Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.1.9.9 By Nicolas Coolman (2016/01/09)
~ Run by samir (Administrator) (2016/01/09 20:24:36)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\samir\Desktop\ZHPDiag.txt
~ Report: C:\Users\samir\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8.1 Pro, 32-bit (Build 9600)
---\\ Internet Browsers (3) - 0s
MFIE: Mozilla Firefox 33.0.1 (x86 en-US)
OPIE: Opera 31.0.1889.99
MSIE: Internet Explorer v11.0.9600.18125
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (4) - 3s
ESET Smart Security v9.0.349.0
Malwarebytes Anti-Malware version 2.2.0.1024
SMADAV version 10.4.1 v10.4.1
Windows Defender (Deactivate)
---\\ System optimization software (1) - 3s
CCleaner v5.01
---\\ Surveillance software (1) - 3s
Adobe Flash Player 20 PPAPI
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2088.244 MB (21% free)
System Restore: Activé (Enable)
System drive C: has 52 GB () free of 96 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: GAZAFOREVER
~ User Name: samir
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 52 GB free of 96 GB (System)
~ Drive E: has 12 GB free of 18 GB
---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (24) - 2s
[MD5.91E24273FCA076EA9E65DAFA98901225] - 27/01/2015 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2207488] =>.Microsoft Corporation
[MD5.8BFE805555CDAF6387912A34D7978DAA] - 29/10/2014 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [51200] =>.Microsoft Corporation
[MD5.8A60D4136E37C3CCB1ECAE90D11618F4] - 20/12/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [115712] =>.Microsoft Corporation
[MD5.B60461B5CED2BFAE1A870C61C66966C4] - 20/12/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2011136] =>.Microsoft Corporation
[MD5.C7B38F105DFDD3231314EDDF7012D8AA] - 20/12/2015 - (.Microsoft Corporation - Windows Log-on Application.) -- C:\Windows\System32\Winlogon.exe [465920] =>.Microsoft Corporation
[MD5.BFB9E1202225113991F981D29BFB9029] - 18/03/2014 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [438272] =>.Microsoft Corporation
[MD5.205BDB00F4C032AF45A6BFD18EA7886C] - 19/12/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [498688] =>.Microsoft Corporation
[MD5.E37F897ED7B5AFF79B1398258DB96BD9] - 22/08/2013 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19456] =>.Microsoft Corporation
[MD5.2B204EEC6A78BB9730927A28435DFEB4] - 20/12/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [462848] =>.Microsoft Corporation
[MD5.72FCAE2CE6DFEAB2AB072435017F3417] - 22/08/2013 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [23392] =>.Microsoft Corporation
[MD5.CE232BB0965C0C0B786C3F976CCBFB7D] - 22/08/2013 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [73728] =>.Microsoft Corporation
[MD5.E2FC132D48EA4E8B04432C33EFB77801] - 22/08/2013 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [124928] =>.Microsoft Corporation
[MD5.55758EBBC45E1628161121D7CFEAD4A1] - 06/03/2014 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.7E0EDA9EE53E344D1604EB2A7E8DED47] - 24/07/2014 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [69632] =>.Microsoft Corporation
[MD5.7A708934CC652100A94944EC808C3916] - 19/12/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [83456] =>.Microsoft Corporation
[MD5.FA6C94C754A566EA8A61D658932F32DE] - 18/03/2014 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [126976] =>.Microsoft Corporation
[MD5.27B19A0343AB86F1CF987A97AA41BB40] - 20/12/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [328192] =>.Microsoft Corporation
[MD5.BC242922B0D08F61CF7C87FD08FAFA8B] - 22/08/2013 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [218624] =>.Microsoft Corporation
[MD5.C52E578E3F8182C2EE6AAF0AC2B61C9B] - 15/10/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1689408] =>.Microsoft Corporation
[MD5.4F30970F15ADCC382544B31D5D7E368E] - 22/08/2013 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [81408] =>.Microsoft Corporation
[MD5.3255D128FDC28D6859303BF240991A0D] - 19/12/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [82432] =>.Microsoft Corporation
[MD5.67E91843B0344411820A012063E876B2] - 18/03/2014 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [143872] =>.Microsoft Corporation
[MD5.80A7F31C89C7752DFEC2A9CF28FFF291] - 20/12/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [86016] =>.Microsoft Corporation
[MD5.31A2AA48C1ECD390E2707E5C21B75DCE] - 19/06/2014 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [264512] =>.Microsoft Corporation
---\\ Non Microsoft non disabled Windows Services (17) - 3s
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit - Advanced SystemCare Service.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe =>.LSI Corporation®
O23 - Service: @oem2.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Manageme (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\System32\BtwRSupportService.exe =>.Broadcom Corporation®
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: FSPro Filter Service 2 (fsproflt2) . (.FSPro Labs - FSPro Labs Filter Service.) - C:\Windows\System32\fsproflt2.exe {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
O23 - Service: @oem54.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company®
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2008 - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe =>.HUAWEI Technologies Co., Ltd.®
O23 - Service: JumpStart Push-Button Service (jswpbapi) . (.Atheros Communications, Inc. - JumpStart PushButton Service.) - C:\Program Files\Jumpstart\jswpbapi.exe =>.Atheros Communications, Inc.
O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology®
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon - .) - C:\Program Files\Maxthon3\Modules\Service\Update\MaxthonUpdateSvc.exe =>.Maxthon (Asia) Limited.®
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe =>.Huawei Technologies Co., Ltd.®
O23 - Service: MyWiFiRouterDHCP (MyWiFiRouterDHCP) . (...) - C:\Program Files\Wi-Fi\WiFiGxSvc.exe {6AC8AF24C602CB90FE71875F1C4CEC80}
O23 - Service: StartMenu8 Service (StartMenuService) . (.IObit - StartMenu8 Services.) - C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology®
O23 - Service: ULService (ULService) . (...) - C:\Program Files\GiliSoft\USB Lock\ULService.exe
O23 - Service: (Update service) . (.Popcorn Time - Updater.) - C:\Program Files\Popcorn Time\Updater.exe =>.Popcorn Time
---\\ Task Planned Automatically (37) - 7s
[MD5.F087BF62308F33AB22D9A6D159E00A28] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [1163456] =>.Adobe Systems Incorporated®
[MD5.E4705F6EFA7B8BE1F55458B1584574A1] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated®
[MD5.9A7C5BE65ED820EC935AFAD9E675822D] [APT] [ASC9_SkipUac_samir] (.IObit.) -- C:\Program Files\IObit\Advanced SystemCare\ASC.exe [4995872] =>.IObit Information Technology®
[MD5.0098F118EDFC23953919988D9531E9EE] [APT] [Ashampoo Privacy Protector Weekly Security Scan] (.Ashampoo GmbH & Co. KG.) -- C:\Program Files\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe [2223984] =>.Ashampoo GmbH & Co. KG®
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.) [0] =>HackTool.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) [0] =>HackTool.KMSpico
[MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.) [0]
[MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5489944] =>.Piriform Ltd®
[MD5.16369F18244A0CEC509CEDB22E6786BF] [APT] [Driver Booster Scheduler] (.IObit.) -- C:\Program Files\IObit\Driver Booster\Scheduler.exe [1003328] =>.IObit Information Technology®
[MD5.5640216A709262C8A35402BB7B931A6E] [APT] [Driver Booster SkipUAC (samir)] (.IObit.) -- C:\Program Files\IObit\Driver Booster\DriverBooster.exe [4629312] =>.IObit Information Technology®
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.Optional.MyPCBackup
[MD5.9E2F3C034C1C2D17B1550A24364CEAD1] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe [265640] =>.Maxthon (Asia) Limited.®
[MD5.00000000000000000000000000000000] [APT] [Open Chrome] (...) -- C:\Users\samir\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) [0]
[MD5.CD9E638EFC321B1856E1F3CCCCCCA478] [APT] [Opera scheduled Autoupdate 1437755498] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [930936] =>.Opera Software ASA®
[MD5.00000000000000000000000000000000] [APT] [smadav] (...) -- C:\Program Files\Smadav\SM?RTP.exe [1658880]
[MD5.C9ABE9ACBBD3CE54693412EE30D7639E] [APT] [Uninstaller_SkipUac_samir] (.IObit.) -- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [4869920] =>.IObit Information Technology®
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: ASC9_SkipUac_samir - (.IObit.) -- C:\Windows\Tasks\ASC9_SkipUac_samir.job [250] =>.IObit
O39 - APT: Open Chrome - (...) -- C:\Windows\Tasks\Open Chrome.job [402] (.Orphean.)
O39 - APT: Uninstaller_SkipUac_samir - (.IObit.) -- C:\Windows\Tasks\Uninstaller_SkipUac_samir.job [290] =>.IObit
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3862] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3718] =>.Adobe Systems Incorporated
O39 - APT: ASC9_SkipUac_samir - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_SkipUac_samir [2350] =>.IObit
O39 - APT: Ashampoo Privacy Protector Weekly Security Scan - (.Ashampoo GmbH & Co. KG.) -- C:\Windows\System32\Tasks\Ashampoo Privacy Protector Weekly Security Scan [3824] =>.Ashampoo GmbH & Co. KG
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [3758] (.Orphean.) =>HackTool.AutoKMS
O39 - APT: AutoPico Daily Restart - (...) -- C:\Windows\System32\Tasks\AutoPico Daily Restart [3704] (.Orphean.) =>HackTool.KMSpico
O39 - APT: avast! Emergency Update - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] (.Orphean.)
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2772] =>.Piriform Ltd
O39 - APT: Driver Booster Scheduler - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Scheduler [3236] =>.IObit
O39 - APT: Driver Booster SkipUAC (samir) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (samir) [2868] =>.IObit
O39 - APT: LaunchSignup - (...) -- C:\Windows\System32\Tasks\LaunchSignup [4020] (.Orphean.) =>PUP.Optional.MyPCBackup
O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update [3580] =>.Maxthon International ltd.
O39 - APT: Open Chrome - (...) -- C:\Windows\System32\Tasks\Open Chrome [2624] (.Orphean.)
O39 - APT: Opera scheduled Autoupdate 1437755498 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437755498 [3826] =>.Opera Software
O39 - APT: smadav - (...) -- C:\Windows\System32\Tasks\smadav [3216]
O39 - APT: Uninstaller_SkipUac_samir - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_samir [2390] =>.IObit
---\\ Process running (14) - 6s
[MD5.932B1299206773C564F18F0A1C62712C] - (.FSPro Labs - FSPro Labs Filter Service.) -- C:\Windows\System32\fsproflt2.exe [69408] [PID.1404] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
[MD5.C16E00F89DC80590A03A33DDDA24E2E1] - (.FSPro Labs - Hide Folders 2012 Control Panel.) -- C:\Program Files\Hide Folders 2012\hf.exe [2210568] [PID.1644] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
[MD5.01539EEE760A042E791754A59AD341BC] - (.FSPro Labs - Hide Folders Control Panel.) -- C:\Program Files\Hide Folders\hf5.exe [2701576] [PID.1652] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
[MD5.8AFD109901B377D55D1CB387B77C5893] - (.Smadsoft - Smadav USB Antivirus & Additional Protectio.) -- C:\Program Files\SMADAV\SMΔRTP.exe [1658880] [PID.1992]
[MD5.670D6F56BA218AE78CD526AFCC530E2A] - (.Atheros Communications, Inc. - JumpStart PushButton Service.) -- C:\Program Files\Jumpstart\jswpbapi.exe [188416] [PID.2168] =>.Atheros Communications, Inc.
[MD5.8118AA1C914D1A1171792B72C2A9C881] - (...) -- C:\Program Files\Wi-Fi\WiFiGxSvc.exe [47464] [PID.3292] {6AC8AF24C602CB90FE71875F1C4CEC80}
[MD5.F7587F89E092AD179BC872D423068815] - (...) -- C:\Program Files\GiliSoft\USB Lock\ULService.exe [91944] [PID.3488]
[MD5.BD93D1A0E0A7A96BEA4585F17C9B3307] - (.Popcorn Time - Updater.) -- C:\Program Files\Popcorn Time\Updater.exe [339968] [PID.3536] =>.Popcorn Time
[MD5.043CCDB162DDCDAB3CB5F80EDE4F4C50] - (...) -- C:\Program Files\GiliSoft\USB Lock\ULClient.exe [922920] [PID.3544]
[MD5.C3022E871677CB342EDFCD5D05D29DDF] - (.8pecxstudios - Cyberfox.) -- C:\Program Files\Cyberfox\Cyberfox.exe [768032] [PID.4472] {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios
[MD5.A1D21F1E7E9B27075217DF9AF1056F1F] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe [8345568] [PID.5480] {17B0C425187E4534E12B02B218563F46} =>.AVM Software Inc.
[MD5.A1D21F1E7E9B27075217DF9AF1056F1F] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe [8345568] [PID.5444] {17B0C425187E4534E12B02B218563F46} =>.AVM Software Inc.
[MD5.ED48A87D4C4F92BAF19FF1D6AF6C2D85] - (.FairStars Soft - Audio Recorder For Win32.) -- C:\Program Files\FairStars MP3 Recorder\Recorder.exe [1189888] [PID.5992]
[MD5.845BE5F9082DD2C4A2DD8C11974E1ACA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\samir\AppData\Roaming\ZHP\ZHPDiag3.exe [2065920] [PID.1556] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (1) - 0s
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom]
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (19) - 5s
M0 - MFSP: prefs.js [samir - fjqwa8wn.default] https://www.google.co.ma/
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\clean_and_close@csb7.com.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\langpack-en-US@firefox.mozilla.org.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\langpack-fr@firefox.mozilla.org.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\{86054B0A-BD85-42F9-8E58-8794EC6F6EA1}.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\searchplugins\avg-secure-search.xml
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\searchplugins\yandex.ru-145911.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla
P2 - EXT: (.Mixesoft - Click&Clean.) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\clickclean@hotcleaner.com
P2 - FPN: [HKCU] [@cntv.cn/Live2] - (.WWW.CNTV.CN.) -- C:\Users\samir\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\843l1d0a.default\extensions\CNTVLive2@www.cntv.cn\plugins\npCNTVLive2.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_20_0_0_267.dll =>.Adobe Systems Incorporated
---\\ Opera, Plugins,Start,Search (3) - 0s
B2 - EXT: [HOTCLEANER.COM] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm
B2 - EXT: [IDM Integration Module] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek
B2 - EXT: [Opera Stable] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp
---\\ Internet Explorer Extensions, Start, Search (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://go.speedbit.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (6)
---\\ Browser Helper Object (BHO) (6) - 1s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} . (.IObit - Uninstall for explorer.) -- C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll =>.IObit Information Technology®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} . (.IObit - Advanced SystemCare 8 ASCPlugin_Protection.) -- C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll =>.IObit Information Technology®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Internet Explorer Toolbars (2) - 0s
O3 - Toolbar: 0x207D39914614D4118AF40040CA1127B6 - [HKCU]{91397D20-1446-11D4-8AF4-0040CA1127B6} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} (Orphean) (.not file.)
---\\ Auto loading programs from Registry and folders (7) - 1s
O4 - HKLM\..\Run: [jswtrayutil] . (.Atheros Communications, Inc. - Tray Utility for JumpStart for Wireless.) -- C:\Program Files\Jumpstart\jswtrayutil.exe =>.Atheros Communications, Inc.
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{bbb18818-e9b1-45e8-a277-19e5057662c1}: DhcpNameServer = 192.168.1.1
---\\ Extra protocols (22) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - ViProtocol.) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll =>Toolbar.AVGSafeGuard
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
---\\ Software installed (83) - 24s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Advanced SystemCare 9 - (.IObit.) [HKLM] -- Advanced SystemCare_is1 =>.IObit Information Technology®
O42 - Logiciel: Allok 3GP PSP MP4 iPod Video Converter 6.2.0603 - (.Allok Soft Inc.) [HKLM] -- Allok 3GP PSP MP4 iPod Video Converter_is1
O42 - Logiciel: Allok Video Joiner 4.6.1217 - (.Allok Soft Inc..) [HKLM] -- Allok Video Joiner_is1
O42 - Logiciel: Aoao Video Watermark Pro - (.WonderFox Soft, Inc. All Rights Reserved..) [HKCU] -- AoaoVideoWatermarkPro
O42 - Logiciel: Ashampoo Privacy Protector v.1.0.1 - (.Ashampoo GmbH & Co. KG.) [HKLM] -- {91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1 =>.Ashampoo GmbH & Co. KG®
O42 - Logiciel: Ashampoo Slideshow Studio HD 3 v.3.0.9 - (.Ashampoo GmbH & Co. KG.) [HKLM] -- {91B33C97-0CE8-6ABD-1CF4-0DAF2CCF492A}_is1 =>.Ashampoo GmbH & Co. KG®
O42 - Logiciel: Audacity 2.0.2 - (.Audacity Team.) [HKLM] -- Audacity_is1 =>.Audacity Team
O42 - Logiciel: Beyluxe Messenger - (.Hichatters Srl.) [HKLM] -- Beyluxe Messenger1
O42 - Logiciel: Boilsoft Video Converter 3.01 - (.Boilsoft. Inc..) [HKLM] -- {4822DF0D-087B-435C-843D-ADAB239CCA13}_is1
O42 - Logiciel: Boilsoft Video Joiner 6.57 - (.Boilsoft, Inc..) [HKLM] -- {FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1
O42 - Logiciel: Boilsoft Video Splitter 6.34 - (.Boilsoft, Inc..) [HKLM] -- {24549038-9956-4EE5-976D-4419AAEA7DD5}_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cyberfox Web Browser (x86) - (.8pecxstudios.) [HKLM] -- {DA42BA39-9916-4F32-83AC-27AAE5CFA09E}_is1 {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios
O42 - Logiciel: Driver Booster 3.1 - (.IObit.) [HKLM] -- Driver Booster_is1 =>.IObit Information Technology®
O42 - Logiciel: Driver Reviver - (.ReviverSoft LLC.) [HKLM] -- Driver Reviver =>PUP.Optional.DriverReviver
O42 - Logiciel: EcoLotoFoot - (.Cellard Softwares.) [HKLM] -- EcoLotofoot Shareware_is1 =>.Cellard Softwares
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {EE928C63-34BF-4157-8B20-C20404A22A34} =>.ESET, spol. s r.o.
O42 - Logiciel: FairStars MP3 Recorder 2.50 - (.FairStars Soft.) [HKLM] -- FairStars MP3 Recorder_is1
O42 - Logiciel: FastStone Capture 7.8 - (.FastStone Soft.) [HKLM] -- FastStone Capture =>.FastStone Soft
O42 - Logiciel: Folderico 4.0 RC12 - (.Shedko ( www.softq.org ).) [HKLM] -- Folderico
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory =>.Format Factory
O42 - Logiciel: GiliSoft USB Lock 3.1 - (.Gilisoft International LLC..) [HKLM] -- {A3755312-4264-41d0-91CF-C0633F7ADF3B}_is1
O42 - Logiciel: GiliSoft USB Stick Encryption 5.5.0 - (.Gilisoft International LLC..) [HKLM] -- {5BAA1731-B992-48B6-A44E-7DF111698957}_is1
O42 - Logiciel: HP Quick Launch Buttons - (.Hewlett-Packard Company.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355} =>.Hewlett-Packard Company®
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM] -- IObitUninstall =>.IObit Information Technology®
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 60 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218060F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Jumpstart Installation Program - (.Atheros.) [HKLM] -- {B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13} =>.Atheros
O42 - Logiciel: K-Lite Mega Codec Pack 10.4.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: KMPlayer (remove only) - (.PandoraTV.) [HKLM] -- The KMPlayer
O42 - Logiciel: KMSpico v9.1.0.20131125 (Beta) - (...) [HKLM] -- KMSpico_is1 =>HackTool.KMSpico
O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM] -- LSI Soft Modem =>.LSI Corporation
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM] -- Maxthon3 =>.Maxthon (Asia) Limited.®
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM] -- MEGAsync =>.Mega Limited®
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Milouz Market - (.Milouz Corp.) [HKLM] -- {EB863FE2-3602-447F-AC15-AEAD0A8B623A}
O42 - Logiciel: Modem HDM EC156 - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Modem HDM EC156 =>.Huawei Technologies Co.,Ltd
O42 - Logiciel: Mozilla Firefox 33.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 33.0.1 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: My WIFI Router - (.TxNetwork, Inc..) [HKLM] -- My WIFI Router {6AC8AF24C602CB90FE71875F1C4CEC80}
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {CF097717-F174-4144-954A-FBC4BF301033} =>.Nero AG
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: Opera Stable 31.0.1889.99 - (.Opera Software.) [HKLM] -- Opera 31.0.1889.99 =>.Opera Software ASA®
O42 - Logiciel: Paltalk Messenger 11.6 - (.AVM Software Inc..) [HKLM] -- Paltalk Messenger =>.AVM Software Inc.
O42 - Logiciel: PC Auto Shutdown 5.9 - (.GoldSolution Software, Inc..) [HKLM] -- PC Auto Shutdown_is1
O42 - Logiciel: PhotoInstrument 7.3 - (.Fatykhov Timur.) [HKLM] -- {5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1 =>.Fatykhov Timur
O42 - Logiciel: Popcorn Time - (.Popcorn Time.) [HKLM] -- Popcorn Time_is1 =>.Popcorn Time
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: Protected Folder - (.IObit.) [HKLM] -- Protected Folder_is1 =>.IObit Information Technology®
O42 - Logiciel: QLBCASL - (.Hewlett-Packard.) [HKLM] -- {F1D7AC58-554A-4A58-B784-B61558B1449A} =>.Hewlett-Packard
O42 - Logiciel: QuickStores-Toolbar 1.1.0 - (.AB-Tools.com.) [HKLM] -- QuickStores-Toolbar_is1 {432642D81F742569A0828E8CA82DE024} =>Toolbar.QuickStores
O42 - Logiciel: REALTEK Wireless LAN Driver and Utility - (.REALTEK Semiconductor Corp..) [HKLM] -- {0DF70CB6-553A-4C57-8E6D-87635EECFB78} =>.Realtek Semiconductor Corp.
O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM] -- Registry Trash Keys Finder =>.SNC
O42 - Logiciel: Revo Uninstaller Pro 3.1.4 - (.VS Revo Group, Ltd..) [HKLM] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 =>.VS Revo Group, Ltd.
O42 - Logiciel: SDFormatter - (.SD Association.) [HKLM] -- {179324FF-7B16-4BA8-9836-055CAAEE4F08} =>.SD Association
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 6.21 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A.
O42 - Logiciel: SMADAV version 10.4.1 - (.SmadSoft.) [HKLM] -- {8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1
O42 - Logiciel: Smart Defrag 3 - (.IObit.) [HKLM] -- Smart Defrag 3 Pro_is1 =>.IObit Information Technology®
O42 - Logiciel: SsdReady - (.CEZEO software Ltd..) [HKLM] -- SsdReady_is1
O42 - Logiciel: Start Menu 8 - (.IObit.) [HKLM] -- IObit_StartMenu8_is1 =>.IObit Information Technology®
O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM] -- IObit Surfing Protection_is1 =>.IObit Information Technology®
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: TapinRadio Pro - (.Raimersoft.) [HKLM] -- TapinRadio Pro_is1 =>.Raimersoft
O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM] -- TAP-Windows
O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: URL Helper - (...) [HKLM] -- URL Helper_is1
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive =>.Elaborate Bytes
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Webinaria 2.0 - (.Charlwood eMarketing.) [HKLM] -- Webinaria_is1 =>.Charlwood eMarketing
O42 - Logiciel: WinAVI All-in-One Converter - (.ZJMedia Digital Technology Ltd..) [HKLM] -- WinAVI All-in-One Converter
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM] -- WinPcapInst =>.Riverbed Technology, Inc.
O42 - Logiciel: WinRAR 5.20 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: YouTube Downloader Suite V3.2.3 - (.Apowersoft.) [HKLM] -- {3FF2F54D-FA3A-406F-9F9E-6CDD95B9A1A9}_is1 =>.APowerSoft
---\\ HKCU & HKLM Software Keys (188) - 24s
HKLM\SOFTWARE\8pecxstudios
HKLM\SOFTWARE\Agere
HKLM\SOFTWARE\ahead
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Ashampoo
HKLM\SOFTWARE\AS_Mubashir
HKLM\SOFTWARE\Atheros
HKLM\SOFTWARE\Auslogics
HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKLM\SOFTWARE\AviSynth
HKLM\SOFTWARE\Belarc
HKLM\SOFTWARE\Bigasoft
HKLM\SOFTWARE\Chrispc
HKLM\SOFTWARE\CyberGhost
HKLM\SOFTWARE\Dell
HKLM\SOFTWARE\Elaborate Bytes
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Freemake
HKLM\SOFTWARE\FSPro Labs
HKLM\SOFTWARE\GiliSoft
HKLM\SOFTWARE\Gilisoft-usb-lock
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GSLLC
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\Hewlett-Packard Company
HKLM\SOFTWARE\HPQ
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\Icaros
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\IO3O
HKLM\SOFTWARE\IObit
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\KMPlayer
HKLM\SOFTWARE\KONAMIPES6
HKLM\SOFTWARE\LAV
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\LogMeInRescueCallingCard
HKLM\SOFTWARE\LSI
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Maxthon3
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Milouz Corp
HKLM\SOFTWARE\MOVAVI
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\MT Solution
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\NSIS.Library.RegTool.v3
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\PATHPILOT
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\PowerISO
HKLM\SOFTWARE\Reg
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\RtWLan
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SNC
HKLM\SOFTWARE\Synaptics
HKLM\SOFTWARE\Systweak =>Superfluous.Systweak
HKLM\SOFTWARE\TAP-Windows
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\Webinaria
HKLM\SOFTWARE\WinChipHead
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\ZmnGlobalSDK
HKCU\SOFTWARE\2vg
HKCU\SOFTWARE\4kdownload.com
HKCU\SOFTWARE\8322898
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\Aiseesoft Studio
HKCU\SOFTWARE\Akeo Consulting
HKCU\SOFTWARE\All-Radio
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AppWork
HKCU\SOFTWARE\Ashampoo
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BcmSetup
HKCU\SOFTWARE\BenVista
HKCU\SOFTWARE\Beyluxe Messenger
HKCU\SOFTWARE\Bigasoft
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Bmupd
HKCU\SOFTWARE\Boilsoft
HKCU\SOFTWARE\Bytescout
HKCU\SOFTWARE\Cameyo
HKCU\SOFTWARE\Cameyo Package Editor
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CPSSoft
HKCU\SOFTWARE\DownloadAstro
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\epsxe
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FreeDownloadManager.ORG
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Freeware
HKCU\SOFTWARE\FSPro Labs
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreenTree Applications
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Internet Cyclone
HKCU\SOFTWARE\IObit
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KGB Archiver
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Lockdir
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MassTube
HKCU\SOFTWARE\Maxthon3
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mirage
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\MyLanViewer
HKCU\SOFTWARE\Ongkara software
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Paltalk
HKCU\SOFTWARE\PhotoInstrument
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Popcorn Time
HKCU\SOFTWARE\PopcornTime
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\ProtectedData
HKCU\SOFTWARE\pth264
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\screen-capture-recorder
HKCU\SOFTWARE\SimpleTV by SergeyVS#3
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SMADΔV
HKCU\SOFTWARE\SpeedBit
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TempCleaner
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TSR Software
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\UpdateStar
HKCU\SOFTWARE\URLHelper
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\virtual_audio_capture
HKCU\SOFTWARE\VOS
HKCU\SOFTWARE\VS Revo Group
HKCU\SOFTWARE\Widevine
HKCU\SOFTWARE\WinAVI
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\Yandex
HKCU\SOFTWARE\YouTube Downloader Suite
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Yandex
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
---\\ Contents of the Common Files folders (371) - 48s
O43 - CFD: 31/12/2015 - [0] D -- C:\Program Files\Aiseesoft Studio
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Allok 3GP PSP MP4 iPod Video Converter
O43 - CFD: 17/12/2015 - [] D -- C:\Program Files\Allok Video Joiner
O43 - CFD: 05/01/2016 - [0] D -- C:\Program Files\Aneesoft
O43 - CFD: 22/09/2015 - [0] D -- C:\Program Files\AoaoPhoto Digital Studio
O43 - CFD: 30/12/2015 - [0] D -- C:\Program Files\ApeeeGoSoft
O43 - CFD: 17/12/2014 - [] D -- C:\Program Files\Apowersoft
O43 - CFD: 24/07/2015 - [] D -- C:\Program Files\Ashampoo =>.Ashampoo GmbH & Co. KG®
O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\Audacity
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\AuthenTec =>.AuthenTec, Inc.®
O43 - CFD: 10/03/2015 - [0] D -- C:\Program Files\Belarc
O43 - CFD: 28/01/2015 - [] D -- C:\Program Files\Beyluxe Messenger
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Bigasoft
O43 - CFD: 07/01/2016 - [] D -- C:\Program Files\Boilsoft
O43 - CFD: 31/12/2015 - [] D -- C:\Program Files\Boilsoft Video Converter
O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\Broadcom
O43 - CFD: 08/10/2014 - [] D -- C:\Program Files\Bytescout Watermarking (Free)
O43 - CFD: 22/12/2014 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 31/08/2015 - [] D -- C:\Program Files\CEZEO software {3C2C57985C7A9FA89B39C73FE4707BAE}
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 02/12/2014 - [] D -- C:\Program Files\Cyberfox {275F7B4841402DE0F41C8CCF30795AC2}
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files\EcoLotofootSha
O43 - CFD: 15/11/2014 - [] D -- C:\Program Files\Elaborate Bytes
O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\Enigma Software Group =>.Superfluous.SpyHunter
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\FairStars MP3 Recorder
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\FastStone Capture
O43 - CFD: 29/07/2014 - [] D -- C:\Program Files\Folderico
O43 - CFD: 06/03/2015 - [] D -- C:\Program Files\FreeTime =>.chen jun hao®
O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\GiliSoft {166DAF8F034BBD9BE8EBE24044970524}
O43 - CFD: 06/11/2014 - [0] D -- C:\Program Files\Glarysoft
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Hewlett-Packard =>.Hewlett-Packard Company®
O43 - CFD: 29/10/2014 - [] D -- C:\Program Files\Hide Folders {7B6CC6957166C29858134F621F7124F8}
O43 - CFD: 07/10/2014 - [] D -- C:\Program Files\Hide Folders 2012 {7B6CC6957166C29858134F621F7124F8}
O43 - CFD: 19/08/2015 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\Intel
O43 - CFD: 01/05/2015 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 19/12/2015 - [] D -- C:\Program Files\IObit =>.IObit Information Technology®
O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\Jumpstart
O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\LSI SoftModem =>.LSI Corporation®
O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Maxthon3 =>.Maxthon (Asia) Limited.®
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 18/12/2015 - [0] D -- C:\Program Files\Microsoft Toolkit Final
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 31/10/2014 - [] D -- C:\Program Files\Milouz Corp
O43 - CFD: 16/03/2015 - [] D -- C:\Program Files\Modem HDM EC156 =>.HUAWEI Technologies Co., Ltd.®
O43 - CFD: 28/07/2015 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 29/07/2015 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 22/09/2014 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 05/07/2015 - [] D -- C:\Program Files\Nero =>.Nero AG®
O43 - CFD: 22/12/2014 - [0] D -- C:\Program Files\Netscape
O43 - CFD: 11/07/2015 - [0] D -- C:\Program Files\NextSecurity.NET
O43 - CFD: 21/08/2015 - [] D -- C:\Program Files\Opera =>.Opera Software ASA®
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\Paltalk Messenger {17B0C425187E4534E12B02B218563F46}
O43 - CFD: 18/10/2014 - [] D -- C:\Program Files\PC Auto Shutdown {0083998C9534478BD30EF63F2600FE0B3E}
O43 - CFD: 01/08/2015 - [] D -- C:\Program Files\PhotoInstrument
O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\Popcorn Time
O43 - CFD: 25/09/2014 - [] D -- C:\Program Files\PowerISO =>.Power Software Ltd®
O43 - CFD: 08/07/2015 - [] D -- C:\Program Files\REALTEK
O43 - CFD: 22/09/2014 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 06/10/2014 - [] D -- C:\Program Files\SDA {432CB9BB3C2E6ACD2E344A7C30F7C996}
O43 - CFD: 11/01/2015 - [0] D -- C:\Program Files\SecurityXploded
O43 - CFD: 05/11/2014 - [] RD -- C:\Program Files\Skype =>.Skype Software Sarl®
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\SMADAV
O43 - CFD: 24/12/2014 - [] D -- C:\Program Files\StreamingStar
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 29/12/2014 - [] D -- C:\Program Files\TAP-Windows
O43 - CFD: 03/06/2015 - [] D -- C:\Program Files\TapinRadio
O43 - CFD: 21/11/2014 - [0] D -- C:\Program Files\TechSmith
O43 - CFD: 01/05/2015 - [] D -- C:\Program Files\TrashReg
O43 - CFD: 22/08/2013 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 15/12/2014 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 23/10/2014 - [] D -- C:\Program Files\VS Revo Group =>.VS Revo Group®
O43 - CFD: 09/05/2015 - [] D -- C:\Program Files\Webinaria
O43 - CFD: 03/07/2015 - [] D -- C:\Program Files\Wi-Fi {6AC8AF24C602CB90FE71875F1C4CEC80}
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\WinAVI
O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation®
O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 22/08/2013 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 06/11/2015 - [] HD -- C:\Program Files\WindowsApps
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\WindowsPowerShell
O43 - CFD: 04/07/2015 - [] D -- C:\Program Files\WinPcap =>.Riverbed Technology, Inc.®
O43 - CFD: 10/10/2014 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 22/09/2015 - [] D -- C:\Program Files\WonderFox Soft
O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/06/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok 3GP PSP MP4 iPod Video Converter
O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok Video Joiner
O43 - CFD: 05/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aneesoft
O43 - CFD: 17/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros
O43 - CFD: 23/10/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
O43 - CFD: 12/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
O43 - CFD: 07/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
O43 - CFD: 22/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 31/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEZEO software
O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisTV Online!
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoLotofootSha
O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 18/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairStars MP3 Recorder
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
O43 - CFD: 29/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico
O43 - CFD: 03/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GiliSoft
O43 - CFD: 02/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
O43 - CFD: 12/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
O43 - CFD: 01/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM-Software
O43 - CFD: 22/08/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Milouz Corp
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem HDM EC156
O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Auto Shutdown
O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoInstrument
O43 - CFD: 25/09/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder
O43 - CFD: 08/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187 Wireless LAN Utility
O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
O43 - CFD: 20/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
O43 - CFD: 02/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 27/11/2014 - [0] HD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
O43 - CFD: 24/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar
O43 - CFD: 11/07/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SwitchSniffer
O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 18/03/2014 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 31/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 09/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webinaria
O43 - CFD: 26/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 09/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 08/07/2015 - [0] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 23/10/2014 - [] D -- C:\ProgramData\Auslogics
O43 - CFD: 17/04/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 25/09/2014 - [] D -- C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 12/12/2015 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 08/10/2014 - [] D -- C:\ProgramData\cmcm
O43 - CFD: 25/09/2014 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 06/02/2015 - [0] D -- C:\ProgramData\dbg
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 18/12/2015 - [] D -- C:\ProgramData\ESET
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\FastStone
O43 - CFD: 29/07/2014 - [] D -- C:\ProgramData\Folderico
O43 - CFD: 20/10/2014 - [] D -- C:\ProgramData\Free Download Manager
O43 - CFD: 15/07/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 08/10/2014 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 01/05/2015 - [0] D -- C:\ProgramData\Licenses
O43 - CFD: 19/10/2014 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 18/08/2014 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 28/06/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 05/08/2015 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Modem HDM EC156
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Movavi
O43 - CFD: 31/10/2014 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 05/01/2016 - [0] D -- C:\ProgramData\NCH Software
O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Nero
O43 - CFD: 01/11/2014 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 21/11/2014 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\PC Auto Shutdown
O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 17/03/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\ReviverSoft
O43 - CFD: 04/12/2014 - [] D -- C:\ProgramData\Rohos
O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Skype
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Steam
O43 - CFD: 01/11/2014 - [] D -- C:\ProgramData\Sun
O43 - CFD: 17/01/2015 - [0] D -- C:\ProgramData\Systweak =>Superfluous.Systweak
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 20/07/2015 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 14/01/2015 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 23/10/2014 - [] D -- C:\ProgramData\VS Revo Group
O43 - CFD: 15/11/2014 - [0] D -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
O43 - CFD: 19/12/2015 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 14/01/2015 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 05/07/2015 - [] D -- C:\Program Files\Common Files\Ahead
O43 - CFD: 13/12/2015 - [] D -- C:\Program Files\Common Files\AV
O43 - CFD: 25/09/2014 - [] D -- C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\Common Files\EagleGet
O43 - CFD: 11/07/2015 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 19/12/2015 - [] D -- C:\Program Files\Common Files\IObit
O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 25/08/2014 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Common Files\SpeedBit
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\8pecxstudios
O43 - CFD: 12/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\AceBIT
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Adobe
O43 - CFD: 05/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Ahead
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Anvsoft
O43 - CFD: 09/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Apowersoft
O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Apple Computer
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Ashampoo Slideshow Studio HD 3
O43 - CFD: 22/04/2015 - [] D -- C:\Users\samir\AppData\Roaming\Audacity
O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Auslogics
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\AVAST Software
O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Baidu
O43 - CFD: 04/02/2015 - [] D -- C:\Users\samir\AppData\Roaming\Beyluxe
O43 - CFD: 01/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Bigasoft Total Video Converter 5
O43 - CFD: 11/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Bigasoft Video Downloader Pro
O43 - CFD: 07/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Boilsoft
O43 - CFD: 31/08/2015 - [] D -- C:\Users\samir\AppData\Roaming\CEZEO software
O43 - CFD: 22/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\CNTV
O43 - CFD: 26/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\CrystalIdea Software
O43 - CFD: 01/11/2014 - [0] D -- C:\Users\samir\AppData\Roaming\DiskDefrag
O43 - CFD: 18/02/2015 - [] D -- C:\Users\samir\AppData\Roaming\djsoft.net
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\DMCache
O43 - CFD: 05/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\EagleGet
O43 - CFD: 31/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Easeware =>.Superfluous.Easeware
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\EasiestSoft
O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\ESET
O43 - CFD: 05/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\FairStars MP3 Recorder
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\FastStone
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\GiliSoft
O43 - CFD: 06/11/2014 - [0] D -- C:\Users\samir\AppData\Roaming\GlarySoft
O43 - CFD: 07/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Google
O43 - CFD: 05/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\HD Video Converter
O43 - CFD: 17/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Identities
O43 - CFD: 08/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\IDM
O43 - CFD: 14/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\InstallShield
O43 - CFD: 19/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\IObit
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Macromedia
O43 - CFD: 18/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\MassTube
O43 - CFD: 19/11/2015 - [] D -- C:\Users\samir\AppData\Roaming\Maxthon3
O43 - CFD: 24/12/2014 - [] SD -- C:\Users\samir\AppData\Roaming\Microsoft
O43 - CFD: 21/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Moonchild Productions
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Mozilla
O43 - CFD: 08/01/2016 - [0] D -- C:\Users\samir\AppData\Roaming\MPC-HC
O43 - CFD: 05/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\NCH Software
O43 - CFD: 25/09/2014 - [] D -- C:\Users\samir\AppData\Roaming\Nero
O43 - CFD: 22/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\Netscape
O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Opera Software
O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Paltalk
O43 - CFD: 25/09/2014 - [] D -- C:\Users\samir\AppData\Roaming\PowerISO
O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\ProductData
O43 - CFD: 17/04/2015 - [0] D -- C:\Users\samir\AppData\Roaming\QuickScan
O43 - CFD: 20/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\QuickStoresToolbar =>Toolbar.QuickStores
O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\RHEng =>PUP.Optional.Conduit
O43 - CFD: 23/10/2014 - [0] D -- C:\Users\samir\AppData\Roaming\rmi
O43 - CFD: 04/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Skype
O43 - CFD: 10/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Smadav
O43 - CFD: 30/08/2015 - [] D -- C:\Users\samir\AppData\Roaming\Sun
O43 - CFD: 17/01/2015 - [0] D -- C:\Users\samir\AppData\Roaming\systweak =>Superfluous.Systweak
O43 - CFD: 03/06/2015 - [] D -- C:\Users\samir\AppData\Roaming\TapinRadio
O43 - CFD: 21/11/2015 - [] D -- C:\Users\samir\AppData\Roaming\TeamViewer
O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\TechSmith
O43 - CFD: 29/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\TeraCopy
O43 - CFD: 06/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Thinstall
O43 - CFD: 02/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Tomabo
O43 - CFD: 14/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\TuneUp Software
O43 - CFD: 03/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\TXWiFiDriver
O43 - CFD: 08/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\uTorrent
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Video Converter Pro
O43 - CFD: 03/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\videorecord
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\vlc
O43 - CFD: 30/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\VOS
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\WinAVI
O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\WinRAR
O43 - CFD: 07/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Xilisoft
O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Yandex
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\ZHP
O43 - CFD: 20/12/2014 - [] D -- C:\Users\samir\AppData\Local\4kdownload.com
O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Local\8pecxstudios
O43 - CFD: 24/07/2015 - [0] D -- C:\Users\samir\AppData\Local\Adobe
O43 - CFD: 05/07/2015 - [] D -- C:\Users\samir\AppData\Local\Ahead
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Local\Aiseesoft Studio
O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\Application Data
O43 - CFD: 21/01/2015 - [] D -- C:\Users\samir\AppData\Local\ashampoo
O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Local\assembly
O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Local\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Local\Chromium
O43 - CFD: 17/11/2014 - [0] D -- C:\Users\samir\AppData\Local\CrashDumps
O43 - CFD: 18/05/2015 - [0] D -- C:\Users\samir\AppData\Local\Diagnostics
O43 - CFD: 06/10/2014 - [] D -- C:\Users\samir\AppData\Local\Downloaded Installations
O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieBrowserModeList
O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieSiteList
O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieUserList
O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Local\ESET
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\FastStone
O43 - CFD: 29/07/2014 - [] D -- C:\Users\samir\AppData\Local\Folderico
O43 - CFD: 03/11/2014 - [] D -- C:\Users\samir\AppData\Local\Google
O43 - CFD: 09/06/2015 - [] D -- C:\Users\samir\AppData\Local\GWX
O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\History
O43 - CFD: 29/12/2015 - [] D -- C:\Users\samir\AppData\Local\Ibsoft
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Local\Isoplex
O43 - CFD: 16/07/2014 - [] D -- C:\Users\samir\AppData\Local\Macromedia
O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Local\Mega Limited
O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Local\MEGAsync
O43 - CFD: 17/03/2015 - [] D -- C:\Users\samir\AppData\Local\Microsoft
O43 - CFD: 17/12/2014 - [0] DC -- C:\Users\samir\AppData\Local\MigWiz
O43 - CFD: 21/11/2014 - [] D -- C:\Users\samir\AppData\Local\Moonchild Productions
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Local\Movavi
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\Mozilla
O43 - CFD: 11/07/2015 - [] D -- C:\Users\samir\AppData\Local\MyLanViewer
O43 - CFD: 22/12/2014 - [] D -- C:\Users\samir\AppData\Local\Netscape
O43 - CFD: 08/04/2015 - [] D -- C:\Users\samir\AppData\Local\node-webkit
O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Local\Opera Software
O43 - CFD: 06/08/2015 - [] D -- C:\Users\samir\AppData\Local\Packages
O43 - CFD: 16/11/2014 - [] D -- C:\Users\samir\AppData\Local\PCSX2
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Local\PopcornTimeDesktop
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\Programs
O43 - CFD: 04/12/2014 - [] D -- C:\Users\samir\AppData\Local\Rohos
O43 - CFD: 03/08/2014 - [] D -- C:\Users\samir\AppData\Local\Skype
O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Local\TechSmith
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Local\Temp
O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\Temporary Internet Files
O43 - CFD: 15/10/2014 - [] D -- C:\Users\samir\AppData\Local\TSR_Software_-_www.tsr-so
O43 - CFD: 14/01/2015 - [] D -- C:\Users\samir\AppData\Local\TuneUp Software
O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Local\VirtualStore
O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Local\VS Revo Group
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Local\WinAVI
O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Local\Yandex
O43 - CFD: 05/02/2015 - [] D -- C:\Users\samir\AppData\Local\Zemana
O43 - CFD: 18/03/2014 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/03/2015 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 22/09/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Soft
O43 - CFD: 28/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Messenger
O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox (x86)
O43 - CFD: 06/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hide Folders
O43 - CFD: 07/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hide Folders 2012
O43 - CFD: 01/05/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 22/08/2013 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
O43 - CFD: 03/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My WIFI Router
O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
O43 - CFD: 01/05/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
O43 - CFD: 22/12/2015 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/11/2014 - [] HD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
O43 - CFD: 18/03/2014 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 10/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 20/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVI All-in-One Converter
O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ Latest files created in Prefetcher (1) - 13s
O45 - LFCP:[MD5.3074FC83EB9A0706A88445DB42835584] 29/12/2015 A -- C:\Windows\Prefetch\DRIVERGENIUS.EXE-6A44787C.pf =>.Superfluous.DriverGenius
---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s
O106 - SIOI: ###MegaShellExtPending [###MegaShellExtPending] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSynced [###MegaShellExtSynced] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSyncing [###MegaShellExtSyncing] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
---\\ System Drivers List (109) - 20s
O58 - SDL:2013/08/22 05:33:26 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [86368] =>.Microsoft Windows®
O58 - SDL:2015/12/19 18:44:38 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [37696] =>.Hewlett-Packard Company®
O58 - SDL:2013/08/22 05:33:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [773472] =>.Microsoft Windows®
O58 - SDL:2000/01/01 00:00:00 A . (.LSI Corporation - SoftModem Device Driver.) -- C:\Windows\System32\drivers\AGRSM.sys [1163328] =>.LSI Corporation
O58 - SDL:2013/08/22 05:33:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [72544] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:26 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [215392] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:24 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22880] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:26 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [101728] =>.Microsoft Windows®
O58 - SDL:2014/07/15 12:58:25 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [303200] =>.AVAST Software a.s.®
O58 - SDL:2012/10/18 09:12:06 A . (.AuthenTec, Inc. - AuthenTec Fingerprint Sensor WBF Driver.) -- C:\Windows\System32\drivers\ATSwpWDF.sys [971752] =>.AuthenTec, Inc.®
O58 - SDL:2014/09/25 18:32:08 A . (.AVG Technologies - .) -- C:\Windows\System32\drivers\avgtpx86.sys [42784] =>Toolbar.AVGSafeGuard
O58 - SDL:2015/12/19 18:45:19 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [415000] =>.Broadcom Corporation®
O58 - SDL:2013/10/28 16:02:14 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\drivers\bcbtums.sys [175320] =>.Broadcom Corporation®
O58 - SDL:2013/08/12 23:25:32 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [16088] =>.Broadcom Corporation®
O58 - SDL:2012/05/08 14:02:40 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL6.SYS [4269120] =>.Broadcom Corporation®
O58 - SDL:2013/07/01 16:50:16 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL63L.SYS [4715008] =>.Broadcom Corporation
O58 - SDL:2013/10/28 16:02:14 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys [144600] =>.Broadcom Corporation®
O58 - SDL:2014/12/05 17:26:56 A . (...) -- C:\Windows\System32\drivers\BurnCtrl.sys [20480]
O58 - SDL:2011/11/04 15:00:00 A . (.www.winchiphead.com - WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\drivers\CH341SER.SYS [39696] =>.www.winchiphead.com
O58 - SDL:2010/02/24 22:02:30 A . (.Hewlett-Packard Company - HP Tablet PC Key Button HID Driver.) -- C:\Windows\System32\drivers\CPQBTTN.sys [15544] =>.Hewlett-Packard Company®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.®
O58 - SDL:2015/07/30 11:41:36 A . (.ESET - ESET ELAM driver.) -- C:\Windows\System32\drivers\eelam.sys [14464] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [146024] =>.ESET, spol. s r.o.®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.®
O58 - SDL:2013/03/04 09:25:00 A . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [30616] =>.Elaborate Bytes AG®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44608] =>.ESET, spol. s r.o.®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [56944] =>.ESET, spol. s r.o.®
O58 - SDL:2016/01/03 00:15:07 A . (...) -- C:\Windows\System32\drivers\EsgScanner.sys [19984] =>.Superfluous.SpyHunter
O58 - SDL:2010/10/08 08:55:06 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys [25856] =>.Huawei Tech. Co., Ltd.
O58 - SDL:2011/12/31 01:20:23 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys [199168] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/11/19 07:48:20 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys [379392] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2010/09/26 10:09:22 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [19200] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2010/07/27 01:52:02 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [102784] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/08/20 00:54:18 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [76544] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/08/20 00:54:18 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [96000] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/10/29 11:42:46 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [70272] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/08/20 00:54:19 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [27520] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/10/31 14:52:20 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [203776] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/10/30 04:42:15 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [11136] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2011/06/03 22:59:14 A . (.FSPro Labs - FSPro File System Filter.) -- C:\Windows\System32\drivers\FSPFltd2.sys [51760] {5B4C9286D5437F09B40BEE7A9F6A6DC1} =>.FSPro Labs
O58 - SDL:2014/12/05 17:26:56 A . (.GiliSoft International LLC. - USB Lock Driver.) -- C:\Windows\System32\drivers\gsusblck.sys [17152]
O58 - SDL:2015/12/19 18:44:38 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [27968] =>.Hewlett-Packard Company®
O58 - SDL:2009/04/29 05:46:54 A . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys [15872] =>.Hewlett-Packard Development Company, L.P.
O58 - SDL:2013/08/22 05:33:29 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [56672] =>.Microsoft Windows®
O58 - SDL:2015/01/07 08:33:52 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX®
O58 - SDL:2013/07/23 21:18:30 AC . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\Windows\System32\drivers\iaiogpio.sys [22016] =>.Intel Corporation
O58 - SDL:2013/07/23 21:18:30 AC . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\Windows\System32\drivers\iaioi2c.sys [61936] =>.Intel Corporation
O58 - SDL:2013/08/10 00:39:44 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [524784] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2013/08/22 05:33:29 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [333664] =>.Microsoft Windows®
O58 - SDL:2015/04/18 01:06:24 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [122432] =>.Tonec Inc.®
O58 - SDL:2012/03/23 02:29:58 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4815872] =>.Intel Corporation
O58 - SDL:2008/05/15 03:28:44 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys [20384] =>.Atheros Communications, Inc.
O58 - SDL:2014/10/08 17:50:16 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi.sys [81768] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2014/10/08 17:50:17 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi64.sys [56680] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [94048] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [79712] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [68960] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [69472] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] =>.Malwarebytes Corporation®
O58 - SDL:2016/01/09 19:00:30 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] =>.Malwarebytes Corporation®
O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51552] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [464736] =>.Microsoft Windows®
O58 - SDL:2010/08/05 23:42:34 A . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\drivers\mod7700.sys [861696]
O58 - SDL:2013/08/22 05:33:32 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:20 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] =>.Malwarebytes Corporation®
O58 - SDL:2013/06/18 18:30:37 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28u.sys [1696528] =>.Mediatek Inc.®
O58 - SDL:2013/03/01 01:48:42 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] =>.Riverbed Technology, Inc.®
O58 - SDL:2013/08/22 05:33:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [120160] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:33 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [141664] =>.Microsoft Windows®
O58 - SDL:2014/12/05 17:27:07 A . (.Gili Soft Inc. - EXE Lock Kernel Modual.) -- C:\Windows\System32\drivers\ProgLock.sys [35712]
O58 - SDL:2009/12/30 10:21:18 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [27192] =>.VS Revo Group®
O58 - SDL:2009/06/26 07:21:54 R . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187.sys [346624] =>.Realtek Semiconductor Corporation
O58 - SDL:2013/04/18 08:51:04 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [113608] =>.Power Software Ltd®
O58 - SDL:2013/08/22 08:16:47 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2013/08/22 05:32:56 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [41312] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:32:57 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [79200] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:32:57 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [26976] =>.Microsoft Windows®
O58 - SDL:2010/06/04 00:18:58 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [1303728] =>.Synaptics Incorporated®
O58 - SDL:2013/08/22 12:40:22 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [35288] =>.OpenVPN Technologies, Inc.®
O58 - SDL:2014/12/01 09:18:42 A . (.Nanjing Tongxiang Network Technology Co.,LTD - TX WiFi NAT Driver.) -- C:\Windows\System32\drivers\txwifinat.sys [31152] {6AC8AF24C602CB90FE71875F1C4CEC80}
O58 - SDL:2007/09/23 23:00:00 A . (.WCH - WDM for USB serial, by W.ch.) -- C:\Windows\System32\drivers\USBSER34.SYS [37456]
O58 - SDL:2015/07/20 12:50:16 A . (.Gili Soft INC. - USB Stick Encryption Driver.) -- C:\Windows\System32\drivers\usedisk.sys [17408]
O58 - SDL:2014/09/09 18:34:28 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [741488] =>.Oracle Corporation®
O58 - SDL:2014/09/09 18:32:52 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [117272] =>.Oracle Corporation®
O58 - SDL:2012/12/19 14:35:16 A . (.Oracle Corporation - VirtualBox USB Driver.) -- C:\Windows\System32\drivers\VBoxUSB.sys [84904] =>.Oracle Corporation®
O58 - SDL:2014/09/09 18:32:52 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [105472] =>.Oracle Corporation®
O58 - SDL:2013/07/24 15:03:04 A . (.Elaborate Bytes AG - Virtual CloneDrive storage miniport.) -- C:\Windows\System32\drivers\VClone.sys [29696] =>.Elaborate Bytes AG
O58 - SDL:2013/08/22 05:33:00 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [18272] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:01 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\drivers\vsmraid.sys [148832] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:01 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [276832] =>.Microsoft Windows®
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO.SYS [33968]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO404.SYS [34688]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO412.SYS [35552]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO804.SYS [34688]
O58 - SDL:2013/08/26 10:52:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [15576] =>.MiniTool Solution Ltd®
O58 - SDL:2013/08/26 10:52:50 N . (...) -- C:\Windows\System32\pwdspio.sys [10200] =>.MiniTool Solution Ltd®
---\\ Last modified or created user files (1) - 49s
O61 - LFC: 2016/01/05 11:20:23 A . (..) -- C:\Users\samir\AppData\Local\Microsoft\Windows\2057\StructuredQuerySchema.bin [375495]
---\\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.8pecxstudios - Cyberfox.) -- C:\Program Files\Cyberfox\Cyberfox.exe {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios
---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd.
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\Launcher.exe =>.Opera Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
---\\ Search Browser Infection (4) - 7s
O69 - SBI: prefs.js [samir - fjqwa8wn.default] user_pref("avg.install.newtab", true); =>Toolbar.AVGSearch
O69 - SBI: prefs.js [samir - fjqwa8wn.default] user_pref("browser.search.order.1", "Ask.com"); =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Yandex) - http://yandex.ru/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Search Svchost Services (36) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [161792] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) -- C:\Windows\System32\certprop.dll [126976] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) -- C:\Windows\System32\certprop.dll [126976] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [250368] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1212928] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [734208] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [822784] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Log-on Service DLL.) -- C:\Windows\System32\seclogon.dll [24064] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [89600] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [115712] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [93696] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1015808] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [185856] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [74752] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [108032] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [191488] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [296448] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [75264] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [41984] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [1245184] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [367104] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [297984] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [167424] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [142848] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [95232] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [461824] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [183296] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [58368] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [390144] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [254464] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [3066880] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [734208] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [576512] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [155648] =>.Microsoft Corporation
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [76096] =>.Microsoft Windows®
---\\ Firewall Active Exception List (5) - 4s
O87 - FAEL: "{DC64C73B-6AED-46D8-9FC3-62F85CC808DE}" [In-None-P17-TRUE] .(.Tx-Network - My WIFI Router.) -- C:\Program Files\Wi-Fi\Wi-Fi.exe {6AC8AF24C602CB90FE71875F1C4CEC80}
O87 - FAEL: "{17FF39AF-6791-4F04-871B-8582E55D6C71}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
O87 - FAEL: "{D6861116-1C48-4A36-8F9F-64932EC4ED3B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
O87 - FAEL: "{53B50F2C-1871-446A-8D2F-053C9D0DB517}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
O87 - FAEL: "{26AC10E5-0E72-4B89-A686-8B98CBAC735B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (30) - 64s
SS - Demand [29/12/2015] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [04/11/2015] [ 827680] Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
SR - Auto [01/01/2000] [ 26112] Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe =>.LSI Corporation®
SR - Auto [28/10/2013] [ 1680088] @oem2.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Manageme (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe =>.Broadcom Corporation®
SS - Demand [12/01/2010] [ 227896] Com4QLBEx (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe =>.Hewlett-Packard Company®
SR - Auto [19/11/2015] [ 1983424] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SR - Auto [06/10/2014] [ 69408] FSPro Filter Service 2 (fsproflt2) . (.FSPro Labs.) - C:\Windows\System32\fsproflt2.exe {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
SS - Demand [30/04/2009] [ 229944] hpqwmiex (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe =>.Hewlett-Packard Company®
SR - Auto [19/12/2015] [ 27968] @oem54.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company®
SR - Auto [14/03/2011] [ 271712] HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2008.) - C:\ProgramData\DatacardService\HWDeviceService.exe =>.HUAWEI Technologies Co., Ltd.®
SR - Auto [26/09/2008] [ 188416] JumpStart Push-Button Service (jswpbapi) . (.Atheros Communications, Inc..) - C:\Program Files\Jumpstart\jswpbapi.exe =>.Atheros Communications, Inc.
SS - Demand [26/09/2008] [ 954368] JumpStart Wi-Fi Protected Setup (jswpsapi) . (.Atheros Communications, Inc..) - C:\Program Files\Jumpstart\jswpsapi.exe =>.Atheros Communications, Inc.
SR - Auto [10/11/2015] [ 2934048] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology®
SR - Auto [27/11/2015] [ 1872808] Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon.) - C:\Program Files\Maxthon3\Modules\Service\Update\MaxthonUpdateSvc.exe =>.Maxthon (Asia) Limited.®
SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SR - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Auto [12/11/2012] [ 657504] Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe =>.Huawei Technologies Co., Ltd.®
SS - Demand [24/07/2015] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [18/11/2014] [ 47464] MyWiFiRouterDHCP (MyWiFiRouterDHCP) . (...) - C:\Program Files\Wi-Fi\WiFiGxSvc.exe {6AC8AF24C602CB90FE71875F1C4CEC80}
SS - Demand [29/06/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG®
SS - Demand [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe =>.Nero AG®
SS - Demand [14/11/2011] [ 442136] PCAutoShutdown_Service (PCAutoShutdown_Service) . (.GoldSolution Software, Inc..) - C:\Program Files\PC Auto Shutdown\ShutdownService.exe {5FDAFF1C5F7FF6330F6090FAA6CA4C47}
SS - Demand [30/06/2009] [ 40960] Realtek87L (Realtek87L) . (.Realtek.) - C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe =>.Realtek
SS - Demand [01/03/2013] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.®
SS - Demand [03/04/2014] [ 315008] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [21/09/2015] [ 1055008] StartMenu8 Service (StartMenuService) . (.IObit.) - C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology®
SR - Auto [22/03/2013] [ 91944] ULService (ULService) . (...) - C:\Program Files\GiliSoft\USB Lock\ULService.exe
SR - Auto [19/10/2015] [ 339968] (Update service) . (.Popcorn Time.) - C:\Program Files\Popcorn Time\Updater.exe =>.Popcorn Time
SS - Demand [25/09/2014] [ 1820184] (vToolbarUpdater18.1.9) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe =>Toolbar.AVGSafeGuard
---\\ Additional Scan (O88) (26) - 0s
C:\Windows\System32\Tasks\AutoKMS =>HackTool.AutoKMS
C:\Windows\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\Windows\System32\Tasks\LaunchSignup =>PUP.Optional.MyPCBackup
C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver =>PUP.Optional.DriverReviver
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1 =>Toolbar.QuickStores
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver =>PUP.Optional.DriverReviver
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1 =>Toolbar.QuickStores
HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKLM\SOFTWARE\Systweak =>Superfluous.Systweak
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\Systweak =>Superfluous.Systweak
C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\samir\AppData\Roaming\Easeware =>.Superfluous.Easeware
C:\Users\samir\AppData\Roaming\QuickStoresToolbar =>Toolbar.QuickStores
C:\Users\samir\AppData\Roaming\RHEng =>PUP.Optional.Conduit
C:\Users\samir\AppData\Roaming\systweak =>Superfluous.Systweak
C:\Users\samir\AppData\Local\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
C:\Windows\Prefetch\DRIVERGENIUS.EXE-6A44787C.pf =>.Superfluous.DriverGenius
---\\ Summary of the elements found (14) - 0s
http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DriverReviver
http://www.nicolascoolman.fr/?p=4664 =>Toolbar.QuickStores
http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSearch
http://www.nicolascoolman.fr/pup-systweak/ =>Superfluous.Systweak
http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Easeware
http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.DriverGenius
~ End of the scan, 21236 items in 00h04mn55s (1148)(0)
~ Run by samir (Administrator) (2016/01/09 20:24:36)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\samir\Desktop\ZHPDiag.txt
~ Report: C:\Users\samir\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8.1 Pro, 32-bit (Build 9600)
---\\ Internet Browsers (3) - 0s
MFIE: Mozilla Firefox 33.0.1 (x86 en-US)
OPIE: Opera 31.0.1889.99
MSIE: Internet Explorer v11.0.9600.18125
---\\ Windows Product Information (3) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
---\\ System protection software (4) - 3s
ESET Smart Security v9.0.349.0
Malwarebytes Anti-Malware version 2.2.0.1024
SMADAV version 10.4.1 v10.4.1
Windows Defender (Deactivate)
---\\ System optimization software (1) - 3s
CCleaner v5.01
---\\ Surveillance software (1) - 3s
Adobe Flash Player 20 PPAPI
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2088.244 MB (21% free)
System Restore: Activé (Enable)
System drive C: has 52 GB () free of 96 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: GAZAFOREVER
~ User Name: samir
~ Logged in as Administrator
---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 52 GB free of 96 GB (System)
~ Drive E: has 12 GB free of 18 GB
---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (24) - 2s
[MD5.91E24273FCA076EA9E65DAFA98901225] - 27/01/2015 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2207488] =>.Microsoft Corporation
[MD5.8BFE805555CDAF6387912A34D7978DAA] - 29/10/2014 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [51200] =>.Microsoft Corporation
[MD5.8A60D4136E37C3CCB1ECAE90D11618F4] - 20/12/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [115712] =>.Microsoft Corporation
[MD5.B60461B5CED2BFAE1A870C61C66966C4] - 20/12/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2011136] =>.Microsoft Corporation
[MD5.C7B38F105DFDD3231314EDDF7012D8AA] - 20/12/2015 - (.Microsoft Corporation - Windows Log-on Application.) -- C:\Windows\System32\Winlogon.exe [465920] =>.Microsoft Corporation
[MD5.BFB9E1202225113991F981D29BFB9029] - 18/03/2014 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [438272] =>.Microsoft Corporation
[MD5.205BDB00F4C032AF45A6BFD18EA7886C] - 19/12/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [498688] =>.Microsoft Corporation
[MD5.E37F897ED7B5AFF79B1398258DB96BD9] - 22/08/2013 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19456] =>.Microsoft Corporation
[MD5.2B204EEC6A78BB9730927A28435DFEB4] - 20/12/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [462848] =>.Microsoft Corporation
[MD5.72FCAE2CE6DFEAB2AB072435017F3417] - 22/08/2013 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [23392] =>.Microsoft Corporation
[MD5.CE232BB0965C0C0B786C3F976CCBFB7D] - 22/08/2013 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [73728] =>.Microsoft Corporation
[MD5.E2FC132D48EA4E8B04432C33EFB77801] - 22/08/2013 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [124928] =>.Microsoft Corporation
[MD5.55758EBBC45E1628161121D7CFEAD4A1] - 06/03/2014 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.7E0EDA9EE53E344D1604EB2A7E8DED47] - 24/07/2014 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [69632] =>.Microsoft Corporation
[MD5.7A708934CC652100A94944EC808C3916] - 19/12/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [83456] =>.Microsoft Corporation
[MD5.FA6C94C754A566EA8A61D658932F32DE] - 18/03/2014 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [126976] =>.Microsoft Corporation
[MD5.27B19A0343AB86F1CF987A97AA41BB40] - 20/12/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [328192] =>.Microsoft Corporation
[MD5.BC242922B0D08F61CF7C87FD08FAFA8B] - 22/08/2013 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [218624] =>.Microsoft Corporation
[MD5.C52E578E3F8182C2EE6AAF0AC2B61C9B] - 15/10/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1689408] =>.Microsoft Corporation
[MD5.4F30970F15ADCC382544B31D5D7E368E] - 22/08/2013 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [81408] =>.Microsoft Corporation
[MD5.3255D128FDC28D6859303BF240991A0D] - 19/12/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [82432] =>.Microsoft Corporation
[MD5.67E91843B0344411820A012063E876B2] - 18/03/2014 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [143872] =>.Microsoft Corporation
[MD5.80A7F31C89C7752DFEC2A9CF28FFF291] - 20/12/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [86016] =>.Microsoft Corporation
[MD5.31A2AA48C1ECD390E2707E5C21B75DCE] - 19/06/2014 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [264512] =>.Microsoft Corporation
---\\ Non Microsoft non disabled Windows Services (17) - 3s
O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit - Advanced SystemCare Service.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe =>.LSI Corporation®
O23 - Service: @oem2.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Manageme (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\System32\BtwRSupportService.exe =>.Broadcom Corporation®
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: FSPro Filter Service 2 (fsproflt2) . (.FSPro Labs - FSPro Labs Filter Service.) - C:\Windows\System32\fsproflt2.exe {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
O23 - Service: @oem54.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company®
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2008 - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe =>.HUAWEI Technologies Co., Ltd.®
O23 - Service: JumpStart Push-Button Service (jswpbapi) . (.Atheros Communications, Inc. - JumpStart PushButton Service.) - C:\Program Files\Jumpstart\jswpbapi.exe =>.Atheros Communications, Inc.
O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology®
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon - .) - C:\Program Files\Maxthon3\Modules\Service\Update\MaxthonUpdateSvc.exe =>.Maxthon (Asia) Limited.®
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe =>.Huawei Technologies Co., Ltd.®
O23 - Service: MyWiFiRouterDHCP (MyWiFiRouterDHCP) . (...) - C:\Program Files\Wi-Fi\WiFiGxSvc.exe {6AC8AF24C602CB90FE71875F1C4CEC80}
O23 - Service: StartMenu8 Service (StartMenuService) . (.IObit - StartMenu8 Services.) - C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology®
O23 - Service: ULService (ULService) . (...) - C:\Program Files\GiliSoft\USB Lock\ULService.exe
O23 - Service: (Update service) . (.Popcorn Time - Updater.) - C:\Program Files\Popcorn Time\Updater.exe =>.Popcorn Time
---\\ Task Planned Automatically (37) - 7s
[MD5.F087BF62308F33AB22D9A6D159E00A28] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [1163456] =>.Adobe Systems Incorporated®
[MD5.E4705F6EFA7B8BE1F55458B1584574A1] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated®
[MD5.9A7C5BE65ED820EC935AFAD9E675822D] [APT] [ASC9_SkipUac_samir] (.IObit.) -- C:\Program Files\IObit\Advanced SystemCare\ASC.exe [4995872] =>.IObit Information Technology®
[MD5.0098F118EDFC23953919988D9531E9EE] [APT] [Ashampoo Privacy Protector Weekly Security Scan] (.Ashampoo GmbH & Co. KG.) -- C:\Program Files\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe [2223984] =>.Ashampoo GmbH & Co. KG®
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.) [0] =>HackTool.AutoKMS
[MD5.00000000000000000000000000000000] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) [0] =>HackTool.KMSpico
[MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.) [0]
[MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5489944] =>.Piriform Ltd®
[MD5.16369F18244A0CEC509CEDB22E6786BF] [APT] [Driver Booster Scheduler] (.IObit.) -- C:\Program Files\IObit\Driver Booster\Scheduler.exe [1003328] =>.IObit Information Technology®
[MD5.5640216A709262C8A35402BB7B931A6E] [APT] [Driver Booster SkipUAC (samir)] (.IObit.) -- C:\Program Files\IObit\Driver Booster\DriverBooster.exe [4629312] =>.IObit Information Technology®
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.Optional.MyPCBackup
[MD5.9E2F3C034C1C2D17B1550A24364CEAD1] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe [265640] =>.Maxthon (Asia) Limited.®
[MD5.00000000000000000000000000000000] [APT] [Open Chrome] (...) -- C:\Users\samir\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) [0]
[MD5.CD9E638EFC321B1856E1F3CCCCCCA478] [APT] [Opera scheduled Autoupdate 1437755498] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [930936] =>.Opera Software ASA®
[MD5.00000000000000000000000000000000] [APT] [smadav] (...) -- C:\Program Files\Smadav\SM?RTP.exe [1658880]
[MD5.C9ABE9ACBBD3CE54693412EE30D7639E] [APT] [Uninstaller_SkipUac_samir] (.IObit.) -- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [4869920] =>.IObit Information Technology®
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: ASC9_SkipUac_samir - (.IObit.) -- C:\Windows\Tasks\ASC9_SkipUac_samir.job [250] =>.IObit
O39 - APT: Open Chrome - (...) -- C:\Windows\Tasks\Open Chrome.job [402] (.Orphean.)
O39 - APT: Uninstaller_SkipUac_samir - (.IObit.) -- C:\Windows\Tasks\Uninstaller_SkipUac_samir.job [290] =>.IObit
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3862] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3718] =>.Adobe Systems Incorporated
O39 - APT: ASC9_SkipUac_samir - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_SkipUac_samir [2350] =>.IObit
O39 - APT: Ashampoo Privacy Protector Weekly Security Scan - (.Ashampoo GmbH & Co. KG.) -- C:\Windows\System32\Tasks\Ashampoo Privacy Protector Weekly Security Scan [3824] =>.Ashampoo GmbH & Co. KG
O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [3758] (.Orphean.) =>HackTool.AutoKMS
O39 - APT: AutoPico Daily Restart - (...) -- C:\Windows\System32\Tasks\AutoPico Daily Restart [3704] (.Orphean.) =>HackTool.KMSpico
O39 - APT: avast! Emergency Update - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] (.Orphean.)
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2772] =>.Piriform Ltd
O39 - APT: Driver Booster Scheduler - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Scheduler [3236] =>.IObit
O39 - APT: Driver Booster SkipUAC (samir) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (samir) [2868] =>.IObit
O39 - APT: LaunchSignup - (...) -- C:\Windows\System32\Tasks\LaunchSignup [4020] (.Orphean.) =>PUP.Optional.MyPCBackup
O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update [3580] =>.Maxthon International ltd.
O39 - APT: Open Chrome - (...) -- C:\Windows\System32\Tasks\Open Chrome [2624] (.Orphean.)
O39 - APT: Opera scheduled Autoupdate 1437755498 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437755498 [3826] =>.Opera Software
O39 - APT: smadav - (...) -- C:\Windows\System32\Tasks\smadav [3216]
O39 - APT: Uninstaller_SkipUac_samir - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_samir [2390] =>.IObit
---\\ Process running (14) - 6s
[MD5.932B1299206773C564F18F0A1C62712C] - (.FSPro Labs - FSPro Labs Filter Service.) -- C:\Windows\System32\fsproflt2.exe [69408] [PID.1404] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
[MD5.C16E00F89DC80590A03A33DDDA24E2E1] - (.FSPro Labs - Hide Folders 2012 Control Panel.) -- C:\Program Files\Hide Folders 2012\hf.exe [2210568] [PID.1644] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
[MD5.01539EEE760A042E791754A59AD341BC] - (.FSPro Labs - Hide Folders Control Panel.) -- C:\Program Files\Hide Folders\hf5.exe [2701576] [PID.1652] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
[MD5.8AFD109901B377D55D1CB387B77C5893] - (.Smadsoft - Smadav USB Antivirus & Additional Protectio.) -- C:\Program Files\SMADAV\SMΔRTP.exe [1658880] [PID.1992]
[MD5.670D6F56BA218AE78CD526AFCC530E2A] - (.Atheros Communications, Inc. - JumpStart PushButton Service.) -- C:\Program Files\Jumpstart\jswpbapi.exe [188416] [PID.2168] =>.Atheros Communications, Inc.
[MD5.8118AA1C914D1A1171792B72C2A9C881] - (...) -- C:\Program Files\Wi-Fi\WiFiGxSvc.exe [47464] [PID.3292] {6AC8AF24C602CB90FE71875F1C4CEC80}
[MD5.F7587F89E092AD179BC872D423068815] - (...) -- C:\Program Files\GiliSoft\USB Lock\ULService.exe [91944] [PID.3488]
[MD5.BD93D1A0E0A7A96BEA4585F17C9B3307] - (.Popcorn Time - Updater.) -- C:\Program Files\Popcorn Time\Updater.exe [339968] [PID.3536] =>.Popcorn Time
[MD5.043CCDB162DDCDAB3CB5F80EDE4F4C50] - (...) -- C:\Program Files\GiliSoft\USB Lock\ULClient.exe [922920] [PID.3544]
[MD5.C3022E871677CB342EDFCD5D05D29DDF] - (.8pecxstudios - Cyberfox.) -- C:\Program Files\Cyberfox\Cyberfox.exe [768032] [PID.4472] {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios
[MD5.A1D21F1E7E9B27075217DF9AF1056F1F] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe [8345568] [PID.5480] {17B0C425187E4534E12B02B218563F46} =>.AVM Software Inc.
[MD5.A1D21F1E7E9B27075217DF9AF1056F1F] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe [8345568] [PID.5444] {17B0C425187E4534E12B02B218563F46} =>.AVM Software Inc.
[MD5.ED48A87D4C4F92BAF19FF1D6AF6C2D85] - (.FairStars Soft - Audio Recorder For Win32.) -- C:\Program Files\FairStars MP3 Recorder\Recorder.exe [1189888] [PID.5992]
[MD5.845BE5F9082DD2C4A2DD8C11974E1ACA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\samir\AppData\Roaming\ZHP\ZHPDiag3.exe [2065920] [PID.1556] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (1) - 0s
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom]
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (19) - 5s
M0 - MFSP: prefs.js [samir - fjqwa8wn.default] https://www.google.co.ma/
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\clean_and_close@csb7.com.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\langpack-en-US@firefox.mozilla.org.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\langpack-fr@firefox.mozilla.org.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\{86054B0A-BD85-42F9-8E58-8794EC6F6EA1}.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\searchplugins\avg-secure-search.xml
P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\searchplugins\yandex.ru-145911.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla
P2 - EXT: (.Mixesoft - Click&Clean.) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\clickclean@hotcleaner.com
P2 - FPN: [HKCU] [@cntv.cn/Live2] - (.WWW.CNTV.CN.) -- C:\Users\samir\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\843l1d0a.default\extensions\CNTVLive2@www.cntv.cn\plugins\npCNTVLive2.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_20_0_0_267.dll =>.Adobe Systems Incorporated
---\\ Opera, Plugins,Start,Search (3) - 0s
B2 - EXT: [HOTCLEANER.COM] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm
B2 - EXT: [IDM Integration Module] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek
B2 - EXT: [Opera Stable] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp
---\\ Internet Explorer Extensions, Start, Search (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://go.speedbit.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (6)
---\\ Browser Helper Object (BHO) (6) - 1s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} . (.IObit - Uninstall for explorer.) -- C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll =>.IObit Information Technology®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} . (.IObit - Advanced SystemCare 8 ASCPlugin_Protection.) -- C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll =>.IObit Information Technology®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Internet Explorer Toolbars (2) - 0s
O3 - Toolbar: 0x207D39914614D4118AF40040CA1127B6 - [HKCU]{91397D20-1446-11D4-8AF4-0040CA1127B6} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} (Orphean) (.not file.)
---\\ Auto loading programs from Registry and folders (7) - 1s
O4 - HKLM\..\Run: [jswtrayutil] . (.Atheros Communications, Inc. - Tray Utility for JumpStart for Wireless.) -- C:\Program Files\Jumpstart\jswtrayutil.exe =>.Atheros Communications, Inc.
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{bbb18818-e9b1-45e8-a277-19e5057662c1}: DhcpNameServer = 192.168.1.1
---\\ Extra protocols (22) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - ViProtocol.) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll =>Toolbar.AVGSafeGuard
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
---\\ Software installed (83) - 24s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Advanced SystemCare 9 - (.IObit.) [HKLM] -- Advanced SystemCare_is1 =>.IObit Information Technology®
O42 - Logiciel: Allok 3GP PSP MP4 iPod Video Converter 6.2.0603 - (.Allok Soft Inc.) [HKLM] -- Allok 3GP PSP MP4 iPod Video Converter_is1
O42 - Logiciel: Allok Video Joiner 4.6.1217 - (.Allok Soft Inc..) [HKLM] -- Allok Video Joiner_is1
O42 - Logiciel: Aoao Video Watermark Pro - (.WonderFox Soft, Inc. All Rights Reserved..) [HKCU] -- AoaoVideoWatermarkPro
O42 - Logiciel: Ashampoo Privacy Protector v.1.0.1 - (.Ashampoo GmbH & Co. KG.) [HKLM] -- {91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1 =>.Ashampoo GmbH & Co. KG®
O42 - Logiciel: Ashampoo Slideshow Studio HD 3 v.3.0.9 - (.Ashampoo GmbH & Co. KG.) [HKLM] -- {91B33C97-0CE8-6ABD-1CF4-0DAF2CCF492A}_is1 =>.Ashampoo GmbH & Co. KG®
O42 - Logiciel: Audacity 2.0.2 - (.Audacity Team.) [HKLM] -- Audacity_is1 =>.Audacity Team
O42 - Logiciel: Beyluxe Messenger - (.Hichatters Srl.) [HKLM] -- Beyluxe Messenger1
O42 - Logiciel: Boilsoft Video Converter 3.01 - (.Boilsoft. Inc..) [HKLM] -- {4822DF0D-087B-435C-843D-ADAB239CCA13}_is1
O42 - Logiciel: Boilsoft Video Joiner 6.57 - (.Boilsoft, Inc..) [HKLM] -- {FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1
O42 - Logiciel: Boilsoft Video Splitter 6.34 - (.Boilsoft, Inc..) [HKLM] -- {24549038-9956-4EE5-976D-4419AAEA7DD5}_is1
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Cyberfox Web Browser (x86) - (.8pecxstudios.) [HKLM] -- {DA42BA39-9916-4F32-83AC-27AAE5CFA09E}_is1 {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios
O42 - Logiciel: Driver Booster 3.1 - (.IObit.) [HKLM] -- Driver Booster_is1 =>.IObit Information Technology®
O42 - Logiciel: Driver Reviver - (.ReviverSoft LLC.) [HKLM] -- Driver Reviver =>PUP.Optional.DriverReviver
O42 - Logiciel: EcoLotoFoot - (.Cellard Softwares.) [HKLM] -- EcoLotofoot Shareware_is1 =>.Cellard Softwares
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {EE928C63-34BF-4157-8B20-C20404A22A34} =>.ESET, spol. s r.o.
O42 - Logiciel: FairStars MP3 Recorder 2.50 - (.FairStars Soft.) [HKLM] -- FairStars MP3 Recorder_is1
O42 - Logiciel: FastStone Capture 7.8 - (.FastStone Soft.) [HKLM] -- FastStone Capture =>.FastStone Soft
O42 - Logiciel: Folderico 4.0 RC12 - (.Shedko ( www.softq.org ).) [HKLM] -- Folderico
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory =>.Format Factory
O42 - Logiciel: GiliSoft USB Lock 3.1 - (.Gilisoft International LLC..) [HKLM] -- {A3755312-4264-41d0-91CF-C0633F7ADF3B}_is1
O42 - Logiciel: GiliSoft USB Stick Encryption 5.5.0 - (.Gilisoft International LLC..) [HKLM] -- {5BAA1731-B992-48B6-A44E-7DF111698957}_is1
O42 - Logiciel: HP Quick Launch Buttons - (.Hewlett-Packard Company.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355} =>.Hewlett-Packard Company®
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM] -- IObitUninstall =>.IObit Information Technology®
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 60 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218060F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Jumpstart Installation Program - (.Atheros.) [HKLM] -- {B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13} =>.Atheros
O42 - Logiciel: K-Lite Mega Codec Pack 10.4.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: KMPlayer (remove only) - (.PandoraTV.) [HKLM] -- The KMPlayer
O42 - Logiciel: KMSpico v9.1.0.20131125 (Beta) - (...) [HKLM] -- KMSpico_is1 =>HackTool.KMSpico
O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM] -- LSI Soft Modem =>.LSI Corporation
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM] -- Maxthon3 =>.Maxthon (Asia) Limited.®
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM] -- MEGAsync =>.Mega Limited®
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Milouz Market - (.Milouz Corp.) [HKLM] -- {EB863FE2-3602-447F-AC15-AEAD0A8B623A}
O42 - Logiciel: Modem HDM EC156 - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Modem HDM EC156 =>.Huawei Technologies Co.,Ltd
O42 - Logiciel: Mozilla Firefox 33.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 33.0.1 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: My WIFI Router - (.TxNetwork, Inc..) [HKLM] -- My WIFI Router {6AC8AF24C602CB90FE71875F1C4CEC80}
O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {CF097717-F174-4144-954A-FBC4BF301033} =>.Nero AG
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: Opera Stable 31.0.1889.99 - (.Opera Software.) [HKLM] -- Opera 31.0.1889.99 =>.Opera Software ASA®
O42 - Logiciel: Paltalk Messenger 11.6 - (.AVM Software Inc..) [HKLM] -- Paltalk Messenger =>.AVM Software Inc.
O42 - Logiciel: PC Auto Shutdown 5.9 - (.GoldSolution Software, Inc..) [HKLM] -- PC Auto Shutdown_is1
O42 - Logiciel: PhotoInstrument 7.3 - (.Fatykhov Timur.) [HKLM] -- {5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1 =>.Fatykhov Timur
O42 - Logiciel: Popcorn Time - (.Popcorn Time.) [HKLM] -- Popcorn Time_is1 =>.Popcorn Time
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: Protected Folder - (.IObit.) [HKLM] -- Protected Folder_is1 =>.IObit Information Technology®
O42 - Logiciel: QLBCASL - (.Hewlett-Packard.) [HKLM] -- {F1D7AC58-554A-4A58-B784-B61558B1449A} =>.Hewlett-Packard
O42 - Logiciel: QuickStores-Toolbar 1.1.0 - (.AB-Tools.com.) [HKLM] -- QuickStores-Toolbar_is1 {432642D81F742569A0828E8CA82DE024} =>Toolbar.QuickStores
O42 - Logiciel: REALTEK Wireless LAN Driver and Utility - (.REALTEK Semiconductor Corp..) [HKLM] -- {0DF70CB6-553A-4C57-8E6D-87635EECFB78} =>.Realtek Semiconductor Corp.
O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM] -- Registry Trash Keys Finder =>.SNC
O42 - Logiciel: Revo Uninstaller Pro 3.1.4 - (.VS Revo Group, Ltd..) [HKLM] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 =>.VS Revo Group, Ltd.
O42 - Logiciel: SDFormatter - (.SD Association.) [HKLM] -- {179324FF-7B16-4BA8-9836-055CAAEE4F08} =>.SD Association
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 6.21 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A.
O42 - Logiciel: SMADAV version 10.4.1 - (.SmadSoft.) [HKLM] -- {8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1
O42 - Logiciel: Smart Defrag 3 - (.IObit.) [HKLM] -- Smart Defrag 3 Pro_is1 =>.IObit Information Technology®
O42 - Logiciel: SsdReady - (.CEZEO software Ltd..) [HKLM] -- SsdReady_is1
O42 - Logiciel: Start Menu 8 - (.IObit.) [HKLM] -- IObit_StartMenu8_is1 =>.IObit Information Technology®
O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM] -- IObit Surfing Protection_is1 =>.IObit Information Technology®
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: TapinRadio Pro - (.Raimersoft.) [HKLM] -- TapinRadio Pro_is1 =>.Raimersoft
O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM] -- TAP-Windows
O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: URL Helper - (...) [HKLM] -- URL Helper_is1
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive =>.Elaborate Bytes
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: Webinaria 2.0 - (.Charlwood eMarketing.) [HKLM] -- Webinaria_is1 =>.Charlwood eMarketing
O42 - Logiciel: WinAVI All-in-One Converter - (.ZJMedia Digital Technology Ltd..) [HKLM] -- WinAVI All-in-One Converter
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM] -- WinPcapInst =>.Riverbed Technology, Inc.
O42 - Logiciel: WinRAR 5.20 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: YouTube Downloader Suite V3.2.3 - (.Apowersoft.) [HKLM] -- {3FF2F54D-FA3A-406F-9F9E-6CDD95B9A1A9}_is1 =>.APowerSoft
---\\ HKCU & HKLM Software Keys (188) - 24s
HKLM\SOFTWARE\8pecxstudios
HKLM\SOFTWARE\Agere
HKLM\SOFTWARE\ahead
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Ashampoo
HKLM\SOFTWARE\AS_Mubashir
HKLM\SOFTWARE\Atheros
HKLM\SOFTWARE\Auslogics
HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKLM\SOFTWARE\AviSynth
HKLM\SOFTWARE\Belarc
HKLM\SOFTWARE\Bigasoft
HKLM\SOFTWARE\Chrispc
HKLM\SOFTWARE\CyberGhost
HKLM\SOFTWARE\Dell
HKLM\SOFTWARE\Elaborate Bytes
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Freemake
HKLM\SOFTWARE\FSPro Labs
HKLM\SOFTWARE\GiliSoft
HKLM\SOFTWARE\Gilisoft-usb-lock
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GSLLC
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\Hewlett-Packard Company
HKLM\SOFTWARE\HPQ
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\Icaros
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\IO3O
HKLM\SOFTWARE\IObit
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\KMPlayer
HKLM\SOFTWARE\KONAMIPES6
HKLM\SOFTWARE\LAV
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\LogMeInRescueCallingCard
HKLM\SOFTWARE\LSI
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Maxthon3
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Milouz Corp
HKLM\SOFTWARE\MOVAVI
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\MT Solution
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\NSIS.Library.RegTool.v3
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\PATHPILOT
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\PowerISO
HKLM\SOFTWARE\Reg
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\RtWLan
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SNC
HKLM\SOFTWARE\Synaptics
HKLM\SOFTWARE\Systweak =>Superfluous.Systweak
HKLM\SOFTWARE\TAP-Windows
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\Webinaria
HKLM\SOFTWARE\WinChipHead
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\ZmnGlobalSDK
HKCU\SOFTWARE\2vg
HKCU\SOFTWARE\4kdownload.com
HKCU\SOFTWARE\8322898
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\Aiseesoft Studio
HKCU\SOFTWARE\Akeo Consulting
HKCU\SOFTWARE\All-Radio
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\AppWork
HKCU\SOFTWARE\Ashampoo
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BcmSetup
HKCU\SOFTWARE\BenVista
HKCU\SOFTWARE\Beyluxe Messenger
HKCU\SOFTWARE\Bigasoft
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Bmupd
HKCU\SOFTWARE\Boilsoft
HKCU\SOFTWARE\Bytescout
HKCU\SOFTWARE\Cameyo
HKCU\SOFTWARE\Cameyo Package Editor
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CPSSoft
HKCU\SOFTWARE\DownloadAstro
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\epsxe
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FreeDownloadManager.ORG
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Freeware
HKCU\SOFTWARE\FSPro Labs
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreenTree Applications
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Internet Cyclone
HKCU\SOFTWARE\IObit
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KGB Archiver
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Lockdir
HKCU\SOFTWARE\LogMeInRescueCallingCard
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MassTube
HKCU\SOFTWARE\Maxthon3
HKCU\SOFTWARE\MCAFEE
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mirage
HKCU\SOFTWARE\MOVAVI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\MyLanViewer
HKCU\SOFTWARE\Ongkara software
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Paltalk
HKCU\SOFTWARE\PhotoInstrument
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Popcorn Time
HKCU\SOFTWARE\PopcornTime
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\ProtectedData
HKCU\SOFTWARE\pth264
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Reg
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\screen-capture-recorder
HKCU\SOFTWARE\SimpleTV by SergeyVS#3
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SMADΔV
HKCU\SOFTWARE\SpeedBit
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TempCleaner
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TSR Software
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\UpdateStar
HKCU\SOFTWARE\URLHelper
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VirtualDub.org
HKCU\SOFTWARE\virtual_audio_capture
HKCU\SOFTWARE\VOS
HKCU\SOFTWARE\VS Revo Group
HKCU\SOFTWARE\Widevine
HKCU\SOFTWARE\WinAVI
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\Yandex
HKCU\SOFTWARE\YouTube Downloader Suite
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Yandex
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
---\\ Contents of the Common Files folders (371) - 48s
O43 - CFD: 31/12/2015 - [0] D -- C:\Program Files\Aiseesoft Studio
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Allok 3GP PSP MP4 iPod Video Converter
O43 - CFD: 17/12/2015 - [] D -- C:\Program Files\Allok Video Joiner
O43 - CFD: 05/01/2016 - [0] D -- C:\Program Files\Aneesoft
O43 - CFD: 22/09/2015 - [0] D -- C:\Program Files\AoaoPhoto Digital Studio
O43 - CFD: 30/12/2015 - [0] D -- C:\Program Files\ApeeeGoSoft
O43 - CFD: 17/12/2014 - [] D -- C:\Program Files\Apowersoft
O43 - CFD: 24/07/2015 - [] D -- C:\Program Files\Ashampoo =>.Ashampoo GmbH & Co. KG®
O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\Audacity
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\AuthenTec =>.AuthenTec, Inc.®
O43 - CFD: 10/03/2015 - [0] D -- C:\Program Files\Belarc
O43 - CFD: 28/01/2015 - [] D -- C:\Program Files\Beyluxe Messenger
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Bigasoft
O43 - CFD: 07/01/2016 - [] D -- C:\Program Files\Boilsoft
O43 - CFD: 31/12/2015 - [] D -- C:\Program Files\Boilsoft Video Converter
O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\Broadcom
O43 - CFD: 08/10/2014 - [] D -- C:\Program Files\Bytescout Watermarking (Free)
O43 - CFD: 22/12/2014 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 31/08/2015 - [] D -- C:\Program Files\CEZEO software {3C2C57985C7A9FA89B39C73FE4707BAE}
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 02/12/2014 - [] D -- C:\Program Files\Cyberfox {275F7B4841402DE0F41C8CCF30795AC2}
O43 - CFD: 30/08/2015 - [] D -- C:\Program Files\EcoLotofootSha
O43 - CFD: 15/11/2014 - [] D -- C:\Program Files\Elaborate Bytes
O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\Enigma Software Group =>.Superfluous.SpyHunter
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\FairStars MP3 Recorder
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\FastStone Capture
O43 - CFD: 29/07/2014 - [] D -- C:\Program Files\Folderico
O43 - CFD: 06/03/2015 - [] D -- C:\Program Files\FreeTime =>.chen jun hao®
O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\GiliSoft {166DAF8F034BBD9BE8EBE24044970524}
O43 - CFD: 06/11/2014 - [0] D -- C:\Program Files\Glarysoft
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Hewlett-Packard =>.Hewlett-Packard Company®
O43 - CFD: 29/10/2014 - [] D -- C:\Program Files\Hide Folders {7B6CC6957166C29858134F621F7124F8}
O43 - CFD: 07/10/2014 - [] D -- C:\Program Files\Hide Folders 2012 {7B6CC6957166C29858134F621F7124F8}
O43 - CFD: 19/08/2015 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\Intel
O43 - CFD: 01/05/2015 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 19/12/2015 - [] D -- C:\Program Files\IObit =>.IObit Information Technology®
O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\Jumpstart
O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\LSI SoftModem =>.LSI Corporation®
O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Maxthon3 =>.Maxthon (Asia) Limited.®
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 18/12/2015 - [0] D -- C:\Program Files\Microsoft Toolkit Final
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 31/10/2014 - [] D -- C:\Program Files\Milouz Corp
O43 - CFD: 16/03/2015 - [] D -- C:\Program Files\Modem HDM EC156 =>.HUAWEI Technologies Co., Ltd.®
O43 - CFD: 28/07/2015 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 29/07/2015 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 22/09/2014 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 05/07/2015 - [] D -- C:\Program Files\Nero =>.Nero AG®
O43 - CFD: 22/12/2014 - [0] D -- C:\Program Files\Netscape
O43 - CFD: 11/07/2015 - [0] D -- C:\Program Files\NextSecurity.NET
O43 - CFD: 21/08/2015 - [] D -- C:\Program Files\Opera =>.Opera Software ASA®
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\Paltalk Messenger {17B0C425187E4534E12B02B218563F46}
O43 - CFD: 18/10/2014 - [] D -- C:\Program Files\PC Auto Shutdown {0083998C9534478BD30EF63F2600FE0B3E}
O43 - CFD: 01/08/2015 - [] D -- C:\Program Files\PhotoInstrument
O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\Popcorn Time
O43 - CFD: 25/09/2014 - [] D -- C:\Program Files\PowerISO =>.Power Software Ltd®
O43 - CFD: 08/07/2015 - [] D -- C:\Program Files\REALTEK
O43 - CFD: 22/09/2014 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 06/10/2014 - [] D -- C:\Program Files\SDA {432CB9BB3C2E6ACD2E344A7C30F7C996}
O43 - CFD: 11/01/2015 - [0] D -- C:\Program Files\SecurityXploded
O43 - CFD: 05/11/2014 - [] RD -- C:\Program Files\Skype =>.Skype Software Sarl®
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\SMADAV
O43 - CFD: 24/12/2014 - [] D -- C:\Program Files\StreamingStar
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 29/12/2014 - [] D -- C:\Program Files\TAP-Windows
O43 - CFD: 03/06/2015 - [] D -- C:\Program Files\TapinRadio
O43 - CFD: 21/11/2014 - [0] D -- C:\Program Files\TechSmith
O43 - CFD: 01/05/2015 - [] D -- C:\Program Files\TrashReg
O43 - CFD: 22/08/2013 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 15/12/2014 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 23/10/2014 - [] D -- C:\Program Files\VS Revo Group =>.VS Revo Group®
O43 - CFD: 09/05/2015 - [] D -- C:\Program Files\Webinaria
O43 - CFD: 03/07/2015 - [] D -- C:\Program Files\Wi-Fi {6AC8AF24C602CB90FE71875F1C4CEC80}
O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\WinAVI
O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation®
O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 22/08/2013 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 06/11/2015 - [] HD -- C:\Program Files\WindowsApps
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\WindowsPowerShell
O43 - CFD: 04/07/2015 - [] D -- C:\Program Files\WinPcap =>.Riverbed Technology, Inc.®
O43 - CFD: 10/10/2014 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 22/09/2015 - [] D -- C:\Program Files\WonderFox Soft
O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/06/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok 3GP PSP MP4 iPod Video Converter
O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok Video Joiner
O43 - CFD: 05/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aneesoft
O43 - CFD: 17/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros
O43 - CFD: 23/10/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
O43 - CFD: 12/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
O43 - CFD: 07/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft
O43 - CFD: 22/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 31/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEZEO software
O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisTV Online!
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoLotofootSha
O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 18/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairStars MP3 Recorder
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
O43 - CFD: 29/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico
O43 - CFD: 03/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GiliSoft
O43 - CFD: 02/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
O43 - CFD: 12/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
O43 - CFD: 01/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM-Software
O43 - CFD: 22/08/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Milouz Corp
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem HDM EC156
O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition
O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Auto Shutdown
O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoInstrument
O43 - CFD: 25/09/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder
O43 - CFD: 08/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187 Wireless LAN Utility
O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
O43 - CFD: 20/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8
O43 - CFD: 02/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 27/11/2014 - [0] HD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
O43 - CFD: 24/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar
O43 - CFD: 11/07/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SwitchSniffer
O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 18/03/2014 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 31/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 09/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webinaria
O43 - CFD: 26/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 09/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Ahead
O43 - CFD: 08/07/2015 - [0] D -- C:\ProgramData\APN =>Toolbar.Ask
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 23/10/2014 - [] D -- C:\ProgramData\Auslogics
O43 - CFD: 17/04/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 25/09/2014 - [] D -- C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 12/12/2015 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 08/10/2014 - [] D -- C:\ProgramData\cmcm
O43 - CFD: 25/09/2014 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 06/02/2015 - [0] D -- C:\ProgramData\dbg
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 18/12/2015 - [] D -- C:\ProgramData\ESET
O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\FastStone
O43 - CFD: 29/07/2014 - [] D -- C:\ProgramData\Folderico
O43 - CFD: 20/10/2014 - [] D -- C:\ProgramData\Free Download Manager
O43 - CFD: 15/07/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 08/10/2014 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 01/05/2015 - [0] D -- C:\ProgramData\Licenses
O43 - CFD: 19/10/2014 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 18/08/2014 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 28/06/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 05/08/2015 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Modem HDM EC156
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Movavi
O43 - CFD: 31/10/2014 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 05/01/2016 - [0] D -- C:\ProgramData\NCH Software
O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Nero
O43 - CFD: 01/11/2014 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 21/11/2014 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\PC Auto Shutdown
O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 17/03/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\ReviverSoft
O43 - CFD: 04/12/2014 - [] D -- C:\ProgramData\Rohos
O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Skype
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Steam
O43 - CFD: 01/11/2014 - [] D -- C:\ProgramData\Sun
O43 - CFD: 17/01/2015 - [0] D -- C:\ProgramData\Systweak =>Superfluous.Systweak
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 20/07/2015 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 14/01/2015 - [] D -- C:\ProgramData\TuneUp Software
O43 - CFD: 23/10/2014 - [] D -- C:\ProgramData\VS Revo Group
O43 - CFD: 15/11/2014 - [0] D -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
O43 - CFD: 19/12/2015 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
O43 - CFD: 14/01/2015 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 05/07/2015 - [] D -- C:\Program Files\Common Files\Ahead
O43 - CFD: 13/12/2015 - [] D -- C:\Program Files\Common Files\AV
O43 - CFD: 25/09/2014 - [] D -- C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\Common Files\EagleGet
O43 - CFD: 11/07/2015 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 19/12/2015 - [] D -- C:\Program Files\Common Files\IObit
O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 25/08/2014 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Common Files\SpeedBit
O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\8pecxstudios
O43 - CFD: 12/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\AceBIT
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Adobe
O43 - CFD: 05/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Ahead
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Anvsoft
O43 - CFD: 09/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Apowersoft
O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Apple Computer
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Ashampoo Slideshow Studio HD 3
O43 - CFD: 22/04/2015 - [] D -- C:\Users\samir\AppData\Roaming\Audacity
O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Auslogics
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\AVAST Software
O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Baidu
O43 - CFD: 04/02/2015 - [] D -- C:\Users\samir\AppData\Roaming\Beyluxe
O43 - CFD: 01/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Bigasoft Total Video Converter 5
O43 - CFD: 11/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Bigasoft Video Downloader Pro
O43 - CFD: 07/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Boilsoft
O43 - CFD: 31/08/2015 - [] D -- C:\Users\samir\AppData\Roaming\CEZEO software
O43 - CFD: 22/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\CNTV
O43 - CFD: 26/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\CrystalIdea Software
O43 - CFD: 01/11/2014 - [0] D -- C:\Users\samir\AppData\Roaming\DiskDefrag
O43 - CFD: 18/02/2015 - [] D -- C:\Users\samir\AppData\Roaming\djsoft.net
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\DMCache
O43 - CFD: 05/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\EagleGet
O43 - CFD: 31/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Easeware =>.Superfluous.Easeware
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\EasiestSoft
O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\ESET
O43 - CFD: 05/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\FairStars MP3 Recorder
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\FastStone
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\GiliSoft
O43 - CFD: 06/11/2014 - [0] D -- C:\Users\samir\AppData\Roaming\GlarySoft
O43 - CFD: 07/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Google
O43 - CFD: 05/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\HD Video Converter
O43 - CFD: 17/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Identities
O43 - CFD: 08/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\IDM
O43 - CFD: 14/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\InstallShield
O43 - CFD: 19/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\IObit
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Macromedia
O43 - CFD: 18/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\MassTube
O43 - CFD: 19/11/2015 - [] D -- C:\Users\samir\AppData\Roaming\Maxthon3
O43 - CFD: 24/12/2014 - [] SD -- C:\Users\samir\AppData\Roaming\Microsoft
O43 - CFD: 21/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Moonchild Productions
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Mozilla
O43 - CFD: 08/01/2016 - [0] D -- C:\Users\samir\AppData\Roaming\MPC-HC
O43 - CFD: 05/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\NCH Software
O43 - CFD: 25/09/2014 - [] D -- C:\Users\samir\AppData\Roaming\Nero
O43 - CFD: 22/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\Netscape
O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Opera Software
O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Paltalk
O43 - CFD: 25/09/2014 - [] D -- C:\Users\samir\AppData\Roaming\PowerISO
O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\ProductData
O43 - CFD: 17/04/2015 - [0] D -- C:\Users\samir\AppData\Roaming\QuickScan
O43 - CFD: 20/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\QuickStoresToolbar =>Toolbar.QuickStores
O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\RHEng =>PUP.Optional.Conduit
O43 - CFD: 23/10/2014 - [0] D -- C:\Users\samir\AppData\Roaming\rmi
O43 - CFD: 04/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Skype
O43 - CFD: 10/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Smadav
O43 - CFD: 30/08/2015 - [] D -- C:\Users\samir\AppData\Roaming\Sun
O43 - CFD: 17/01/2015 - [0] D -- C:\Users\samir\AppData\Roaming\systweak =>Superfluous.Systweak
O43 - CFD: 03/06/2015 - [] D -- C:\Users\samir\AppData\Roaming\TapinRadio
O43 - CFD: 21/11/2015 - [] D -- C:\Users\samir\AppData\Roaming\TeamViewer
O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\TechSmith
O43 - CFD: 29/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\TeraCopy
O43 - CFD: 06/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Thinstall
O43 - CFD: 02/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Tomabo
O43 - CFD: 14/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\TuneUp Software
O43 - CFD: 03/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\TXWiFiDriver
O43 - CFD: 08/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\uTorrent
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Video Converter Pro
O43 - CFD: 03/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\videorecord
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\vlc
O43 - CFD: 30/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\VOS
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\WinAVI
O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\WinRAR
O43 - CFD: 07/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Xilisoft
O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Yandex
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\ZHP
O43 - CFD: 20/12/2014 - [] D -- C:\Users\samir\AppData\Local\4kdownload.com
O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Local\8pecxstudios
O43 - CFD: 24/07/2015 - [0] D -- C:\Users\samir\AppData\Local\Adobe
O43 - CFD: 05/07/2015 - [] D -- C:\Users\samir\AppData\Local\Ahead
O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Local\Aiseesoft Studio
O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\Application Data
O43 - CFD: 21/01/2015 - [] D -- C:\Users\samir\AppData\Local\ashampoo
O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Local\assembly
O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Local\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Local\Chromium
O43 - CFD: 17/11/2014 - [0] D -- C:\Users\samir\AppData\Local\CrashDumps
O43 - CFD: 18/05/2015 - [0] D -- C:\Users\samir\AppData\Local\Diagnostics
O43 - CFD: 06/10/2014 - [] D -- C:\Users\samir\AppData\Local\Downloaded Installations
O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Local\ElevatedDiagnostics
O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieBrowserModeList
O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieSiteList
O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieUserList
O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Local\ESET
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\FastStone
O43 - CFD: 29/07/2014 - [] D -- C:\Users\samir\AppData\Local\Folderico
O43 - CFD: 03/11/2014 - [] D -- C:\Users\samir\AppData\Local\Google
O43 - CFD: 09/06/2015 - [] D -- C:\Users\samir\AppData\Local\GWX
O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\History
O43 - CFD: 29/12/2015 - [] D -- C:\Users\samir\AppData\Local\Ibsoft
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Local\Isoplex
O43 - CFD: 16/07/2014 - [] D -- C:\Users\samir\AppData\Local\Macromedia
O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Local\Mega Limited
O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Local\MEGAsync
O43 - CFD: 17/03/2015 - [] D -- C:\Users\samir\AppData\Local\Microsoft
O43 - CFD: 17/12/2014 - [0] DC -- C:\Users\samir\AppData\Local\MigWiz
O43 - CFD: 21/11/2014 - [] D -- C:\Users\samir\AppData\Local\Moonchild Productions
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Local\Movavi
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\Mozilla
O43 - CFD: 11/07/2015 - [] D -- C:\Users\samir\AppData\Local\MyLanViewer
O43 - CFD: 22/12/2014 - [] D -- C:\Users\samir\AppData\Local\Netscape
O43 - CFD: 08/04/2015 - [] D -- C:\Users\samir\AppData\Local\node-webkit
O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Local\Opera Software
O43 - CFD: 06/08/2015 - [] D -- C:\Users\samir\AppData\Local\Packages
O43 - CFD: 16/11/2014 - [] D -- C:\Users\samir\AppData\Local\PCSX2
O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Local\PopcornTimeDesktop
O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\Programs
O43 - CFD: 04/12/2014 - [] D -- C:\Users\samir\AppData\Local\Rohos
O43 - CFD: 03/08/2014 - [] D -- C:\Users\samir\AppData\Local\Skype
O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Local\TechSmith
O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Local\Temp
O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\Temporary Internet Files
O43 - CFD: 15/10/2014 - [] D -- C:\Users\samir\AppData\Local\TSR_Software_-_www.tsr-so
O43 - CFD: 14/01/2015 - [] D -- C:\Users\samir\AppData\Local\TuneUp Software
O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Local\VirtualStore
O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Local\VS Revo Group
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Local\WinAVI
O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Local\Yandex
O43 - CFD: 05/02/2015 - [] D -- C:\Users\samir\AppData\Local\Zemana
O43 - CFD: 18/03/2014 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22/08/2013 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11/03/2015 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 22/09/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Soft
O43 - CFD: 28/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Messenger
O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox (x86)
O43 - CFD: 06/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hide Folders
O43 - CFD: 07/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hide Folders 2012
O43 - CFD: 01/05/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 22/08/2013 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
O43 - CFD: 03/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My WIFI Router
O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
O43 - CFD: 01/05/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
O43 - CFD: 22/12/2015 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/11/2014 - [] HD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
O43 - CFD: 18/03/2014 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 10/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 20/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVI All-in-One Converter
O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ Latest files created in Prefetcher (1) - 13s
O45 - LFCP:[MD5.3074FC83EB9A0706A88445DB42835584] 29/12/2015 A -- C:\Windows\Prefetch\DRIVERGENIUS.EXE-6A44787C.pf =>.Superfluous.DriverGenius
---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s
O106 - SIOI: ###MegaShellExtPending [###MegaShellExtPending] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSynced [###MegaShellExtSynced] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSyncing [###MegaShellExtSyncing] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
---\\ System Drivers List (109) - 20s
O58 - SDL:2013/08/22 05:33:26 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [86368] =>.Microsoft Windows®
O58 - SDL:2015/12/19 18:44:38 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [37696] =>.Hewlett-Packard Company®
O58 - SDL:2013/08/22 05:33:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [773472] =>.Microsoft Windows®
O58 - SDL:2000/01/01 00:00:00 A . (.LSI Corporation - SoftModem Device Driver.) -- C:\Windows\System32\drivers\AGRSM.sys [1163328] =>.LSI Corporation
O58 - SDL:2013/08/22 05:33:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [72544] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:26 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [215392] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:24 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22880] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:26 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [101728] =>.Microsoft Windows®
O58 - SDL:2014/07/15 12:58:25 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [303200] =>.AVAST Software a.s.®
O58 - SDL:2012/10/18 09:12:06 A . (.AuthenTec, Inc. - AuthenTec Fingerprint Sensor WBF Driver.) -- C:\Windows\System32\drivers\ATSwpWDF.sys [971752] =>.AuthenTec, Inc.®
O58 - SDL:2014/09/25 18:32:08 A . (.AVG Technologies - .) -- C:\Windows\System32\drivers\avgtpx86.sys [42784] =>Toolbar.AVGSafeGuard
O58 - SDL:2015/12/19 18:45:19 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [415000] =>.Broadcom Corporation®
O58 - SDL:2013/10/28 16:02:14 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\drivers\bcbtums.sys [175320] =>.Broadcom Corporation®
O58 - SDL:2013/08/12 23:25:32 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [16088] =>.Broadcom Corporation®
O58 - SDL:2012/05/08 14:02:40 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL6.SYS [4269120] =>.Broadcom Corporation®
O58 - SDL:2013/07/01 16:50:16 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL63L.SYS [4715008] =>.Broadcom Corporation
O58 - SDL:2013/10/28 16:02:14 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys [144600] =>.Broadcom Corporation®
O58 - SDL:2014/12/05 17:26:56 A . (...) -- C:\Windows\System32\drivers\BurnCtrl.sys [20480]
O58 - SDL:2011/11/04 15:00:00 A . (.www.winchiphead.com - WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\drivers\CH341SER.SYS [39696] =>.www.winchiphead.com
O58 - SDL:2010/02/24 22:02:30 A . (.Hewlett-Packard Company - HP Tablet PC Key Button HID Driver.) -- C:\Windows\System32\drivers\CPQBTTN.sys [15544] =>.Hewlett-Packard Company®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.®
O58 - SDL:2015/07/30 11:41:36 A . (.ESET - ESET ELAM driver.) -- C:\Windows\System32\drivers\eelam.sys [14464] =>.Microsoft Windows Early Launch Anti-malware Publisher®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [146024] =>.ESET, spol. s r.o.®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.®
O58 - SDL:2013/03/04 09:25:00 A . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [30616] =>.Elaborate Bytes AG®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44608] =>.ESET, spol. s r.o.®
O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [56944] =>.ESET, spol. s r.o.®
O58 - SDL:2016/01/03 00:15:07 A . (...) -- C:\Windows\System32\drivers\EsgScanner.sys [19984] =>.Superfluous.SpyHunter
O58 - SDL:2010/10/08 08:55:06 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys [25856] =>.Huawei Tech. Co., Ltd.
O58 - SDL:2011/12/31 01:20:23 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys [199168] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/11/19 07:48:20 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys [379392] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2010/09/26 10:09:22 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [19200] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2010/07/27 01:52:02 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [102784] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/08/20 00:54:18 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [76544] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/08/20 00:54:18 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [96000] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/10/29 11:42:46 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [70272] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/08/20 00:54:19 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [27520] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/10/31 14:52:20 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [203776] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2012/10/30 04:42:15 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [11136] =>.Huawei Technologies Co., Ltd.
O58 - SDL:2011/06/03 22:59:14 A . (.FSPro Labs - FSPro File System Filter.) -- C:\Windows\System32\drivers\FSPFltd2.sys [51760] {5B4C9286D5437F09B40BEE7A9F6A6DC1} =>.FSPro Labs
O58 - SDL:2014/12/05 17:26:56 A . (.GiliSoft International LLC. - USB Lock Driver.) -- C:\Windows\System32\drivers\gsusblck.sys [17152]
O58 - SDL:2015/12/19 18:44:38 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [27968] =>.Hewlett-Packard Company®
O58 - SDL:2009/04/29 05:46:54 A . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys [15872] =>.Hewlett-Packard Development Company, L.P.
O58 - SDL:2013/08/22 05:33:29 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [56672] =>.Microsoft Windows®
O58 - SDL:2015/01/07 08:33:52 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX®
O58 - SDL:2013/07/23 21:18:30 AC . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\Windows\System32\drivers\iaiogpio.sys [22016] =>.Intel Corporation
O58 - SDL:2013/07/23 21:18:30 AC . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\Windows\System32\drivers\iaioi2c.sys [61936] =>.Intel Corporation
O58 - SDL:2013/08/10 00:39:44 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [524784] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2013/08/22 05:33:29 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [333664] =>.Microsoft Windows®
O58 - SDL:2015/04/18 01:06:24 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [122432] =>.Tonec Inc.®
O58 - SDL:2012/03/23 02:29:58 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4815872] =>.Intel Corporation
O58 - SDL:2008/05/15 03:28:44 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys [20384] =>.Atheros Communications, Inc.
O58 - SDL:2014/10/08 17:50:16 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi.sys [81768] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2014/10/08 17:50:17 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi64.sys [56680] =>.Beijing Kingsoft Security software Co.,Ltd®
O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [94048] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [79712] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [68960] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [69472] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] =>.Malwarebytes Corporation®
O58 - SDL:2016/01/09 19:00:30 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] =>.Malwarebytes Corporation®
O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51552] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [464736] =>.Microsoft Windows®
O58 - SDL:2010/08/05 23:42:34 A . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\drivers\mod7700.sys [861696]
O58 - SDL:2013/08/22 05:33:32 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [58208] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:20 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] =>.Malwarebytes Corporation®
O58 - SDL:2013/06/18 18:30:37 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28u.sys [1696528] =>.Mediatek Inc.®
O58 - SDL:2013/03/01 01:48:42 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] =>.Riverbed Technology, Inc.®
O58 - SDL:2013/08/22 05:33:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [120160] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:33 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [141664] =>.Microsoft Windows®
O58 - SDL:2014/12/05 17:27:07 A . (.Gili Soft Inc. - EXE Lock Kernel Modual.) -- C:\Windows\System32\drivers\ProgLock.sys [35712]
O58 - SDL:2009/12/30 10:21:18 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [27192] =>.VS Revo Group®
O58 - SDL:2009/06/26 07:21:54 R . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187.sys [346624] =>.Realtek Semiconductor Corporation
O58 - SDL:2013/04/18 08:51:04 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [113608] =>.Power Software Ltd®
O58 - SDL:2013/08/22 08:16:47 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2013/08/22 05:32:56 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [41312] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:32:57 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [79200] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:32:57 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [26976] =>.Microsoft Windows®
O58 - SDL:2010/06/04 00:18:58 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [1303728] =>.Synaptics Incorporated®
O58 - SDL:2013/08/22 12:40:22 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [35288] =>.OpenVPN Technologies, Inc.®
O58 - SDL:2014/12/01 09:18:42 A . (.Nanjing Tongxiang Network Technology Co.,LTD - TX WiFi NAT Driver.) -- C:\Windows\System32\drivers\txwifinat.sys [31152] {6AC8AF24C602CB90FE71875F1C4CEC80}
O58 - SDL:2007/09/23 23:00:00 A . (.WCH - WDM for USB serial, by W.ch.) -- C:\Windows\System32\drivers\USBSER34.SYS [37456]
O58 - SDL:2015/07/20 12:50:16 A . (.Gili Soft INC. - USB Stick Encryption Driver.) -- C:\Windows\System32\drivers\usedisk.sys [17408]
O58 - SDL:2014/09/09 18:34:28 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [741488] =>.Oracle Corporation®
O58 - SDL:2014/09/09 18:32:52 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [117272] =>.Oracle Corporation®
O58 - SDL:2012/12/19 14:35:16 A . (.Oracle Corporation - VirtualBox USB Driver.) -- C:\Windows\System32\drivers\VBoxUSB.sys [84904] =>.Oracle Corporation®
O58 - SDL:2014/09/09 18:32:52 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [105472] =>.Oracle Corporation®
O58 - SDL:2013/07/24 15:03:04 A . (.Elaborate Bytes AG - Virtual CloneDrive storage miniport.) -- C:\Windows\System32\drivers\VClone.sys [29696] =>.Elaborate Bytes AG
O58 - SDL:2013/08/22 05:33:00 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [18272] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:01 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\drivers\vsmraid.sys [148832] =>.Microsoft Windows®
O58 - SDL:2013/08/22 05:33:01 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [276832] =>.Microsoft Windows®
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO.SYS [33968]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO404.SYS [34688]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO412.SYS [35552]
O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO804.SYS [34688]
O58 - SDL:2013/08/26 10:52:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [15576] =>.MiniTool Solution Ltd®
O58 - SDL:2013/08/26 10:52:50 N . (...) -- C:\Windows\System32\pwdspio.sys [10200] =>.MiniTool Solution Ltd®
---\\ Last modified or created user files (1) - 49s
O61 - LFC: 2016/01/05 11:20:23 A . (..) -- C:\Users\samir\AppData\Local\Microsoft\Windows\2057\StructuredQuerySchema.bin [375495]
---\\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (4) - 7s
O69 - SBI: prefs.js [samir - fjqwa8wn.default] user_pref("avg.install.newtab", true); =>Toolbar.AVGSearch
O69 - SBI: prefs.js [samir - fjqwa8wn.default] user_pref("browser.search.order.1", "Ask.com"); =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Yandex) - http://yandex.ru/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Search Svchost Services (36) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [161792] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) -- C:\Windows\System32\certprop.dll [126976] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) -- C:\Windows\System32\certprop.dll [126976] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [250368] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1212928] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [734208] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [822784] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Log-on Service DLL.) -- C:\Windows\System32\seclogon.dll [24064] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [89600] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [115712] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [93696] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1015808] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [185856] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [74752] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [108032] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [191488] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [296448] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [75264] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [41984] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [1245184] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [367104] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [297984] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [167424] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [142848] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [95232] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [461824] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [183296] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [58368] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [390144] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [254464] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [3066880] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [734208] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [576512] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [155648] =>.Microsoft Corporation
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [76096] =>.Microsoft Windows®
---\\ Firewall Active Exception List (5) - 4s
O87 - FAEL: "{DC64C73B-6AED-46D8-9FC3-62F85CC808DE}" [In-None-P17-TRUE] .(.Tx-Network - My WIFI Router.) -- C:\Program Files\Wi-Fi\Wi-Fi.exe {6AC8AF24C602CB90FE71875F1C4CEC80}
O87 - FAEL: "{17FF39AF-6791-4F04-871B-8582E55D6C71}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
O87 - FAEL: "{D6861116-1C48-4A36-8F9F-64932EC4ED3B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
O87 - FAEL: "{53B50F2C-1871-446A-8D2F-053C9D0DB517}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
O87 - FAEL: "{26AC10E5-0E72-4B89-A686-8B98CBAC735B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe
---\\ Services not Microsoft (SR=Run, SS=Stop) (30) - 64s
SS - Demand [29/12/2015] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [04/11/2015] [ 827680] Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology®
SR - Auto [01/01/2000] [ 26112] Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe =>.LSI Corporation®
SR - Auto [28/10/2013] [ 1680088] @oem2.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Manageme (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe =>.Broadcom Corporation®
SS - Demand [12/01/2010] [ 227896] Com4QLBEx (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe =>.Hewlett-Packard Company®
SR - Auto [19/11/2015] [ 1983424] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SR - Auto [06/10/2014] [ 69408] FSPro Filter Service 2 (fsproflt2) . (.FSPro Labs.) - C:\Windows\System32\fsproflt2.exe {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs
SS - Demand [30/04/2009] [ 229944] hpqwmiex (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe =>.Hewlett-Packard Company®
SR - Auto [19/12/2015] [ 27968] @oem54.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company®
SR - Auto [14/03/2011] [ 271712] HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2008.) - C:\ProgramData\DatacardService\HWDeviceService.exe =>.HUAWEI Technologies Co., Ltd.®
SR - Auto [26/09/2008] [ 188416] JumpStart Push-Button Service (jswpbapi) . (.Atheros Communications, Inc..) - C:\Program Files\Jumpstart\jswpbapi.exe =>.Atheros Communications, Inc.
SS - Demand [26/09/2008] [ 954368] JumpStart Wi-Fi Protected Setup (jswpsapi) . (.Atheros Communications, Inc..) - C:\Program Files\Jumpstart\jswpsapi.exe =>.Atheros Communications, Inc.
SR - Auto [10/11/2015] [ 2934048] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology®
SR - Auto [27/11/2015] [ 1872808] Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon.) - C:\Program Files\Maxthon3\Modules\Service\Update\MaxthonUpdateSvc.exe =>.Maxthon (Asia) Limited.®
SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SR - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Auto [12/11/2012] [ 657504] Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe =>.Huawei Technologies Co., Ltd.®
SS - Demand [24/07/2015] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [18/11/2014] [ 47464] MyWiFiRouterDHCP (MyWiFiRouterDHCP) . (...) - C:\Program Files\Wi-Fi\WiFiGxSvc.exe {6AC8AF24C602CB90FE71875F1C4CEC80}
SS - Demand [29/06/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG®
SS - Demand [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe =>.Nero AG®
SS - Demand [14/11/2011] [ 442136] PCAutoShutdown_Service (PCAutoShutdown_Service) . (.GoldSolution Software, Inc..) - C:\Program Files\PC Auto Shutdown\ShutdownService.exe {5FDAFF1C5F7FF6330F6090FAA6CA4C47}
SS - Demand [30/06/2009] [ 40960] Realtek87L (Realtek87L) . (.Realtek.) - C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe =>.Realtek
SS - Demand [01/03/2013] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.®
SS - Demand [03/04/2014] [ 315008] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SR - Auto [21/09/2015] [ 1055008] StartMenu8 Service (StartMenuService) . (.IObit.) - C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology®
SR - Auto [22/03/2013] [ 91944] ULService (ULService) . (...) - C:\Program Files\GiliSoft\USB Lock\ULService.exe
SR - Auto [19/10/2015] [ 339968] (Update service) . (.Popcorn Time.) - C:\Program Files\Popcorn Time\Updater.exe =>.Popcorn Time
SS - Demand [25/09/2014] [ 1820184] (vToolbarUpdater18.1.9) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe =>Toolbar.AVGSafeGuard
---\\ Additional Scan (O88) (26) - 0s
C:\Windows\System32\Tasks\AutoKMS =>HackTool.AutoKMS
C:\Windows\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\Windows\System32\Tasks\LaunchSignup =>PUP.Optional.MyPCBackup
C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver =>PUP.Optional.DriverReviver
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1 =>Toolbar.QuickStores
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver =>PUP.Optional.DriverReviver
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1 =>Toolbar.QuickStores
HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKLM\SOFTWARE\Systweak =>Superfluous.Systweak
HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\ProgramData\APN =>Toolbar.Ask
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\Systweak =>Superfluous.Systweak
C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\samir\AppData\Roaming\Easeware =>.Superfluous.Easeware
C:\Users\samir\AppData\Roaming\QuickStoresToolbar =>Toolbar.QuickStores
C:\Users\samir\AppData\Roaming\RHEng =>PUP.Optional.Conduit
C:\Users\samir\AppData\Roaming\systweak =>Superfluous.Systweak
C:\Users\samir\AppData\Local\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
C:\Windows\Prefetch\DRIVERGENIUS.EXE-6A44787C.pf =>.Superfluous.DriverGenius
---\\ Summary of the elements found (14) - 0s
http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS
http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico
http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DriverReviver
http://www.nicolascoolman.fr/?p=4664 =>Toolbar.QuickStores
http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSearch
http://www.nicolascoolman.fr/pup-systweak/ =>Superfluous.Systweak
http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Easeware
http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.DriverGenius
~ End of the scan, 21236 items in 00h04mn55s (1148)(0)