8-0834BFE8D65E}
O42 - Logiciel: LIFEBOOK Application Panel - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {6226477E-444F-4DFE-BA19-9F4F7D4565BC}
O42 - Logiciel: Fujitsu BIOS Driver - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {7292FFCF-FA9A-4585-AB80-A71961F931AF}
O42 - Logiciel: Plugfree NETWORK - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {7BA64D21-EE46-4a9a-8145-52B0175C3F86}
O42 - Logiciel: HHD Software Free Hex Editor Neo 5.14 - (.HHD Software, Ltd..) [HKLM][64Bits] -- {8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {99FDAE3B-6905-45A6-8F73-595363AAD3D1} ©
O42 - Logiciel: ALPS Touch Pad Driver - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} ©
O42 - Logiciel: NVIDIA 3D Vision Driver 305.46 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision ©
O42 - Logiciel: NVIDIA Graphics Driver 305.46 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver ©
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM][64Bits] -- {C6D9ED03-6FCF-4410-9CB7-45CA285F9E11} ©
O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM][64Bits] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6} ©
O42 - Logiciel: Oracle VM VirtualBox 4.3.6 - (.Oracle Corporation.) [HKLM][64Bits] -- {DC65DFD8-E175-4A85-948A-42965853B2E8} ©
O42 - Logiciel: Pointing Device Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {DDC49774-40B9-47AE-9C63-5569C08C4082}
O42 - Logiciel: Power Saving Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {E50AF275-8A41-4FCF-847B-D6E60018F388}
O42 - Logiciel: Fujitsu System Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}
O42 - Logiciel: Fujitsu MobilityCenter Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- {EC314CDF-3521-482B-A21C-65AC95664814}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} ©
O42 - Logiciel: 7-Zip 4.57 - (...) [HKLM][64Bits] -- 7-Zip
O42 - Logiciel: Cars - (...) [HKLM][64Bits] -- 76322c23820ae7473cdebbff3eceb262
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR ©
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin ©
O42 - Logiciel: Athan Basic 4.2 - (...) [HKLM][64Bits] -- Athan
O42 - Logiciel: Cloud System Booster - (.Anvisoft.) [HKLM][64Bits] -- Cloud System Booster ©
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite ©
O42 - Logiciel: DeskUpdate 4.13 - (.Fujitsu Technology Solutions.) [HKLM][64Bits] -- DeskUpdate_is1
O42 - Logiciel: F1 2012 - (...) [HKLM][64Bits] -- F1 2012_is1
O42 - Logiciel: Foxit Reader 5.0 - (.Foxit Corporation.) [HKLM][64Bits] -- Foxit Reader_is1 ©
O42 - Logiciel: Go West - (.ATARI Europe.) [HKLM][64Bits] -- Go West
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: CyberLink YouCam 5 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} ©
O42 - Logiciel: LIFEBOOK Application Panel - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}
O42 - Logiciel: Fujitsu BIOS Driver - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{7292FFCF-FA9A-4585-AB80-A71961F931AF}
O42 - Logiciel: Pointing Device Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{DDC49774-40B9-47AE-9C63-5569C08C4082}
O42 - Logiciel: Power Saving Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{E50AF275-8A41-4FCF-847B-D6E60018F388}
O42 - Logiciel: Fujitsu System Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}
O42 - Logiciel: Fujitsu MobilityCenter Extension Utility - (.FUJITSU LIMITED.) [HKLM][64Bits] -- InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}
O42 - Logiciel: Internet Download Manager - (...) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: Internet-based TOEFL - (.Kaplan.) [HKLM][64Bits] -- Internet-based TOEFL_is1
O42 - Logiciel: Kingsoft Office 2013 (9.1.0.4550) - (.Kingsoft Corp..) [HKLM][64Bits] -- Kingsoft Office
O42 - Logiciel: Kiwix 0.9 rc2 - (.Kiwix.) [HKLM][64Bits] -- Kiwix
O42 - Logiciel: Longman iBT - (...) [HKLM][64Bits] -- Longman iBT
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Mozilla Firefox 25.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 25.0 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo ©
O42 - Logiciel: Opera 11.11 - (.Opera Software ASA.) [HKLM][64Bits] -- Opera 11.11.2109 ©
O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM][64Bits] -- PowerISO
O42 - Logiciel: QUICKnet - (...) [HKLM][64Bits] -- QUICKnet 5.577
O42 - Logiciel: QuickTime - (...) [HKLM][64Bits] -- QuickTime
O42 - Logiciel: Quran - (...) [HKLM][64Bits] -- Quran
O42 - Logiciel: RadiAnt DICOM Viewer (64-bit) - (.Medixant.) [HKLM][64Bits] -- RadiAnt64
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 15.0 ©
O42 - Logiciel: ResearchSoft Direct Export Helper - (...) [HKLM][64Bits] -- ResearchSoft Direct Export Helper
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- sa.edu.ksa.ayat
O42 - Logiciel: Satellite Antenna Alignment v2.35 - (.AL Softwate Team.) [HKLM][64Bits] -- Satellite Antenna Alignment_is1
O42 - Logiciel: STDU Viewer version 1.6.251.0 - (.STDUtility.) [HKLM][64Bits] -- STDU Viewer_is1 ©
O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer 8 ©
O42 - Logiciel: µTorrent - (...) [HKLM][64Bits] -- uTorrent
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger ©
O42 - Logiciel: Your Free net - (.Your Free net.) [HKLM][64Bits] -- Your Free net1.7
O42 - Logiciel: Youtube Video Downloader PRO 3.9.0.2 - (...) [HKLM][64Bits] -- Youtube Video Downloader PRO 3.9.0.2
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669} ©
O42 - Logiciel: CyberLink YouCam 5 - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} ©
O42 - Logiciel: Game Graphic Studio - (.Obocaman.) [HKLM][64Bits] -- {0A36AAD3-461C-4F21-B695-0754AEEC0B1B} ©
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} ©
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} ©
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} ©
O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM][64Bits] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77} ©
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {34927EBC-98D4-4D53-98BE-510DF5999F50} ©
O42 - Logiciel: FJ Camera - (.Sonix.) [HKLM][64Bits] -- {399C37FB-08AF-493B-BFED-20FBD85EDF7F} ©
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM][64Bits] -- {41E2E6F7-F831-A443-D7D8-3B164D6B936F}
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {5C1A66E7-6794-4931-835A-5C7F7F003B30} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} ©
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} ©
O42 - Logiciel: EndNote X6 - (.Thomson Reuters.) [HKLM][64Bits] -- {86B3F2D6-AC2B-0016-8AE1-F2F77F781B0C}
O42 - Logiciel: DLL Suite 2013 - (...) [HKLM][64Bits] -- {885843E7-6CAC-4791-B7BF-1CD516017954}_is1
O42 - Logiciel: Etisalat USB modem - (.Etisalat.) [HKLM][64Bits] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} ©
O42 - Logiciel: Adobe Reader X (10.1.3) MUI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-FFFF-7B44-AA0000000001} ©
O42 - Logiciel: Disney-Pixar WALL-E - (.THQ.) [HKLM][64Bits] -- {B94C6815-7BCC-4124-AC39-9208A06FFFA7} ©
O42 - Logiciel: RegCure Pro - (.ParetoLogic, Inc..) [HKLM][64Bits] -- {C547F361-5750-4CD1-9FB6-BC93827CB6C1} =>PUP.Optional.Paretologic
O42 - Logiciel: Rapture3D 2.4.4 Game - (.Blue Ripple Sound.) [HKLM][64Bits] -- {D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1
O42 - Logiciel: COWON Media Center - jetAudio Basic VX - (.COWON.) [HKLM][64Bits] -- {DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} ©
O42 - Logiciel: Pro Evolution Soccer 2012 - (.KONAMI.) [HKLM][64Bits] -- {E737A098-F161-4B6F-AF22-86AAE34F6FBD} ©
O42 - Logiciel: Alfa Autorun Killer 3 version 3.0.6 - (.Alfa Programs(R)2005 - 2010.) [HKLM][64Bits] -- {EB8D4BC8-AAF7-4014-8A8C-95C4520316D5}_is1
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} ©
O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox ©
O42 - Logiciel: Mozilla Firefox 25.0.1 (x86 en-US) - (.Mozilla.) [HKCU][64Bits] -- Mozilla Firefox 25.0.1 (x86 en-US) ©
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent
O42 - Logiciel: XBMC - (.Team XBMC.) [HKCU][64Bits] -- XBMC
---\\ HKCU & HKLM Software Keys (149) - 26s
HKLM\SOFTWARE\Wow6432Node\2K Sports
HKLM\SOFTWARE\Wow6432Node\7-Zip
HKLM\SOFTWARE\Wow6432Node\ACE Compression Software
HKLM\SOFTWARE\Wow6432Node\Activision
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\Alfa Programs
HKLM\SOFTWARE\Wow6432Node\Anvisoft
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc.
HKLM\SOFTWARE\Wow6432Node\BlueRippleSound
HKLM\SOFTWARE\Wow6432Node\BlueStacks
HKLM\SOFTWARE\Wow6432Node\CDDB
HKLM\SOFTWARE\Wow6432Node\Connectify
HKLM\SOFTWARE\Wow6432Node\COWON
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\Disc Soft
HKLM\SOFTWARE\Wow6432Node\ESET
HKLM\SOFTWARE\Wow6432Node\Etisalat
HKLM\SOFTWARE\Wow6432Node\FarStone
HKLM\SOFTWARE\Wow6432Node\Foxit Software
HKLM\SOFTWARE\Wow6432Node\Free YouTube Downloader
HKLM\SOFTWARE\Wow6432Node\Free Zip Viewer
HKLM\SOFTWARE\Wow6432Node\Fujitsu
HKLM\SOFTWARE\Wow6432Node\Go West
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\GRETECH
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\ISI ResearchSoft
HKLM\SOFTWARE\Wow6432Node\Islamic Encyclopedia
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Kaplan
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\Kingsoft
HKLM\SOFTWARE\Wow6432Node\KONAMI
HKLM\SOFTWARE\Wow6432Node\KONAMIPES6
HKLM\SOFTWARE\Wow6432Node\Longman
HKLM\SOFTWARE\Wow6432Node\LphcmModem
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Netscape
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\RealNetworks
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Sierra
HKLM\SOFTWARE\Wow6432Node\Sierra Entertainment, Inc.
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Sonix
HKLM\SOFTWARE\Wow6432Node\Swearware
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\THQ
HKLM\SOFTWARE\Wow6432Node\Toshiba
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\WALL-E
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wise Solutions
HKLM\SOFTWARE\Wow6432Node\x264 Video Codec
HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp.
HKLM\SOFTWARE\Wow6432Node\yahoo
HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\2K Sports
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Activision
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Alps
HKCU\SOFTWARE\Antirun
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Asobo Studio
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\COWON
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\EA Sports
HKCU\SOFTWARE\eFilm Medical
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FLT
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreenTree Applications
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HHD Software
HKCU\SOFTWARE\HOW Inc.
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Info_DMT_Patches
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\ISI ResearchSoft
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\Kingsoft
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Oracle
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RadiAnt Viewer
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\REDitor II
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Satlist
HKCU\SOFTWARE\SecuROM
HKCU\SOFTWARE\SimpleTV by SergeyVS#3
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SUPERAntiSpyware.com
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\The Silicon Realms Toolworks
HKCU\SOFTWARE\THQ
HKCU\SOFTWARE\Toshiba
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Ubisoft
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WALL-E
HKCU\SOFTWARE\WebApp
HKCU\SOFTWARE\Widcomm
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\XBMC
HKCU\SOFTWARE\yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\RealNetworks
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
---\\ Contents of the Common Files folders (280) - 28s
O43 - CFD: 2015/07/17 06:46:38 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2013/12/02 06:01:20 - [] D -- C:\Program Files (x86)\Alfa Programs
O43 - CFD: 2013/07/20 18:49:07 - [] D -- C:\Program Files (x86)\Athan
O43 - CFD: 2015/07/17 06:46:55 - [] D -- C:\Program Files (x86)\Ayat
O43 - CFD: 2014/08/01 11:05:23 - [] D -- C:\Program Files (x86)\BlueStacks
O43 - CFD: 2013/07/21 17:55:11 - [] D -- C:\Program Files (x86)\BRS
O43 - CFD: 2013/03/05 08:06:28 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 2015/07/17 06:46:37 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/02/05 12:27:59 - [] D -- C:\Program Files (x86)\Connectify
O43 - CFD: 2013/03/05 08:04:43 - [] D -- C:\Program Files (x86)\CyberLink
O43 - CFD: 2013/11/27 12:50:28 - [] D -- C:\Program Files (x86)\DriverUninstall
O43 - CFD: 2013/10/04 04:16:24 - [] D -- C:\Program Files (x86)\Free Zip Viewer
O43 - CFD: 2012/11/21 21:42:21 - [] D -- C:\Program Files (x86)\Fujitsu
O43 - CFD: 2015/07/31 17:08:52 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2013/07/17 23:09:43 - [] D -- C:\Program Files (x86)\GRETECH
O43 - CFD: 2015/07/17 06:47:03 - [] HD -- C:\Program Files (x86)\InstallJammer Registry
O43 - CFD: 2014/01/08 23:59:26 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2013/03/05 08:06:28 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2013/07/20 18:18:41 - [0] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2013/10/09 08:08:12 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2013/11/20 13:10:06 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2013/07/17 23:09:36 - [] D -- C:\Program Files (x86)\JetAudio
O43 - CFD: 2013/07/21 18:42:19 - [] D -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 2013/07/17 23:18:54 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2013/07/17 23:18:46 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio
O43 - CFD: 2013/07/17 23:15:36 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2013/07/17 23:19:11 - [] D -- C:\Program Files (x86)\Microsoft Works
O43 - CFD: 2013/07/17 23:18:13 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2013/11/09 02:23:04 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2013/07/17 23:19:02 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2013/10/06 21:34:18 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2013/07/21 17:55:01 - [] D -- C:\Program Files (x86)\OpenAL
O43 - CFD: 2013/12/06 16:21:12 - [] D -- C:\Program Files (x86)\Opera
O43 - CFD: 2013/07/18 00:06:22 - [] D -- C:\Program Files (x86)\QUICKnet
O43 - CFD: 2015/02/28 06:24:39 - [] D -- C:\Program Files (x86)\QuickTime
O43 - CFD: 2013/07/17 23:07:54 - [] D -- C:\Program Files (x86)\Real
O43 - CFD: 2012/11/21 21:52:49 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2012/11/17 00:52:29 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/05/30 22:36:29 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/03/07 14:09:43 - [] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2012/11/21 21:52:50 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2013/11/12 19:17:49 - [] D -- C:\Program Files (x86)\THQ
O43 - CFD: 2014/08/01 10:58:47 - [] D -- C:\Program Files (x86)\Toshiba
O43 - CFD: 2014/12/12 18:25:57 - [] D -- C:\Program Files (x86)\uTorrent
O43 - CFD: 2013/07/18 16:06:22 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2013/07/18 16:06:28 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2013/07/18 16:06:27 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2012/07/26 10:12:59 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/07/18 16:06:26 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2012/07/26 10:12:59 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/07/17 23:04:37 - [] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2013/07/17 23:12:47 - [] D -- C:\Program Files (x86)\Yahoo!
O43 - CFD: 2014/03/06 09:55:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Sports
O43 - CFD: 2013/07/20 18:53:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2012/07/26 10:13:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 09:52:57 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/10/09 08:08:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/10/17 20:49:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AL-Software
O43 - CFD: 2013/12/02 06:01:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alfa Programs
O43 - CFD: 2013/10/02 08:46:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amirsys
O43 - CFD: 2013/07/20 18:49:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Athan
O43 - CFD: 2013/07/21 17:55:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
O43 - CFD: 2014/06/11 00:25:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
O43 - CFD: 2013/12/02 01:37:41 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/02/05 12:10:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
O43 - CFD: 2013/07/17 23:09:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COWON Media Center - jetAudio
O43 - CFD: 2013/12/16 11:32:51 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CureROM
O43 - CFD: 2013/03/05 08:05:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 5
O43 - CFD: 2014/04/06 17:14:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DOSBox-0.74
O43 - CFD: 2013/10/06 05:51:09 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
O43 - CFD: 2013/12/02 01:26:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2013/12/08 19:36:24 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etisalat USB modem
O43 - CFD: 2013/07/30 07:53:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F1 2012
O43 - CFD: 2013/07/20 18:48:38 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 5.0
O43 - CFD: 2013/12/16 11:32:51 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Zip Viewer
O43 - CFD: 2013/03/05 07:59:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fujitsu
O43 - CFD: 2012/11/21 21:41:19 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJITSU - LIFEBOOK Application Panel
O43 - CFD: 2012/11/21 21:40:39 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUJITSU - Power Saving Utility
O43 - CFD: 2013/10/15 21:11:55 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Graphic Studio
O43 - CFD: 2013/07/23 23:41:31 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2013/07/17 23:09:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
O43 - CFD: 2015/08/04 01:31:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2013/10/15 23:42:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
O43 - CFD: 2015/07/30 05:44:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
O43 - CFD: 2013/03/05 08:06:37 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
O43 - CFD: 2013/07/20 18:19:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2014/07/28 11:42:51 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Islamic Encyclopedia
O43 - CFD: 2013/11/20 13:10:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/02/27 17:08:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaplan
O43 - CFD: 2015/05/23 14:34:48 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Office
O43 - CFD: 2014/01/09 08:44:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kiwix
O43 - CFD: 2015/02/28 06:24:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Longman iBT
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/07/30 05:33:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2013/07/21 18:42:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
O43 - CFD: 2013/07/17 23:21:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2013/10/06 22:27:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2014/03/21 23:42:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
O43 - CFD: 2014/07/23 03:46:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2012 Patch
O43 - CFD: 2012/11/21 21:41:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plugfree NETWORK
O43 - CFD: 2012/11/21 21:41:23 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pointing Device Utility
O43 - CFD: 2013/07/20 18:52:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 2013/07/18 00:06:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QUICKnet
O43 - CFD: 2015/02/28 06:24:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
O43 - CFD: 2013/11/03 14:07:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadiAnt DICOM Viewer
O43 - CFD: 2013/07/17 23:08:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
O43 - CFD: 2014/09/26 22:01:17 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/10/05 15:51:50 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2013/08/07 21:21:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STDUtility
O43 - CFD: 2015/03/07 06:47:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
O43 - CFD: 2012/07/26 10:13:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2012/07/26 09:52:57 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/08/01 10:58:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
O43 - CFD: 2014/12/10 06:42:53 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 2013/07/17 23:04:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2013/07/17 23:12:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger
O43 - CFD: 2013/12/13 00:11:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Free net
O43 - CFD: 2015/07/31 20:41:51 - [] D -- C:\ProgramData\29540409256740362
O43 - CFD: 2013/12/03 03:00:58 - [] D -- C:\ProgramData\Activision
O43 - CFD: 2015/07/17 06:46:41 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/11/30 06:14:05 - [] D -- C:\ProgramData\Avira
O43 - CFD: 2014/06/11 00:31:13 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 2014/12/10 06:43:33 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2013/07/30 08:48:58 - [] D -- C:\ProgramData\Codemasters
O43 - CFD: 2015/02/05 12:20:12 - [] D -- C:\ProgramData\Connectify
O43 - CFD: 2013/03/05 08:05:24 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2013/07/21 04:17:43 - [] D -- C:\ProgramData\DAEMON Tools Lite
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2013/12/02 01:25:59 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2012/11/21 21:42:30 - [] D -- C:\ProgramData\Fujitsu
O43 - CFD: 2014/01/02 00:26:05 - [] D -- C:\ProgramData\Go West
O43 - CFD: 2013/07/21 02:23:36 - [] D -- C:\ProgramData\Hi
O43 - CFD: 2015/07/30 13:58:00 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 2013/12/16 11:33:01 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2013/03/05 08:06:28 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2013/03/05 08:06:24 - [] D -- C:\ProgramData\Intel.sav
O43 - CFD: 2015/05/23 14:33:46 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 2013/10/06 20:53:46 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2013/12/16 11:33:01 - [0] D -- C:\ProgramData\Logs
O43 - CFD: 2015/07/30 05:33:07 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2014/03/02 10:39:51 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2013/07/17 23:21:40 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2013/11/09 02:23:04 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 2013/10/08 21:15:49 - [] D -- C:\ProgramData\Norton
O43 - CFD: 2013/10/06 17:32:38 - [0] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 2015/09/11 06:24:23 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2013/03/05 08:00:54 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2012/11/17 03:04:35 - [] D -- C:\ProgramData\PRICache
O43 - CFD: 2015/02/28 06:24:40 - [] D -- C:\ProgramData\QuickTime
O43 - CFD: 2013/11/03 14:07:28 - [] D -- C:\ProgramData\RadiAntViewer
O43 - CFD: 2013/07/18 00:12:38 - [] D -- C:\ProgramData\Real
O43 - CFD: 2012/07/26 09:52:57 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2013/03/05 08:07:21 - [] D -- C:\ProgramData\Roaming
O43 - CFD: 2015/05/08 16:24:59 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2013/11/20 13:10:57 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/02/21 06:46:53 - [] D -- C:\ProgramData\SUPERAntiSpyware.com
O43 - CFD: 2013/07/21 18:13:14 - [] D -- C:\ProgramData\Temp
O43 - CFD: 2012/07/26 09:22:08 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2013/10/06 05:51:12 - [] D -- C:\ProgramData\Thomson.ResearchSoft.Installers
O43 - CFD: 2013/07/17 23:12:57 - [] D -- C:\ProgramData\Yahoo!
O43 - CFD: 2012/11/21 21:41:34 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/07/17 06:46:37 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 2013/07/17 23:09:35 - [] D -- C:\Program Files (x86)\Common Files\COWON
O43 - CFD: 2013/07/17 23:18:46 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER
O43 - CFD: 2013/10/16 10:22:04 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2012/11/21 21:31:27 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2013/11/20 13:10:55 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2013/07/17 23:19:07 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2012/11/21 21:29:33 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2013/10/06 05:51:11 - [] D -- C:\Program Files (x86)\Common Files\ResearchSoft
O43 - CFD: 2013/10/06 05:51:13 - [] D -- C:\Program Files (x86)\Common Files\Risxtd
O43 - CFD: 2012/07/26 10:13:01 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/09/26 22:01:16 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2013/03/05 07:57:04 - [] D -- C:\Program Files (x86)\Common Files\SNP2UVC
O43 - CFD: 2013/08/07 21:21:44 - [] D -- C:\Program Files (x86)\Common Files\STDUtility
O43 - CFD: 2013/10/04 03:02:39 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 2013/07/18 16:06:23 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2013/10/06 05:48:25 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 2013/07/17 23:07:52 - [] D -- C:\Program Files (x86)\Common Files\xing shared
O43 - CFD: 2014/03/06 10:05:32 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\2K Sports
O43 - CFD: 2013/11/12 19:19:48 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Ace
O43 - CFD: 2013/12/03 03:00:58 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Activision
O43 - CFD: 2015/07/17 06:46:41 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Adobe
O43 - CFD: 2013/07/19 04:25:59 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\COWON
O43 - CFD: 2014/12/10 07:44:44 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Crash Reports
O43 - CFD: 2014/08/17 19:25:31 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\DAEMON Tools Lite
O43 - CFD: 2015/09/11 00:32:41 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\DMCache
O43 - CFD: 2015/09/11 06:30:39 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Dropbox
O43 - CFD: 2014/12/10 06:43:34 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\EndNote
O43 - CFD: 2013/12/02 01:28:15 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\ESET
O43 - CFD: 2013/10/08 08:12:31 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Foxit Software
O43 - CFD: 2013/07/17 22:57:04 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Fujitsu
O43 - CFD: 2013/07/19 04:25:36 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\GRETECH
O43 - CFD: 2013/07/26 11:09:14 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Ice Age 2
O43 - CFD: 2013/07/20 16:06:39 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Identities
O43 - CFD: 2015/08/10 16:09:24 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\IDM
O43 - CFD: 2013/11/12 19:17:28 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\InstallShield
O43 - CFD: 2013/07/17 22:54:55 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Intel
O43 - CFD: 2015/05/23 14:31:35 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Kingsoft
O43 - CFD: 2013/07/17 23:13:09 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Macromedia
O43 - CFD: 2014/11/29 15:17:28 - [] SD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft
O43 - CFD: 2013/07/20 19:37:43 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Mozilla
O43 - CFD: 2013/07/21 10:45:26 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\NVIDIA
O43 - CFD: 2015/01/03 23:42:59 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Opera
O43 - CFD: 2013/12/02 10:32:00 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Opera Software
O43 - CFD: 2014/12/10 07:44:44 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Profiles
O43 - CFD: 2013/07/28 19:35:56 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Real
O43 - CFD: 2014/04/02 01:29:20 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\REDitor II
O43 - CFD: 2015/07/17 06:47:06 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\sa.edu.ksa.ayat
O43 - CFD: 2013/07/28 04:41:07 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\shamela
O43 - CFD: 2015/09/11 06:30:54 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Skype
O43 - CFD: 2013/08/30 01:32:27 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Super-Cow
O43 - CFD: 2015/02/21 06:47:05 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\SUPERAntiSpyware.com
O43 - CFD: 2014/12/10 06:43:33 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\TeamViewer
O43 - CFD: 2015/05/08 09:57:53 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Thinstall
O43 - CFD: 2015/07/31 17:44:42 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\uTorrent
O43 - CFD: 2014/06/06 10:41:06 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\vlc
O43 - CFD: 2013/07/17 23:04:51 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\WinRAR
O43 - CFD: 2014/01/09 08:44:07 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\www.kiwix.org
O43 - CFD: 2014/12/10 06:43:33 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\XBMC
O43 - CFD: 2015/09/11 20:47:51 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\ZHP
O43 - CFD: 2014/01/09 00:02:18 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Activision
O43 - CFD: 2015/07/17 06:46:17 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Adobe
O43 - CFD: 2013/07/17 22:54:52 - [0] SHD -- C:\Users\TCC-HAIL\AppData\Local\Application Data
O43 - CFD: 2013/10/14 10:29:36 - [] D -- C:\Users\TCC-HAIL\AppData\Local\ApplicationHistory
O43 - CFD: 2014/04/02 01:48:30 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Apps
O43 - CFD: 2013/07/30 14:59:14 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Asobo Studio
O43 - CFD: 2013/07/17 22:57:05 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Broadcom
O43 - CFD: 2015/09/11 15:33:43 - [] D -- C:\Users\TCC-HAIL\AppData\Local\CrashDumps
O43 - CFD: 2013/07/17 22:58:28 - [] D -- C:\Users\TCC-HAIL\AppData\Local\CyberLink
O43 - CFD: 2015/07/31 16:41:08 - [0] D -- C:\Users\TCC-HAIL\AppData\Local\Deployment
O43 - CFD: 2015/07/23 03:01:20 - [0] D -- C:\Users\TCC-HAIL\AppData\Local\Diagnostics
O43 - CFD: 2014/04/06 17:15:17 - [] D -- C:\Users\TCC-HAIL\AppData\Local\DOSBox
O43 - CFD: 2015/09/03 04:31:14 - [0] D -- C:\Users\TCC-HAIL\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2013/12/02 01:28:15 - [] D -- C:\Users\TCC-HAIL\AppData\Local\ESET
O43 - CFD: 2013/07/30 08:48:58 - [] D -- C:\Users\TCC-HAIL\AppData\Local\FLT
O43 - CFD: 2013/07/21 09:39:25 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Free Zip Viewer
O43 - CFD: 2015/07/31 16:36:49 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Google
O43 - CFD: 2013/10/15 23:42:01 - [] D -- C:\Users\TCC-HAIL\AppData\Local\HHD Software
O43 - CFD: 2013/07/17 22:54:52 - [0] SHD -- C:\Users\TCC-HAIL\AppData\Local\History
O43 - CFD: 2014/04/02 01:39:46 - [] D -- C:\Users\TCC-HAIL\AppData\Local\JerseyEditor
O43 - CFD: 2015/05/23 15:03:14 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Kingsoft
O43 - CFD: 2014/11/29 15:17:28 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Microsoft
O43 - CFD: 2015/05/30 23:22:29 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Microsoft Help
O43 - CFD: 2013/07/20 19:37:31 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Mozilla
O43 - CFD: 2013/10/12 08:37:09 - [] D -- C:\Users\TCC-HAIL\AppData\Local\NPE
O43 - CFD: 2015/01/03 23:42:59 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Opera
O43 - CFD: 2013/12/02 10:32:01 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Opera Software
O43 - CFD: 2013/10/08 16:24:42 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Packages
O43 - CFD: 2014/12/10 07:44:44 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Profiles
O43 - CFD: 2014/10/05 06:58:01 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Programs
O43 - CFD: 2014/09/19 14:23:52 - [] D -- C:\Users\TCC-HAIL\AppData\Local\RadiantViewer
O43 - CFD: 2014/03/07 20:20:29 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Skype
O43 - CFD: 2013/08/09 10:39:43 - [] D -- C:\Users\TCC-HAIL\AppData\Local\STDUViewer
O43 - CFD: 2013/09/20 11:29:36 - [] D -- C:\Users\TCC-HAIL\AppData\Local\storage
O43 - CFD: 2015/09/11 20:48:48 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Temp
O43 - CFD: 2013/07/17 22:54:52 - [0] SHD -- C:\Users\TCC-HAIL\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/05/08 09:57:53 - [] D -- C:\Users\TCC-HAIL\AppData\Local\Thinstall
O43 - CFD: 2014/06/24 16:51:37 - [] D -- C:\Users\TCC-HAIL\AppData\Local\VirtualStore
O43 - CFD: 2014/01/09 08:44:07 - [] D -- C:\Users\TCC-HAIL\AppData\Local\www.kiwix.org
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/07/17 22:56:15 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/11/10 23:21:32 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvisoft
O43 - CFD: 2015/05/07 17:47:59 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
O43 - CFD: 2015/07/20 12:12:54 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dll Suite 2014
O43 - CFD: 2015/04/19 00:02:51 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
O43 - CFD: 2013/07/20 18:19:33 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2012/07/26 10:13:00 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/04/19 00:03:09 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2012/07/26 10:13:00 - [] RD -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/07/20 19:50:25 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\THQ
O43 - CFD: 2013/07/17 23:04:38 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2013/12/02 01:54:22 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\x264 Video Codec
O43 - CFD: 2014/03/22 14:14:38 - [] D -- C:\Users\TCC-HAIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
---\\ System Drivers List (79) - 8s
O58 - SDL:2012/07/26 07:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\windows\System32\drivers\3ware.sys [106736] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\System32\drivers\adp94xx.sys [492272] ©
O58 - SDL:2012/07/26 07:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\System32\drivers\adpahci.sys [340720] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\windows\System32\drivers\adpu320.sys [184048] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\System32\drivers\amdsata.sys [76016] ©
O58 - SDL:2012/07/26 07:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\windows\System32\drivers\amdsbs.sys [258288] ©
O58 - SDL:2012/07/26 07:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\System32\drivers\amdxata.sys [26352] ©
O58 - SDL:2012/07/24 10:35:56 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\windows\System32\drivers\Apfiltr.sys [445816] ©
O58 - SDL:2012/07/26 07:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\System32\drivers\arc.sys [104688] ©
O58 - SDL:2012/07/26 07:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\System32\drivers\arcsas.sys [108272] ©
O58 - SDL:2014/01/02 00:17:52 A . (...) -- C:\windows\System32\drivers\atksgt.sys [88480]
O58 - SDL:2012/08/25 04:32:54 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\windows\System32\drivers\bcbtums.sys [165688] ©
O58 - SDL:2012/09/05 00:59:54 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\windows\System32\drivers\btwampfl.sys [157560] ©
O58 - SDL:2012/08/30 07:53:58 A . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\windows\System32\drivers\btwaudio.sys [186648] ©
O58 - SDL:2012/08/30 07:53:56 A . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\windows\System32\drivers\btwavdt.sys [212792] ©
O58 - SDL:2012/07/27 05:18:26 A . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\windows\System32\drivers\btwl2cap.sys [40248] ©
O58 - SDL:2012/08/30 07:53:54 A . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\windows\System32\drivers\btwrchid.sys [22328] ©
O58 - SDL:2012/07/26 07:00:49 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\System32\drivers\bxvbda.sys [539376] ©
O58 - SDL:2012/12/21 09:40:38 A . (.QUALCOMM Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\cmnsusbser.sys [126080] ©
O58 - SDL:2015/02/05 12:07:36 A . (.Connectify - NDISRD helper driver.) -- C:\windows\System32\drivers\cnnctfy3.sys [35352]
O58 - SDL:2014/01/01 23:32:19 A . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\windows\System32\drivers\dtsoftbus01.sys [283200] ©
O58 - SDL:2012/06/02 16:31:38 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\windows\System32\drivers\e1i63x64.sys [333824] ©
O58 - SDL:2012/06/14 16:33:30 A . (.ESET - Amon monitor.) -- C:\windows\System32\drivers\eamonm.sys [211344] ©
O58 - SDL:2012/06/14 16:33:54 A . (.ESET - ESET Helper driver.) -- C:\windows\System32\drivers\ehdrv.sys [149592] ©
O58 - SDL:2012/06/14 16:34:14 A . (.ESET - ESET Personal Firewall driver.) -- C:\windows\System32\drivers\epfw.sys [188696] ©
O58 - SDL:2012/06/14 16:34:14 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\windows\System32\drivers\EpfwLWF.sys [38328] ©
O58 - SDL:2012/06/14 16:34:18 A . (.ESET - ESET Personal Firewall driver.) -- C:\windows\System32\drivers\epfwwfp.sys [62536] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\System32\drivers\evbda.sys [3295984] ©
O58 - SDL:2012/08/01 15:35:34 A . (.FUJITSU LIMITED - Fujitsu BIOS Driver.) -- C:\windows\System32\drivers\FBIOSDRV.sys [20848]
O58 - SDL:2012/08/01 15:34:02 A . (.FUJITSU LIMITED - WDM driver for FUJ02B1 PnP device.) -- C:\windows\System32\drivers\fuj02b1.sys [16368]
O58 - SDL:2012/08/01 15:32:34 A . (.FUJITSU LIMITED - WDM driver for FUJ02E3 PnP device.) -- C:\windows\System32\drivers\fuj02e3.sys [17264]
O58 - SDL:2012/07/02 08:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\windows\System32\drivers\HECIx64.sys [62784] ©
O58 - SDL:2015/09/11 06:29:54 A . (.© 2014 SurfRight B.V. - HitmanPro 3.7 Support Driver.) -- C:\windows\System32\drivers\hitmanpro37.sys [43664] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\windows\System32\drivers\HpSAMD.sys [64752] ©
O58 - SDL:2012/07/31 20:21:58 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\windows\System32\drivers\iaStorA.sys [645952] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\windows\System32\drivers\iaStorV.sys [411888] ©
O58 - SDL:2012/08/07 09:14:12 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\System32\drivers\igdkmd64.sys [8982208] ©
O58 - SDL:2012/07/26 07:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\System32\drivers\iirsp.sys [45296] ©
O58 - SDL:2012/06/19 00:40:50 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\windows\System32\drivers\IntcDAud.sys [342528] ©
O58 - SDL:2014/01/02 00:17:52 A . (...) -- C:\windows\System32\drivers\lirsgt.sys [46400]
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas.sys [108784] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sas2.sys [92400] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\System32\drivers\lsi_scsi.sys [116976] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\windows\System32\drivers\lsi_sss.sys [81136] ©
O58 - SDL:2011/03/26 10:37:12 A . (.MBB Incorporated - CDROM Filter.) -- C:\windows\System32\drivers\massfilter.sys [11776]
O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\mbam.sys [25816] ©
O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\windows\System32\drivers\mbamchameleon.sys [109272] ©
O58 - SDL:2015/09/11 06:29:24 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\windows\System32\drivers\MBAMSwissArmy.sys [113880] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\windows\System32\drivers\megasas.sys [51952] ©
O58 - SDL:2012/07/26 07:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\System32\drivers\MegaSR.sys [353008] ©
O58 - SDL:2012/07/26 07:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\windows\System32\drivers\mvumis.sys [64240] ©
O58 - SDL:2015/06/18 08:42:02 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\windows\System32\drivers\mwac.sys [64216] ©
O58 - SDL:2012/08/08 01:51:58 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\System32\drivers\NETwew00.sys [4273192] ©
O58 - SDL:2012/06/02 16:31:47 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\windows\System32\drivers\NETwNe64.sys [11400192] ©
O58 - SDL:2012/07/26 07:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\System32\drivers\nfrd960.sys [52464] ©
O58 - SDL:2012/07/31 17:02:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\windows\System32\drivers\nvlddmkm.sys [13406056] ©
O58 - SDL:2012/07/31 17:02:00 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\windows\System32\drivers\nvpciflt.sys [30056] ©
O58 - SDL:2012/07/26 07:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\windows\System32\drivers\nvraid.sys [150256] ©
O58 - SDL:2012/07/26 07:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\windows\System32\drivers\nvstor.sys [168176] ©
O58 - SDL:2012/06/12 14:41:22 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\windows\System32\drivers\Rt630x64.sys [683664] ©
O58 - SDL:2012/07/31 11:10:34 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\windows\System32\drivers\RTKVHD64.sys [4102928] ©
O58 - SDL:2012/07/05 04:18:06 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\windows\System32\drivers\RtsUStor.sys [252048] ©
O58 - SDL:2010/04/12 10:55:00 A . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\windows\System32\drivers\scdemu.sys [91568]
O58 - SDL:2012/07/26 10:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2012/07/26 07:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\System32\drivers\sisraid2.sys [44784] ©
O58 - SDL:2012/07/26 07:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\System32\drivers\sisraid4.sys [81648] ©
O58 - SDL:2012/09/06 03:44:08 A . (.Sonix Co. Ltd. - Sonix SN9C290 driver.) -- C:\windows\System32\drivers\snp2uvc.sys [1849608]
O58 - SDL:2013/07/21 04:48:12 A . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\windows\System32\drivers\sptd.sys [564824] ©
O58 - SDL:2012/07/26 07:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\windows\System32\drivers\stexstor.sys [30960] ©
O58 - SDL:2013/12/18 17:19:54 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\windows\System32\drivers\VBoxDrv.sys [252688] ©
O58 - SDL:2013/12/18 17:16:44 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\windows\System32\drivers\VBoxNetAdp.sys [140560] ©
O58 - SDL:2013/12/18 17:16:44 A . (.Oracle Corporation - VirtualBox Bridged Networking Driver.) -- C:\windows\System32\drivers\VBoxNetFlt.sys [154896] ©
O58 - SDL:2013/12/18 17:16:44 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\windows\System32\drivers\VBoxUSBMon.sys [126736] ©
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\System32\drivers\viaide.sys [19184] ©
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\System32\drivers\vsmraid.sys [164080] ©
O58 - SDL:2012/07/26 07:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\windows\System32\drivers\VSTXRAID.SYS [322800] ©
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\ZTEusbmdm6k.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\ZTEusbnmea.sys [123520]
O58 - SDL:2011/03/26 10:37:12 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\windows\System32\drivers\ZTEusbser6k.sys [123520]
---\\ Last modified or created user files (4) - 9s
O61 - LFC: 2015/09/11 06:30:48 A . (..) -- C:\Users\TCC-HAIL\Dropbox\.dropbox.cache\dropbox-upgrade-3.8.8.exe [0]
O61 - LFC: 2015/09/11 00:33:23 A . (.Bleeping Computer, LLC.) -- C:\Users\TCC-HAIL\Documents\Downloads\Programs\rkill.exe [2019656]
O61 - LFC: 2015/09/11 00:33:23 A . (.Bleeping Computer, LLC.) -- C:\Users\TCC-HAIL\Desktop\app.exe [2019656]
O61 - LFC: 2015/09/11 16:15:11 A . (..) -- C:\Users\TCC-HAIL\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ Start Menu Internet (16) - 1s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (8) - 11s
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("browser.search.searchengine.ptid", "wpc"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("browser.search.searchengine.uid", "TOSHIBAXMQ01ABD050_2369P1RYTXX2369P1RYT"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.aul", "1386456399865"); =>PUP.Optional.SecretSauce
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.irl", true); =>PUP.Optional.SecretSauce
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.is", "fmxqteg"); =>PUP.Optional.SecretSauce
O69 - SBI: prefs.js [TCC-HAIL - h9yxo8jj.default] user_pref("extensions.SecretSauce.ug", "1B47C7B0-B1D6-4860-AF5A-35CF135D3B62"); =>PUP.Optional.SecretSauce
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
---\\ Search Svchost Services (34) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\windows\System32\aelupsvc.dll [190976] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\windows\System32\certprop.dll [149504] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\windows\System32\certprop.dll [149504] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\windows\System32\srvsvc.dll [309248] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\windows\System32\gpsvc.dll [1366016] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\windows\System32\ikeext.dll [1071104] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\windows\System32\rasauto.dll [99840] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\windows\System32\rasmans.dll [358400] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [107520] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\windows\System32\sens.dll [62976] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\windows\System32\ipnathlp.dll [438784] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [305664] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\windows\system32\wuaueng.dll [3318784] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\windows\System32\qmgr.dll [826368] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [565760] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\windows\System32\iphlpsvc.dll [894464] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\windows\system32\seclogon.dll [30720] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\windows\System32\appinfo.dll [69632] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\windows\system32\iscsiexe.dll [151552] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\windows\System32\eapsvc.dll [105472] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\windows\system32\schedsvc.dll [1282560] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\windows\system32\wbem\WMIsvc.dll [219648] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\windows\system32\mmcss.dll [80384] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\windows\System32\browser.dll [134144] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\windows\system32\profsvc.dll [209920] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [291328] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\windows\System32\wercplsupport.dll [84992] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\windows\system32\kmsvc.dll [97792] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\windows\System32\bdesvc.dll [190464] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\windows\system32\wlidsvc.dll [1968128] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\windows\system32\themeservice.dll [47104] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\windows\System32\DeviceSetupManager.dll [207872] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\windows\System32\ncasvc.dll [161792] ©
O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) -- C:\windows\System32\SystemEventsBrokerServer.dll [178176] ©
---\\ Firewall Active Exception List (2) - 2s
O87 - FAEL: "{2F140AFD-1F4C-4DEA-828A-26C2A53BC10F}" [In-None-P6-TRUE] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O87 - FAEL: "{04D5B8C5-0EE3-40F8-AC95-2345766AB71F}" [In-None-P17-TRUE] .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (35) - 107s
SR - Auto [2014/07/23 01:31:23] [ 172344] SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com.) - D:\Program Files (x86)\SASCORE64.EXE
SR - Auto [2012/04/04 08:53:50] [ 63928] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SR - Auto [2012/12/14 10:33:08] [ 318312] Anvi Cloud System Booster Speed Service (AnviCsbSvc) . (...) - D:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
SR - Auto [2012/08/25 03:33:01] [ 2252088] @oem17.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Radio Control (BcmBtRSupport) . (.Broadcom Corporation..) - C:\windows\system32\BtwRSupportService.exe ©
SS - Auto [2014/05/21 21:01:54] [ 402192] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe ©
SS - Auto [2014/05/21 21:02:22] [ 385808] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe ©
SS - Auto [2014/05/21 21:04:14] [ 774928] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe ©
SR - Auto [2012/09/04 13:31:06] [ 957304] Bluetooth Service (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe ©
SS - Auto [2012/12/21 12:10:18] [ 114688] Change Modem Device Service (Change Modem Device Service) . (...) - C:\Windows\SysWOW64\ChgService.exe
SS - Auto [2014/03/24 19:25:34] [ 487936] Connectify (Connectify) . (.Connectify.) - C:\Program Files (x86)\Connectify\ConnectifyService.exe
SS - Demand [2012/08/07 13:01:22] [ 276288] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe ©
SR - Auto [2012/01/23 15:30:22] [ 233328] DTSAudioSvc (DTSAudioSvc) . (.DTS, Inc.) - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe ©
SR - Auto [2012/06/14 16:33:54] [ 1288104] ESET Service (ekrn) . (.ESET.) - D:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe ©
SR - Auto [2012/07/18 22:14:04] [ 627504] Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe ©
SS - Auto [2012/07/19 05:56:16] [ 80752] FUJ02E3Service (FUJ02E3Service) . (.FUJITSU LIMITED.) - C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
SS - Auto [2015/09/05 12:28:39] [ 127752] HitmanPro Scheduler (HitmanProScheduler) . (.SurfRight B.V..) - C:\Program Files\HitmanPro\hmpsched.exe ©
SR - Auto [2012/07/13 10:02:16] [ 2451456] IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe ©
SR - Auto [2012/04/21 00:16:12] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe ©
SR - Auto [2012/07/17 10:10:16] [ 165760] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe ©
SR - Auto [2012/07/17 10:10:30] [ 276864] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ©
SS - Auto [2015/06/18 08:39:46] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe ©
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2013/10/26 03:53:33] [ 119408] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SS - Demand [2012/07/18 22:14:16] [ 272176] Wireless PAN DHCP Server (MyWiFiDHCPDNS) . (.Copyright (C) 2005-2010 by Achal Dhir.) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ©
SR - Auto [2012/07/31 18:25:26] [ 891240] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\windows\system32\nvvsvc.exe ©
SS - Auto [2012/07/12 00:48:00] [ 2219520] PFNService (PFNService) . (.FUJITSU LIMITED.) - C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
SR - Auto [2012/08/07 03:26:57] [ 51608] PowerSavingUtilityService (PowerSavingUtilityService) . (.FUJITSU LIMITED.) - C:\Program Files\Fujitsu\PSUtility\PSUService.exe
SR - Auto [2012/07/18 22:13:40] [ 149296] Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe ©
SS - Auto [2015/02/18 20:11:32] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SS - Auto [2012/07/31 09:54:52] [ 382312] NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe ©
SS - Auto [2014/03/05 23:31:41] [ 3560288] TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe ©
SS - Demand [2011/04/01 17:42:56] [ 198064] TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe ©
SR - Auto [2012/07/17 10:10:32] [ 364416] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ©
SR - Auto [2012/07/18 22:14:38] [ 2699568] Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe ©
---\\ Additional Scan (O88) (2) - 0s
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F79B460B-F4FB-49B3-92DA-ABCB80DB9D1B} =>PUP.Optional.Multiplug
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C547F361-5750-4CD1-9FB6-BC93827CB6C1} =>PUP.Optional.Paretologic
---\\ Summary of the elements found (4) - 0s
http://www.nicolascoolman.fr/pup-mutiplug/ =>PUP.Optional.Multiplug
http://www.nicolascoolman.fr/blog =>PUP.Optional.Paretologic
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/adware-secretsauce / =>PUP.Optional.SecretSauce
~ End of the scan, 20378 items in 300 seconds (1016)(0)()