Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.1.22.19 By Nicolas Coolman (2016/01/22)
~ Run by حاج (Administrator) (2016/01/24 23:03:24)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\حاج\Desktop\ZHPDiag.txt
~ Report: C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 32-bit (Build 7600)
---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v48.0.2564.82
OPIE: Opera 34.0.2036.50
MSIE: Internet Explorer v8.0.7600.16385
---\\ Windows Product Information (5) - 0s
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System protection software (3) - 2s
ESET Smart Security v9.0.318.24
Malwarebytes Anti-Malware version 2.2.0.1024
Windows Defender W7 (Activate)
---\\ Surveillance software (2) - 3s
Adobe Flash Player 20 PPAPI
Adobe Reader XI
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3110.404 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 49 GB () free of 76 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: ZIZO-PC
~ User Name: حاج
~ Logged in as Administrator
---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 49 GB free of 76 GB (System)
~ Drive D: has 190 GB free of 199 GB
~ Drive E: has 179 GB free of 199 GB
---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (25) - 0s
[MD5.15BC38A7492BEFE831966ADB477CF76F] - 14/07/2009 - (.Microsoft Corporation - مستكشف Windows.) -- C:\Windows\Explorer.exe [2613248] =>.Microsoft Corporation
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - عملية مضيف Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - تطبيق بدء تشغيل Windows.) -- C:\Windows\System32\Wininit.exe [96256] =>.Microsoft Corporation
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - 14/07/2009 - (.Microsoft Corporation - ملحقات إنترنت لـ Win32.) -- C:\Windows\System32\wininet.dll [977920] =>.Microsoft Corporation
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - 14/07/2009 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\Windows\System32\Winlogon.exe [285696] =>.Microsoft Corporation
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - 14/07/2009 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\Windows\System32\sppcomapi.dll [193024] =>.Microsoft Corporation
[MD5.6D5A49D6479EB753C7879F73A4C35E0F] - 14/07/2009 - (.Microsoft Corporation - مكتبة الارتباط الديناميكي لواجهة برمجة تطبي.) -- C:\Windows\System32\dnsapi.dll [269824] =>.Microsoft Corporation
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - 14/12/2009 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - 14/07/2009 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - 14/07/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - 14/07/2009 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] =>.Microsoft Corporation
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - 14/07/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - 14/07/2009 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123392] =>.Microsoft Corporation
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - 14/07/2009 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] =>.Microsoft Corporation
[MD5.3795DCD21F740EE799FB7223234215AF] - 14/07/2009 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1210432] =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - 14/07/2009 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133120] =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation
[MD5.CB39E896A2A83702D1737BFD402B3542] - 14/07/2009 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74240] =>.Microsoft Corporation
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوح.) -- C:\Windows\System32\drivers\volsnap.sys [245328] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (8) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: (ADSafeSvc) . (...) - C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.)
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe =>.Even Balance, Inc.®
O23 - Service: TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation - TechSmith Uploader Service.) - C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe =>.TechSmith Corporation
---\\ Services not Microsoft (SR=Run, SS=Stop) (21) - 12s
SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [20/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Demand [06/04/2010] [ 31272] AppleChargerSrv (AppleChargerSrv) . (...) - C:\Windows\System32\AppleChargerSrv.exe =>.Giga-Byte Technology®
SS - Disabl [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe {62039EBD474840AA18E634E17D28533C} =>.WIBU-SYSTEMS AG
SS - Demand [05/11/2013] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [09/10/2015] [ 1971968] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SS - Auto [21/09/2015] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [21/09/2015] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SS - Demand [04/04/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe =>.Macrovision Corporation
SS - Disabl [27/08/2013] [ 595968] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
SS - Disabl [27/08/2013] [ 642520] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
SS - Disabl [16/09/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SS - Disabl [16/09/2013] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SS - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SR - Auto [15/01/2016] [ 66872] PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe =>.Even Balance, Inc.®
SR - Auto [26/01/2015] [ 3408384] TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation.) - C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe =>.TechSmith Corporation
SS - Demand [27/12/2015] [ 1343400] @C:\Windows\system32\Wat\WatUX.exe,-601 (WatAdminSvc) . (...) - C:\Windows\System32\Wat\WatAdminSvc.exe
SS - Demand [02/10/2015] [ 13264] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo32.dll =>.Lespeed Technology Ltd.®
---\\ Task Planned Automatically (34) - 5s
[MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] =>.Adobe Systems, Incorporated®
[MD5.EE8801B157A7E079E3C587718932197E] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [1163968] =>.Adobe Systems Incorporated®
[MD5.93FA6CC96875A330E4B208C0A701BBD8] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated®
[MD5.13ECAC1C51CC00147BD06B5ABF142956] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- D:\CCleaner.exe [4529944] =>.Piriform Ltd®
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.0CEEBA2861EAE04BCA8672014DC7F429] [APT] [Opera scheduled Autoupdate 1453478398] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [696952] =>.Opera Software ASA®
[MD5.00000000000000000000000000000000] [APT] [SyneiStart] (...) -- D:\SystemUtilities\SystemUtilities.exe (.not file.) [0]
[MD5.56C0D9B869C4DB7B2270C68F99E0D007] [APT] [TechSmith Updater] (.TechSmith Corporation.) -- C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56640] =>.TechSmith Corporation®
[MD5.00000000000000000000000000000000] [APT] [Wise Care 365] (...) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Wise Turbo Checker] (...) -- C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{567F472B-3B6C-4A35-8AA5-37EAD16E1852}] (...) -- D:\Malwarebytes Anti-Malware\mbam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{838989A2-628A-4E18-9AD7-2918E6EB933E}] (...) -- D:\Pro Evolution Soccer 2016\PES2016.exe (.not file.) [0]
[MD5.3CE1456CE9D67C59CCF6E7D9D3C0A2A3] [APT] [{9513CA4A-B30B-47A4-864E-71B9D159677F}] (.Copyright (C) 2006.) -- C:\Program Files\GIGABYTE\@BIOS\BIOS_Run.exe [207680] {31CB9D6D1714A92F6A11D815A80ABDA6}
[MD5.00000000000000000000000000000000] [APT] [{ABE3EB9A-126E-491E-95A0-37BACD49B747}] (...) -- C:\Users\¥ں¤\Downloads\Programs\snagit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D2184A61-62D4-459A-AA80-9AD01A444C78}] (...) -- D:\Recover My Files v5\RecoverMyFiles.exe (.not file.) [0]
[MD5.0CCB618B6788A5083F85DF4179281E8A] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [665616] =>.AVAST Software a.s.®
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [826] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [830] =>.Google Inc.
O39 - APT: Wise Care 365 - (...) -- C:\Windows\Tasks\Wise Care 365.job [394] (.Orphean.)
O39 - APT: Wise Turbo Checker - (...) -- C:\Windows\Tasks\Wise Turbo Checker.job [374] (.Orphean.)
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3874] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3880] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2722] =>.Piriform Ltd
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3574] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3826] =>.Google Inc.
O39 - APT: Opera scheduled Autoupdate 1453478398 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453478398 [3818] =>.Opera Software
O39 - APT: SyneiStart - (...) -- C:\Windows\System32\Tasks\SyneiStart [3508] (.Orphean.)
O39 - APT: TechSmith Updater - (.TechSmith Corporation.) -- C:\Windows\System32\Tasks\TechSmith Updater [3774] =>.TechSmith Corporation
O39 - APT: Wise Care 365 - (...) -- C:\Windows\System32\Tasks\Wise Care 365 [2816] (.Orphean.)
O39 - APT: Wise Turbo Checker - (...) -- C:\Windows\System32\Tasks\Wise Turbo Checker [3038] (.Orphean.)
---\\ Process running (17) - 0s
[MD5.05D36FCAB501C67DEA797FAFB5C42AC5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1971968] [PID.796] =>.ESET, spol. s r.o.®
[MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1672] =>.Adobe Systems, Incorporated®
[MD5.86701B8E4C53280AA8642AC85F8500F4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1776] =>.Malwarebytes Corporation®
[MD5.968EDA6EA6E00DFAE78586BFA6322B74] - (.VIA Technologies, Inc. - usbmonitor.) -- C:\VIA_XHCI\usb3Monitor.exe [331776] [PID.1268] =>.VIA Technologies, Inc.
[MD5.7DC16FAEA44C8D96A1C113305A4059A2] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe [245576] [PID.1500] =>.Google Inc®
[MD5.831883B107684301F48ACE752C963984] - (...) -- C:\Windows\System32\PnkBstrA.exe [66872] [PID.2096] =>.Even Balance, Inc.®
[MD5.439BD966130226F464DC15F55ABD266E] - (.TechSmith Corporation - TechSmith Uploader Service.) -- C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384] [PID.2148] =>.TechSmith Corporation
[MD5.E0ED4A85D35E3874A85A25C222326B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5532872] [PID.2868] =>.ESET, spol. s r.o.®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3684] =>.Opera Software ASA®
[MD5.164B5AE6885EEA05BAA8B0219209873A] - (.Opera Software - Opera crash-reporter.) -- C:\Program Files\Opera\34.0.2036.50\opera_crashreporter.exe [504952] [PID.3696] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3808] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3844] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3852] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3860] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3892] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.1100] =>.Opera Software ASA®
[MD5.D44A4269EA2773520990A5076ABE7431] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\حاج\Desktop\ZHPDiag3.exe [2088960] [PID.716] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (24) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients4.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh5.googleusercontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s2.googleusercontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mysites123.com/ =>PUP.Optional.Mysites123
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.yoursearching.com/ =>PUP.Optional.YourSearching
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__ =>.AdblocPlus Plugin
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [enmofgaijnbjpblfljopnpdogpldapoc] Disable Youtube™ HTML5 Player
G2 - GCE: Preference [User Data\Default] [hkihmgfcedmdoaogcjdljeeacngbhinc] JavaScript Editey
G2 - GCE: Preference [User Data\Default] [lnkdbjbjpnpjeciipoaflmpcddinpjjp] SmartVideo For YouTube™
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [oadiaahhieelhhffeofkdchgfpjehjok] __MSG_ext_name__
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Opera, Plugins,Start,Search (3) - 0s
B2 - EXT: [hotboom] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\aejcgigcjcdcbdkdbeiclbpekcjddapp
B2 - EXT: [IDM Integration Module] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek
B2 - EXT: [Opera Stable] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp
---\\ Internet Explorer Extensions, Start, Search (12) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Browser Helper Object (BHO) (3) - 1s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Internet Explorer Toolbars (2) - 0s
O3 - Toolbar: 0x07000000EE0300007E69791EC59CD111A83F00C04FC99D612001000004000000EF0300007E69791EC59CD111A83F00C04FC99D612101000004000000F00300007E69791EC59CD111A83F00C04FC99D613001000004000000 - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.)
O3 - Toolbar: 0x07000000F40300007E69791EC59CD111A83F00C04FC99D612001000000000000F50300007E69791EC59CD111A83F00C04FC99D612101000000000000F70300007E69791EC59CD111A83F00C04FC99D612501000004000000 - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} . (...) -- (.not file.)
---\\ Auto loading programs from Registry and folders (7) - 0s
O4 - HKLM\..\Run: [VIAxHCUtl] . (.VIA Technologies, Inc. - usbmonitor.) -- C:\VIA_XHCI\usb3Monitor.exe =>.VIA Technologies, Inc.
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1322463913-1858526958-1247835930-1000\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
---\\ Global shortcuts Startup (81) - 4s
O4 - GS\Desktop [Administrator]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [Administrator]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [Administrator]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [Administrator]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Administrator]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Administrator]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [Administrator]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [Administrator]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [Administrator]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Desktop [ckztzidwxcii]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [ckztzidwxcii]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [ckztzidwxcii]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [ckztzidwxcii]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [ckztzidwxcii]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [ckztzidwxcii]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [ckztzidwxcii]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [ckztzidwxcii]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [ckztzidwxcii]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [ckztzidwxcii]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [ckztzidwxcii]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [ckztzidwxcii]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [ckztzidwxcii]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [ckztzidwxcii]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [ckztzidwxcii]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [ckztzidwxcii]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [ckztzidwxcii]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [ckztzidwxcii]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Desktop [Guest]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [Guest]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [Guest]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [Guest]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Guest]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Guest]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [Guest]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [Guest]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [Guest]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Desktop [حاج]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [حاج]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [حاج]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [حاج]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [حاج]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [حاج]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [حاج]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [حاج]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [حاج]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [حاج]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [حاج]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [حاج]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [حاج]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [حاج]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [حاج]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [حاج]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [حاج]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [حاج]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\CommonDesktop [Public]: Camtasia Studio 8.lnk . (.TechSmith Corporation - Camtasia Studio.) C:\Program Files\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Google Earth.lnk . (.Google - Google Earth.) C:\Program Files\Google\Google Earth\client\googleearth.exe =>.Google
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\CommonDesktop [Public]: Pro Evolution Soccer 2016.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2016.) E:\Pro Evolution Soccer 2016\PES2016.exe =>.Konami Digital Entertainment Co., Ltd.
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) D:\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (...) C:\Users\حاج\Desktop\Tor Browser\Browser\firefox.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc
---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12249DC2-1D4F-4D85-B0F1-466F9491568B}: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12249DC2-1D4F-4D85-B0F1-466F9491568B}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45C81CE6-475B-4267-813A-A677182F772F}: DhcpNameServer = 192.168.8.1 192.168.8.1
---\\ Extra protocols (25) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Software installed (41) - 8s
O42 - Logiciel: @BIOS - (.GIGABYTE.) [HKLM] -- {B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83} =>.Gigabyte
O42 - Logiciel: Adobe Flash Player 20 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.14) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated
O42 - Logiciel: AutoGreen B12.0206.1 - (.GIGABYTE.) [HKLM] -- {C75FAD21-EC08-42F3-92D6-C9C0AB355345} =>.Gigabyte
O42 - Logiciel: AutoGreen B12.0206.1 - (.GIGABYTE.) [HKLM] -- InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345} =>.Gigabyte
O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM] -- {A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0} =>.TechSmith Corporation
O42 - Logiciel: Counter-strike 1.6 original - (...) [HKCU] -- Counter-strike 1.6 original
O42 - Logiciel: Easy Tune 6 B13.0924.2 - (.GIGABYTE.) [HKLM] -- {457D7505-D665-4F95-91C3-ECB8C56E9ACA} =>.Gigabyte
O42 - Logiciel: Easy Tune 6 B13.0924.2 - (.GIGABYTE.) [HKLM] -- InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA} =>.Gigabyte
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {993949EA-4382-4C42-A8B0-16FB3D4F8CF8} =>.ESET, spol. s r.o.
O42 - Logiciel: FormatFactory 3.8.0.0 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {1C3D2F92-D25E-4D98-B810-3F3B0857BF26} =>.Google, Inc.
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {6F545E5E-4595-11E2-93B6-B8AC6F97B88E} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM] -- {20D55630-5D12-4297-841C-D3165374ECEE} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: ON_OFF Charge 2 B13.1028.1 - (.GIGABYTE.) [HKLM] -- {6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A} =>.Gigabyte
O42 - Logiciel: ON_OFF Charge 2 B13.1028.1 - (.GIGABYTE.) [HKLM] -- InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A} {5C689B877816AEFFB17C54B08E755785} =>.Gigabyte
O42 - Logiciel: Opera Stable 34.0.2036.50 - (.Opera Software.) [HKLM] -- Opera 34.0.2036.50 =>.Opera Software ASA®
O42 - Logiciel: Platform - (.VIA Technologies, Inc..) [HKLM] -- {20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc.
O42 - Logiciel: Pro Evolution Soccer 2016 version 1.1.0 - (.dzrepack games.) [HKLM] -- Pro Evolution Soccer 2016_is1
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek Ethernet Diagnostic Utility - (.Realtek.) [HKLM] -- {DADC7AB0-E554-4705-9F6A-83EA82ED708E} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.
O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM] -- Registry Trash Keys Finder =>.SNC
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM] -- {4FC332FE-CBE3-4AE0-B531-35048FD81912} =>.TechSmith Corporation
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM] -- {ec29af82-9c9e-420e-ab18-53821c36ac3c} =>.TechSmith Corporation®
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc.
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
---\\ HKCU & HKLM Software Keys (141) - 8s
HKLM\SOFTWARE\8169Diag
HKLM\SOFTWARE\AAA Internet Publishing
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\AS_Mubashir
HKLM\SOFTWARE\Atheros
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\AutoClearCookies
HKLM\SOFTWARE\AVG
HKLM\SOFTWARE\AviSynth
HKLM\SOFTWARE\Blimey! Games
HKLM\SOFTWARE\Chromium
HKLM\SOFTWARE\Creative Tech
HKLM\SOFTWARE\Digeus
HKLM\SOFTWARE\DownloadCenter
HKLM\SOFTWARE\Dropbox
HKLM\SOFTWARE\DropboxUpdate
HKLM\SOFTWARE\DRWIsUpgrade
HKLM\SOFTWARE\EASEUS
HKLM\SOFTWARE\Eidos
HKLM\SOFTWARE\EnigmaSoftwareGroup
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Fraps
HKLM\SOFTWARE\Gigabyte
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\HitmanPro
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\IObit
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KONAMIPES6
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mtcaMyciloP
HKLM\SOFTWARE\Nuance
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\PES 2016 Selector Tool
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\RTLSetup
HKLM\SOFTWARE\Rtp
HKLM\SOFTWARE\SNC
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SRS Labs
HKLM\SOFTWARE\Stellar Information Systems Ltd.
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Top4top
HKLM\SOFTWARE\Tukero[X]Team
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\Unchecky
HKLM\SOFTWARE\Valve
HKLM\SOFTWARE\VIA Technologies, Inc
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WIBU-SYSTEMS
HKLM\SOFTWARE\Windows X
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\WiseCleaner
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Even Balance
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\ADSafe4
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\CatalinaGroup
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Crystal Reality
HKCU\SOFTWARE\DownloadCenter
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\DropboxUpdate
HKCU\SOFTWARE\Enigma Protector
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\file repair
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\Gibson Research
HKCU\SOFTWARE\Gigabyte
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\GoldWave
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HWiNFO32
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\InstallShield
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\mixlr
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Resplendence Sp
HKCU\SOFTWARE\Rtp
HKCU\SOFTWARE\SmartDeblur
HKCU\SOFTWARE\Synei
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Teorex
HKCU\SOFTWARE\TomsGuide
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Tukero[X]Team
HKCU\SOFTWARE\Unchecky
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WASEL Pro VPN Service
HKCU\SOFTWARE\Windows X
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Xirrus
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Unity
---\\ Contents of the Common Files folders (229) - 16s
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files\ADSafe
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Adware Removal Tool by TSA
O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\AMD
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\ApeeeGoSoft
O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\AVG
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\CodeMeter {62039EBD474840AA18E634E17D28533C}
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Core Temp
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Counter-strike 1.6 original
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 20/01/2016 - [] D -- C:\Program Files\dzrepack games
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\EaseUS
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Enigma Software Group =>.Superfluous.SpyHunter
O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\FormatFactory =>.chen jun hao®
O43 - CFD: 26/09/2015 - [0] D -- C:\Program Files\FreeTime
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\GetData
O43 - CFD: 09/10/2015 - [] D -- C:\Program Files\GIGABYTE
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 31/12/2015 - [0] D -- C:\Program Files\Hostless Modem
O43 - CFD: 12/01/2016 - [] HD -- C:\Program Files\InstallShield Installation Information =>.Macrovision Corporation®
O43 - CFD: 28/12/2015 - [] D -- C:\Program Files\Intel =>.Intel Corporation - Software and Firmware Products®
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc.®
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Maxthon
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\MiniToolPhotoRecovery
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files\MSECache
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files\NicController
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Opera =>.Opera Software ASA®
O43 - CFD: 26/12/2015 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 10/10/2015 - [] D -- C:\Program Files\Realtek =>.Realtek Semiconductor Corp®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 21/01/2016 - [] D -- C:\Program Files\Synei {399F70E9618315D198E6BA0C59435A60}
O43 - CFD: 26/12/2015 - [] D -- C:\Program Files\TechSmith =>.TechSmith Corporation®
O43 - CFD: 17/09/2015 - [0] HD -- C:\Program Files\Temp
O43 - CFD: 07/01/2016 - [] D -- C:\Program Files\TNod
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files\TrashReg
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\UX Pack
O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\VIA
O43 - CFD: 20/01/2016 - [0] D -- C:\Program Files\WASEL Pro VPN Service
O43 - CFD: 20/01/2016 - [] D -- C:\Program Files\WhySoSlow =>.Daniel Terhell®
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 01/10/2015 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 10/10/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files\Wise =>.Lespeed Technology Ltd.®
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clear Cookies
O43 - CFD: 23/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dzrepack games
O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 02/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Booster
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 16/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GD Hardware Scan
O43 - CFD: 02/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
O43 - CFD: 01/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
O43 - CFD: 24/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 21/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synei System Utilities
O43 - CFD: 14/07/2009 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
O43 - CFD: 20/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toptv
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 20/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WASEL Pro VPN Service
O43 - CFD: 10/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 28/09/2015 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 22/09/2015 - [] D -- C:\ProgramData\AutoClearCookies
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\AVG
O43 - CFD: 23/12/2015 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Dropbox
O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\ESET
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 17/09/2015 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\InstallShield
O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 22/01/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\MobiConnect
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Real
O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Steam
O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\Sun
O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 18/11/2015 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 18/11/2015 - [] D -- C:\ProgramData\Unchecky
O43 - CFD: 31/12/2015 - [0] D -- C:\ProgramData\ZDSupport
O43 - CFD: 17/09/2015 - [0] SHD -- C:\ProgramData\سطح المكتب
O43 - CFD: 17/09/2015 - [0] SHD -- C:\ProgramData\قائمة ابدأ
O43 - CFD: 01/10/2015 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\Common Files\AV
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 28/12/2015 - [] D -- C:\Program Files\Common Files\Intel
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 03/01/2016 - [0] D -- C:\Program Files\Common Files\Latlight
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\Common Files\postureAgent
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Common Files\TechSmith Shared
O43 - CFD: 27/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Adobe
O43 - CFD: 16/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\ADSafe3
O43 - CFD: 31/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AS
O43 - CFD: 08/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Audacity
O43 - CFD: 22/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AutoClearCookies
O43 - CFD: 23/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AVG
O43 - CFD: 18/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\com.nasser.huaweimanagerpc.main
O43 - CFD: 07/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\CrystalIdea Software
O43 - CFD: 13/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Digiarty
O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\DMCache
O43 - CFD: 21/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\DownloadNinja
O43 - CFD: 24/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Dropbox
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Foxit Software
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Identities
O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\IDM
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\InstallShield
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Macromedia
O43 - CFD: 06/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Maxthon3
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\حاج\AppData\Roaming\Media Center Programs
O43 - CFD: 19/01/2016 - [] SD -- C:\Users\حاج\AppData\Roaming\Microsoft
O43 - CFD: 02/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Mozilla
O43 - CFD: 16/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\MyTotalTV
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Opera Software
O43 - CFD: 29/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Orbit
O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Psiphon3
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Real
O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\SocialWebTechLTD
O43 - CFD: 10/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Soft Solutions
O43 - CFD: 26/11/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Sun
O43 - CFD: 26/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Synei
O43 - CFD: 26/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\TechSmith
O43 - CFD: 24/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Thinstall
O43 - CFD: 20/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Unity
O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\vlc
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\WinRAR
O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\ZHP
O43 - CFD: 16/10/2015 - [] D -- C:\Users\حاج\AppData\Local\AAA_Internet_Publishing,_
O43 - CFD: 26/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Adobe
O43 - CFD: 17/09/2015 - [0] SHD -- C:\Users\حاج\AppData\Local\Application Data
O43 - CFD: 17/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Apps
O43 - CFD: 25/09/2015 - [] D -- C:\Users\حاج\AppData\Local\assembly
O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Local\AVAST Software
O43 - CFD: 23/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Avg
O43 - CFD: 23/10/2015 - [] D -- C:\Users\حاج\AppData\Local\CatalinaGroup
O43 - CFD: 21/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Chromium
O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Local\CrashDumps
O43 - CFD: 25/12/2015 - [0] D -- C:\Users\حاج\AppData\Local\Deployment
O43 - CFD: 24/10/2015 - [0] D -- C:\Users\حاج\AppData\Local\Diagnostics
O43 - CFD: 18/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Downloaded Installations
O43 - CFD: 24/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Dropbox
O43 - CFD: 29/11/2015 - [] D -- C:\Users\حاج\AppData\Local\ESET
O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Local\game-debate
O43 - CFD: 17/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Geckofx
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Google
O43 - CFD: 17/09/2015 - [0] D -- C:\Users\حاج\AppData\Local\History
O43 - CFD: 09/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Intel_Corporation
O43 - CFD: 21/12/2015 - [] D -- C:\Users\حاج\AppData\Local\LTE-Anbieter.info
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Macromedia
O43 - CFD: 19/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Microsoft
O43 - CFD: 22/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Microsoft Games
O43 - CFD: 05/01/2016 - [0] D -- C:\Users\حاج\AppData\Local\Microsoft Help
O43 - CFD: 11/10/2015 - [] D -- C:\Users\حاج\AppData\Local\mixlr
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Mozilla
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Opera Software
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Programs
O43 - CFD: 12/01/2016 - [] D -- C:\Users\حاج\AppData\Local\PunkBuster
O43 - CFD: 12/12/2015 - [] D -- C:\Users\حاج\AppData\Local\RadioSure
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Real
O43 - CFD: 05/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Slimjet
O43 - CFD: 25/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Smart_PC_Soft
O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Local\TechSmith
O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Temp
O43 - CFD: 17/09/2015 - [0] D -- C:\Users\حاج\AppData\Local\Temporary Internet Files
O43 - CFD: 24/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Thinstall
O43 - CFD: 21/01/2016 - [0] D -- C:\Users\حاج\AppData\Local\Unity
O43 - CFD: 21/10/2015 - [] D -- C:\Users\حاج\AppData\Local\Video Enhancer
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\VirtualStore
O43 - CFD: 01/10/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/09/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/01/2016 - [0] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ApeeeGoSoft
O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 18/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-strike 1.6 original
O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 21/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 01/10/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
O43 - CFD: 24/01/2016 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 10/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Google Drive Shell extension [ GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc®
O106 - SIOI: Google Drive Shell extension [ GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc®
O106 - SIOI: Google Drive Shell extension [ GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - مكتبة DLL الخاصة بملحق Shell للتخزين المحسّ.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ ShareTools MSconfig StartupReg (14) - 0s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\download.ninja [Key] . (...) -- C:\Program Files\Ninja Download Manager\download.ninja.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation
O53 - SMSR:HKLM\...\startupreg\HSPALauncher [Key] . (...) -- C:\PROGRA~1\HSPAUS~1\HSPALA~1.EXE (.not file.)
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation
O53 - SMSR:HKLM\...\startupreg\ISUSPM Startup [Key] . (...) -- C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ISUSScheduler [Key] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe =>.InstallShield Software Corporation
O53 - SMSR:HKLM\...\startupreg\jswtrayutil [Key] . (...) -- C:\Program Files\Jumpstart\jswtrayutil.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MTview [Key] . (...) -- C:\Program Files\MTV20151125\MTView.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
---\\ System Drivers List (91) - 19s
O58 - SDL:2015/09/27 13:53:26 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\3B174BAD.sys [98520] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79952] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [23616] =>.Microsoft Windows®
O58 - SDL:2013/10/28 10:02:54 A . (...) -- C:\Windows\System32\drivers\AppleCharger.sys [19168] {5C689B877816AEFFB17C54B08E755785}
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] =>.Broadcom Corporation
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - برنامج تشغيل I/F التسلسلي لـ Brotehr (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] =>.Microsoft Windows®
O58 - SDL:2013/06/29 17:10:58 A . (.Mobile Connector - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\cmusbser.sys [103552] =>.Mobile Connector
O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] =>.Microsoft Windows®
O58 - SDL:2015/10/04 21:12:46 A . (.Phoenix Technologies - DriverAgent Direct I/O for 32-bit Windows.) -- C:\Windows\System32\drivers\DrvAgent32.sys [31832] =>PUP.Optional.eSupport
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [145512] =>.ESET, spol. s r.o.®
O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] =>.Microsoft Windows®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44608] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [56944] =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] =>.Broadcom Corporation
O58 - SDL:2015/10/05 01:34:29 A . (...) -- C:\Windows\System32\drivers\GVTDrv.sys [24944] {31CB9D6D1714A92F6A11D815A80ABDA6}
O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] =>.Microsoft Windows®
O58 - SDL:2015/10/04 21:07:19 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX®
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332352] =>.Microsoft Windows®
O58 - SDL:2015/12/29 13:18:10 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [124992] =>.Tonec Inc.®
O58 - SDL:2013/10/28 23:01:40 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [3354624] =>.Intel Corporation
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] =>.Microsoft Windows®
O58 - SDL:2008/05/15 03:28:44 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys [20384] =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] =>.Malwarebytes Corporation®
O58 - SDL:2016/01/24 20:37:13 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:16 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117312] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [142416] =>.Microsoft Windows®
O58 - SDL:2016/01/15 19:26:25 A . (...) -- C:\Windows\System32\drivers\PnkBstrK.sys [22328] =>.Even Balance, Inc.®
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] =>.Microsoft Windows®
O58 - SDL:2015/09/21 13:54:10 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) -- C:\Windows\System32\drivers\rspWhy32.sys [24832] =>.Daniel Terhell®
O58 - SDL:2011/09/29 10:30:32 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys [490088] =>.Realtek Semiconductor Corp®
O58 - SDL:2013/08/27 13:37:54 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2821336] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/06/15 14:11:20 RA . (.Realtek - Realtek NDIS Protocol Driver.) -- C:\Windows\System32\drivers\RtNdPt60.sys [33056] =>.Realtek Semiconductor Corp®
O58 - SDL:2012/07/03 13:32:00 RA . (.Realtek Corporation - Realtek NDIS 6.2 Intermediate Miniport Driv.) -- C:\Windows\System32\drivers\RtTeam620.sys [49808] =>.Realtek Semiconductor Corp®
O58 - SDL:2012/09/01 00:00:02 RA . (.Realtek Corporation - Realtek Virtual Miniport Driver for VLAN (N.) -- C:\Windows\System32\drivers\RtVlan620.sys [27792] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] =>.Microsoft Windows®
O58 - SDL:2012/06/28 08:49:48 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [26624] =>.The OpenVPN Project
O58 - SDL:2013/09/16 12:17:42 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriver.sys [85464] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2013/10/24 17:29:14 A . (...) -- C:\Windows\System32\drivers\UsbCharger.sys [20192] {5C689B877816AEFFB17C54B08E755785}
O58 - SDL:2013/03/19 17:04:20 A . (.VIA Technologies, Inc. - Framework Version of ViaHub3 Dynamic Bus En.) -- C:\Windows\System32\drivers\ViaHub3.sys [190976] =>.VIA Technologies, Inc.
O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] =>.Microsoft Windows®
O58 - SDL:2013/01/18 03:11:48 A . (.VIA Technologies, Inc. - VIA BulkOnly & UAS driver.) -- C:\Windows\System32\drivers\vusbstor.sys [73264] =>.VIA Technologies Inc.®
O58 - SDL:2013/03/19 17:04:14 A . (.VIA Technologies, Inc. - WDF Driver for VIA eXtensible Host Controll.) -- C:\Windows\System32\drivers\xhcdrv.sys [239104] =>.VIA Technologies, Inc.
O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:1996/04/03 20:33:26 A . (...) -- C:\Windows\System32\giveio.sys [5248]
O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:2011/03/18 17:08:54 A . (.Almico Software - SpeedFan x32 Driver.) -- C:\Windows\System32\speedfan.sys [25240] =>.Sokno S.R.L.®
---\\ Last modified or created user files (3) - 6s
O61 - LFC: 2016/01/22 02:02:57 A . (.embratoria.) -- C:\Users\حاج\Downloads\Programs\Embra3rdG_2.exe [7046739]
O61 - LFC: 2016/01/22 14:43:39 A . (..) -- C:\Users\حاج\AppData\LocalLow\Sun\Java\jre1.8.0_25\java_sp.dll [19157872]
O61 - LFC: 2016/01/24 20:19:29 A . (..) -- C:\Users\حاج\AppData\Local\TechSmith\SnagIt\Tray.bin [756]
---\\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - مشغل الأداة الإضافية لعارض الأحداث.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - محرر التسجيل.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe =>.Opera Software ASA®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software
---\\ Search Browser Infection (2) - 2s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Search Svchost Services (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة الخادم.) -- C:\Windows\System32\srvsvc.dll [168448] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll [591360] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [667136] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - خدمة صوت Windows.) -- C:\Windows\System32\audiosrv.dll [473088] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - إدارة الطلب التلقائي للوصول عن بُعد.) -- C:\Windows\System32\rasauto.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [285184] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - خدمة الإعلام بأحداث النظام (SENS).) -- C:\Windows\System32\Sens.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [241664] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [543232] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll [1912832] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - خدمة النقل الذكي في الخلفية.) -- C:\Windows\System32\qmgr.dll [589312] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [497152] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll [21504] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - خدمة معلومات التطبيقات.) -- C:\Windows\System32\appinfo.dll [46592] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - خدمة اكتشاف iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - خدمة جدولة فئات تعدد الوسائط.) -- C:\Windows\System32\mmcss.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll [61440] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [162816] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll [743424] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - خدمة تكوين سطح المكتب البعيد.) -- C:\Windows\System32\SessEnv.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة مستعرض الكم.) -- C:\Windows\System32\browser.dll [102400] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات نُسق Windo.) -- C:\Windows\System32\themeservice.dll [37376] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - خدمة BDE.) -- C:\Windows\System32\bdesvc.dll [76800] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll [149504] =>.Microsoft Corporation
---\\ Firewall Active Exception List (11) - 1s
O87 - FAEL: "TCP Query User{AAFBAC70-4177-4B73-A959-A067CF2454AF}E:\motogp2 by lmodni\motogp2_demo.exe" [In-None-P6-TRUE] .(...) -- E:\motogp2 by lmodni\motogp2_demo.exe (.not file.)
O87 - FAEL: "UDP Query User{72D74FBF-C8A6-4AB3-AC17-E86F265E3866}E:\motogp2 by lmodni\motogp2_demo.exe" [In-None-P17-TRUE] .(...) -- E:\motogp2 by lmodni\motogp2_demo.exe (.not file.)
O87 - FAEL: "{7C1C3029-4FC0-46BB-AABC-90EA32098630}" [In-None-P17-TRUE] .(...) -- C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe (.not file.)
O87 - FAEL: "{54A2F4EC-C67B-4E22-A5CA-35D7E94F62EC}" [In-None-P17-TRUE] .(...) -- C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe (.not file.)
O87 - FAEL: "{7526B7FE-CAF7-4837-8B00-E4FD48D8E495}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafe.exe (.not file.)
O87 - FAEL: "{B5C31490-575F-4E1D-9496-A4965AEFBDD6}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.)
O87 - FAEL: "{1A34E3C8-DD91-444B-A6A6-2A548FD8CC07}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.)
O87 - FAEL: "{C11A951A-B67B-4A03-B499-B6886B6E2266}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafe.exe (.not file.)
O87 - FAEL: "{A09C9B9E-6EDF-4E81-8A3D-8857BE8F5585}" [In-None-P6-TRUE] .(...) -- C:\Program Files\PicosmosTools\PTInstOnline.exe (.not file.)
O87 - FAEL: "{F9DA99C6-9606-4423-8C16-D029B2710DB7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe (.not file.)
O87 - FAEL: "{3F03C8E5-C15B-4515-8453-3667EF060840}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe (.not file.)
---\\ Additional Scan (O88) (1) - 0s
HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent
---\\ Summary of the elements found (4) - 0s
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/pup-optional-mysites123 =>PUP.Optional.Mysites123
http://www.nicolascoolman.fr/pup-optional-yoursearching =>PUP.Optional.YourSearching
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
~ End of the scan, 12877 items in 00h02mn47s (949)(0)
~ Run by حاج (Administrator) (2016/01/24 23:03:24)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\حاج\Desktop\ZHPDiag.txt
~ Report: C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 32-bit (Build 7600)
---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v48.0.2564.82
OPIE: Opera 34.0.2036.50
MSIE: Internet Explorer v8.0.7600.16385
---\\ Windows Product Information (5) - 0s
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System protection software (3) - 2s
ESET Smart Security v9.0.318.24
Malwarebytes Anti-Malware version 2.2.0.1024
Windows Defender W7 (Activate)
---\\ Surveillance software (2) - 3s
Adobe Flash Player 20 PPAPI
Adobe Reader XI
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3110.404 MB (51% free)
System Restore: Activé (Enable)
System drive C: has 49 GB () free of 76 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: ZIZO-PC
~ User Name: حاج
~ Logged in as Administrator
---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 49 GB free of 76 GB (System)
~ Drive D: has 190 GB free of 199 GB
~ Drive E: has 179 GB free of 199 GB
---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (25) - 0s
[MD5.15BC38A7492BEFE831966ADB477CF76F] - 14/07/2009 - (.Microsoft Corporation - مستكشف Windows.) -- C:\Windows\Explorer.exe [2613248] =>.Microsoft Corporation
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - عملية مضيف Windows (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - تطبيق بدء تشغيل Windows.) -- C:\Windows\System32\Wininit.exe [96256] =>.Microsoft Corporation
[MD5.0D874F3BC751CC2198AF2E6783FB8B35] - 14/07/2009 - (.Microsoft Corporation - ملحقات إنترنت لـ Win32.) -- C:\Windows\System32\wininet.dll [977920] =>.Microsoft Corporation
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - 14/07/2009 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\Windows\System32\Winlogon.exe [285696] =>.Microsoft Corporation
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - 14/07/2009 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\Windows\System32\sppcomapi.dll [193024] =>.Microsoft Corporation
[MD5.6D5A49D6479EB753C7879F73A4C35E0F] - 14/07/2009 - (.Microsoft Corporation - مكتبة الارتباط الديناميكي لواجهة برمجة تطبي.) -- C:\Windows\System32\dnsapi.dll [269824] =>.Microsoft Corporation
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - 14/12/2009 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - 14/07/2009 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - 14/07/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - 14/07/2009 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] =>.Microsoft Corporation
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - 14/07/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - 14/07/2009 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123392] =>.Microsoft Corporation
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - 14/07/2009 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] =>.Microsoft Corporation
[MD5.3795DCD21F740EE799FB7223234215AF] - 14/07/2009 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1210432] =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - 14/07/2009 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133120] =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation
[MD5.CB39E896A2A83702D1737BFD402B3542] - 14/07/2009 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74240] =>.Microsoft Corporation
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوح.) -- C:\Windows\System32\drivers\volsnap.sys [245328] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (8) - 1s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: (ADSafeSvc) . (...) - C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.)
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe =>.Even Balance, Inc.®
O23 - Service: TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation - TechSmith Uploader Service.) - C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe =>.TechSmith Corporation
---\\ Services not Microsoft (SR=Run, SS=Stop) (21) - 12s
SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [20/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Demand [06/04/2010] [ 31272] AppleChargerSrv (AppleChargerSrv) . (...) - C:\Windows\System32\AppleChargerSrv.exe =>.Giga-Byte Technology®
SS - Disabl [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe {62039EBD474840AA18E634E17D28533C} =>.WIBU-SYSTEMS AG
SS - Demand [05/11/2013] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [09/10/2015] [ 1971968] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SS - Auto [21/09/2015] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [21/09/2015] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation®
SS - Demand [04/04/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe =>.Macrovision Corporation
SS - Disabl [27/08/2013] [ 595968] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation
SS - Disabl [27/08/2013] [ 642520] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service®
SS - Disabl [16/09/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware®
SS - Disabl [16/09/2013] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products®
SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SS - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SR - Auto [15/01/2016] [ 66872] PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe =>.Even Balance, Inc.®
SR - Auto [26/01/2015] [ 3408384] TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation.) - C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe =>.TechSmith Corporation
SS - Demand [27/12/2015] [ 1343400] @C:\Windows\system32\Wat\WatUX.exe,-601 (WatAdminSvc) . (...) - C:\Windows\System32\Wat\WatAdminSvc.exe
SS - Demand [02/10/2015] [ 13264] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo32.dll =>.Lespeed Technology Ltd.®
---\\ Task Planned Automatically (34) - 5s
[MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] =>.Adobe Systems, Incorporated®
[MD5.EE8801B157A7E079E3C587718932197E] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [1163968] =>.Adobe Systems Incorporated®
[MD5.93FA6CC96875A330E4B208C0A701BBD8] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated®
[MD5.13ECAC1C51CC00147BD06B5ABF142956] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- D:\CCleaner.exe [4529944] =>.Piriform Ltd®
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc®
[MD5.0CEEBA2861EAE04BCA8672014DC7F429] [APT] [Opera scheduled Autoupdate 1453478398] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [696952] =>.Opera Software ASA®
[MD5.00000000000000000000000000000000] [APT] [SyneiStart] (...) -- D:\SystemUtilities\SystemUtilities.exe (.not file.) [0]
[MD5.56C0D9B869C4DB7B2270C68F99E0D007] [APT] [TechSmith Updater] (.TechSmith Corporation.) -- C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56640] =>.TechSmith Corporation®
[MD5.00000000000000000000000000000000] [APT] [Wise Care 365] (...) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Wise Turbo Checker] (...) -- C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{567F472B-3B6C-4A35-8AA5-37EAD16E1852}] (...) -- D:\Malwarebytes Anti-Malware\mbam.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{838989A2-628A-4E18-9AD7-2918E6EB933E}] (...) -- D:\Pro Evolution Soccer 2016\PES2016.exe (.not file.) [0]
[MD5.3CE1456CE9D67C59CCF6E7D9D3C0A2A3] [APT] [{9513CA4A-B30B-47A4-864E-71B9D159677F}] (.Copyright (C) 2006.) -- C:\Program Files\GIGABYTE\@BIOS\BIOS_Run.exe [207680] {31CB9D6D1714A92F6A11D815A80ABDA6}
[MD5.00000000000000000000000000000000] [APT] [{ABE3EB9A-126E-491E-95A0-37BACD49B747}] (...) -- C:\Users\¥ں¤\Downloads\Programs\snagit.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D2184A61-62D4-459A-AA80-9AD01A444C78}] (...) -- D:\Recover My Files v5\RecoverMyFiles.exe (.not file.) [0]
[MD5.0CCB618B6788A5083F85DF4179281E8A] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [665616] =>.AVAST Software a.s.®
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [826] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [830] =>.Google Inc.
O39 - APT: Wise Care 365 - (...) -- C:\Windows\Tasks\Wise Care 365.job [394] (.Orphean.)
O39 - APT: Wise Turbo Checker - (...) -- C:\Windows\Tasks\Wise Turbo Checker.job [374] (.Orphean.)
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3874] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3880] =>.Adobe Systems Incorporated
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2722] =>.Piriform Ltd
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3574] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3826] =>.Google Inc.
O39 - APT: Opera scheduled Autoupdate 1453478398 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453478398 [3818] =>.Opera Software
O39 - APT: SyneiStart - (...) -- C:\Windows\System32\Tasks\SyneiStart [3508] (.Orphean.)
O39 - APT: TechSmith Updater - (.TechSmith Corporation.) -- C:\Windows\System32\Tasks\TechSmith Updater [3774] =>.TechSmith Corporation
O39 - APT: Wise Care 365 - (...) -- C:\Windows\System32\Tasks\Wise Care 365 [2816] (.Orphean.)
O39 - APT: Wise Turbo Checker - (...) -- C:\Windows\System32\Tasks\Wise Turbo Checker [3038] (.Orphean.)
---\\ Process running (17) - 0s
[MD5.05D36FCAB501C67DEA797FAFB5C42AC5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1971968] [PID.796] =>.ESET, spol. s r.o.®
[MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1672] =>.Adobe Systems, Incorporated®
[MD5.86701B8E4C53280AA8642AC85F8500F4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1776] =>.Malwarebytes Corporation®
[MD5.968EDA6EA6E00DFAE78586BFA6322B74] - (.VIA Technologies, Inc. - usbmonitor.) -- C:\VIA_XHCI\usb3Monitor.exe [331776] [PID.1268] =>.VIA Technologies, Inc.
[MD5.7DC16FAEA44C8D96A1C113305A4059A2] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe [245576] [PID.1500] =>.Google Inc®
[MD5.831883B107684301F48ACE752C963984] - (...) -- C:\Windows\System32\PnkBstrA.exe [66872] [PID.2096] =>.Even Balance, Inc.®
[MD5.439BD966130226F464DC15F55ABD266E] - (.TechSmith Corporation - TechSmith Uploader Service.) -- C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384] [PID.2148] =>.TechSmith Corporation
[MD5.E0ED4A85D35E3874A85A25C222326B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5532872] [PID.2868] =>.ESET, spol. s r.o.®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3684] =>.Opera Software ASA®
[MD5.164B5AE6885EEA05BAA8B0219209873A] - (.Opera Software - Opera crash-reporter.) -- C:\Program Files\Opera\34.0.2036.50\opera_crashreporter.exe [504952] [PID.3696] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3808] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3844] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3852] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3860] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3892] =>.Opera Software ASA®
[MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.1100] =>.Opera Software ASA®
[MD5.D44A4269EA2773520990A5076ABE7431] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\حاج\Desktop\ZHPDiag3.exe [2088960] [PID.716] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (24) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients4.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh5.googleusercontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://s2.googleusercontent.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/ =>PUP.Optional.OurSurfing
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mysites123.com/ =>PUP.Optional.Mysites123
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.yoursearching.com/ =>PUP.Optional.YourSearching
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__ =>.AdblocPlus Plugin
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [enmofgaijnbjpblfljopnpdogpldapoc] Disable Youtube™ HTML5 Player
G2 - GCE: Preference [User Data\Default] [hkihmgfcedmdoaogcjdljeeacngbhinc] JavaScript Editey
G2 - GCE: Preference [User Data\Default] [lnkdbjbjpnpjeciipoaflmpcddinpjjp] SmartVideo For YouTube™
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [oadiaahhieelhhffeofkdchgfpjehjok] __MSG_ext_name__
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Opera, Plugins,Start,Search (3) - 0s
B2 - EXT: [hotboom] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\aejcgigcjcdcbdkdbeiclbpekcjddapp
B2 - EXT: [IDM Integration Module] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek
B2 - EXT: [Opera Stable] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp
---\\ Internet Explorer Extensions, Start, Search (12) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)
---\\ Browser Helper Object (BHO) (3) - 1s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Internet Explorer Toolbars (2) - 0s
O3 - Toolbar: 0x07000000EE0300007E69791EC59CD111A83F00C04FC99D612001000004000000EF0300007E69791EC59CD111A83F00C04FC99D612101000004000000F00300007E69791EC59CD111A83F00C04FC99D613001000004000000 - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.)
O3 - Toolbar: 0x07000000F40300007E69791EC59CD111A83F00C04FC99D612001000000000000F50300007E69791EC59CD111A83F00C04FC99D612101000000000000F70300007E69791EC59CD111A83F00C04FC99D612501000004000000 - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} . (...) -- (.not file.)
---\\ Auto loading programs from Registry and folders (7) - 0s
O4 - HKLM\..\Run: [VIAxHCUtl] . (.VIA Technologies, Inc. - usbmonitor.) -- C:\VIA_XHCI\usb3Monitor.exe =>.VIA Technologies, Inc.
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1322463913-1858526958-1247835930-1000\..\Run: [Sidebar] . (.Microsoft Corporation - الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
---\\ Global shortcuts Startup (81) - 4s
O4 - GS\Desktop [Administrator]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [Administrator]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [Administrator]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [Administrator]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Administrator]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Administrator]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [Administrator]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [Administrator]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [Administrator]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Desktop [ckztzidwxcii]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [ckztzidwxcii]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [ckztzidwxcii]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [ckztzidwxcii]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [ckztzidwxcii]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [ckztzidwxcii]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [ckztzidwxcii]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [ckztzidwxcii]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [ckztzidwxcii]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [ckztzidwxcii]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [ckztzidwxcii]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [ckztzidwxcii]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [ckztzidwxcii]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [ckztzidwxcii]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [ckztzidwxcii]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [ckztzidwxcii]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [ckztzidwxcii]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [ckztzidwxcii]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Desktop [Guest]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [Guest]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [Guest]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [Guest]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Guest]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Guest]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [Guest]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [Guest]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [Guest]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\Desktop [حاج]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG
O4 - GS\Desktop [حاج]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd®
O4 - GS\Desktop [حاج]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat
O4 - GS\Desktop [حاج]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [حاج]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [حاج]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe
O4 - GS\Desktop [حاج]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [حاج]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe
O4 - GS\Desktop [حاج]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [حاج]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe
O4 - GS\Quicklaunch [حاج]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [حاج]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe
O4 - GS\Quicklaunch [حاج]: مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\sendTo [حاج]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\sendTo [حاج]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe
O4 - GS\TaskBar [حاج]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe
O4 - GS\TaskBar [حاج]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [حاج]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\CommonDesktop [Public]: Camtasia Studio 8.lnk . (.TechSmith Corporation - Camtasia Studio.) C:\Program Files\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe =>.TechSmith Corporation®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Google Earth.lnk . (.Google - Google Earth.) C:\Program Files\Google\Google Earth\client\googleearth.exe =>.Google
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA®
O4 - GS\CommonDesktop [Public]: Pro Evolution Soccer 2016.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2016.) E:\Pro Evolution Soccer 2016\PES2016.exe =>.Konami Digital Entertainment Co., Ltd.
O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) D:\VLC\vlc.exe =>.VideoLAN®
O4 - GS\Programs [Public]: Start Tor Browser.lnk . (...) C:\Users\حاج\Desktop\Tor Browser\Browser\firefox.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc
---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12249DC2-1D4F-4D85-B0F1-466F9491568B}: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12249DC2-1D4F-4D85-B0F1-466F9491568B}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45C81CE6-475B-4267-813A-A677182F772F}: DhcpNameServer = 192.168.8.1 192.168.8.1
---\\ Extra protocols (25) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Software installed (41) - 8s
O42 - Logiciel: @BIOS - (.GIGABYTE.) [HKLM] -- {B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83} =>.Gigabyte
O42 - Logiciel: Adobe Flash Player 20 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.14) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated
O42 - Logiciel: AutoGreen B12.0206.1 - (.GIGABYTE.) [HKLM] -- {C75FAD21-EC08-42F3-92D6-C9C0AB355345} =>.Gigabyte
O42 - Logiciel: AutoGreen B12.0206.1 - (.GIGABYTE.) [HKLM] -- InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345} =>.Gigabyte
O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM] -- {A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0} =>.TechSmith Corporation
O42 - Logiciel: Counter-strike 1.6 original - (...) [HKCU] -- Counter-strike 1.6 original
O42 - Logiciel: Easy Tune 6 B13.0924.2 - (.GIGABYTE.) [HKLM] -- {457D7505-D665-4F95-91C3-ECB8C56E9ACA} =>.Gigabyte
O42 - Logiciel: Easy Tune 6 B13.0924.2 - (.GIGABYTE.) [HKLM] -- InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA} =>.Gigabyte
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {993949EA-4382-4C42-A8B0-16FB3D4F8CF8} =>.ESET, spol. s r.o.
O42 - Logiciel: FormatFactory 3.8.0.0 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {1C3D2F92-D25E-4D98-B810-3F3B0857BF26} =>.Google, Inc.
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {6F545E5E-4595-11E2-93B6-B8AC6F97B88E} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products®
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM] -- {20D55630-5D12-4297-841C-D3165374ECEE} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: ON_OFF Charge 2 B13.1028.1 - (.GIGABYTE.) [HKLM] -- {6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A} =>.Gigabyte
O42 - Logiciel: ON_OFF Charge 2 B13.1028.1 - (.GIGABYTE.) [HKLM] -- InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A} {5C689B877816AEFFB17C54B08E755785} =>.Gigabyte
O42 - Logiciel: Opera Stable 34.0.2036.50 - (.Opera Software.) [HKLM] -- Opera 34.0.2036.50 =>.Opera Software ASA®
O42 - Logiciel: Platform - (.VIA Technologies, Inc..) [HKLM] -- {20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc.
O42 - Logiciel: Pro Evolution Soccer 2016 version 1.1.0 - (.dzrepack games.) [HKLM] -- Pro Evolution Soccer 2016_is1
O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek Ethernet Diagnostic Utility - (.Realtek.) [HKLM] -- {DADC7AB0-E554-4705-9F6A-83EA82ED708E} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp.
O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM] -- Registry Trash Keys Finder =>.SNC
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM] -- {4FC332FE-CBE3-4AE0-B531-35048FD81912} =>.TechSmith Corporation
O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM] -- {ec29af82-9c9e-420e-ab18-53821c36ac3c} =>.TechSmith Corporation®
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc.
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
---\\ HKCU & HKLM Software Keys (141) - 8s
HKLM\SOFTWARE\8169Diag
HKLM\SOFTWARE\AAA Internet Publishing
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\AS_Mubashir
HKLM\SOFTWARE\Atheros
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\AutoClearCookies
HKLM\SOFTWARE\AVG
HKLM\SOFTWARE\AviSynth
HKLM\SOFTWARE\Blimey! Games
HKLM\SOFTWARE\Chromium
HKLM\SOFTWARE\Creative Tech
HKLM\SOFTWARE\Digeus
HKLM\SOFTWARE\DownloadCenter
HKLM\SOFTWARE\Dropbox
HKLM\SOFTWARE\DropboxUpdate
HKLM\SOFTWARE\DRWIsUpgrade
HKLM\SOFTWARE\EASEUS
HKLM\SOFTWARE\Eidos
HKLM\SOFTWARE\EnigmaSoftwareGroup
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Fraps
HKLM\SOFTWARE\Gigabyte
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\HitmanPro
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\IObit
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KONAMIPES6
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\mtcaMyciloP
HKLM\SOFTWARE\Nuance
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\PES 2016 Selector Tool
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\RTLSetup
HKLM\SOFTWARE\Rtp
HKLM\SOFTWARE\SNC
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SRS Labs
HKLM\SOFTWARE\Stellar Information Systems Ltd.
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent
HKLM\SOFTWARE\Top4top
HKLM\SOFTWARE\Tukero[X]Team
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\Unchecky
HKLM\SOFTWARE\Valve
HKLM\SOFTWARE\VIA Technologies, Inc
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WIBU-SYSTEMS
HKLM\SOFTWARE\Windows X
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\WiseCleaner
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Even Balance
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\ADSafe4
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\AVG
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\CatalinaGroup
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Crystal Reality
HKCU\SOFTWARE\DownloadCenter
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Dropbox
HKCU\SOFTWARE\DropboxUpdate
HKCU\SOFTWARE\Enigma Protector
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\file repair
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\Gibson Research
HKCU\SOFTWARE\Gigabyte
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\GoldWave
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HWiNFO32
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\InstallShield
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\mixlr
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Resplendence Sp
HKCU\SOFTWARE\Rtp
HKCU\SOFTWARE\SmartDeblur
HKCU\SOFTWARE\Synei
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Teorex
HKCU\SOFTWARE\TomsGuide
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Tukero[X]Team
HKCU\SOFTWARE\Unchecky
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\WASEL Pro VPN Service
HKCU\SOFTWARE\Windows X
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Xirrus
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Unity
---\\ Contents of the Common Files folders (229) - 16s
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files\ADSafe
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Adware Removal Tool by TSA
O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\AMD
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\ApeeeGoSoft
O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\AVG
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\CodeMeter {62039EBD474840AA18E634E17D28533C}
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Core Temp
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Counter-strike 1.6 original
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 20/01/2016 - [] D -- C:\Program Files\dzrepack games
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\EaseUS
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Enigma Software Group =>.Superfluous.SpyHunter
O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\FormatFactory =>.chen jun hao®
O43 - CFD: 26/09/2015 - [0] D -- C:\Program Files\FreeTime
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\GetData
O43 - CFD: 09/10/2015 - [] D -- C:\Program Files\GIGABYTE
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 31/12/2015 - [0] D -- C:\Program Files\Hostless Modem
O43 - CFD: 12/01/2016 - [] HD -- C:\Program Files\InstallShield Installation Information =>.Macrovision Corporation®
O43 - CFD: 28/12/2015 - [] D -- C:\Program Files\Intel =>.Intel Corporation - Software and Firmware Products®
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc.®
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Maxthon
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\MiniToolPhotoRecovery
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files\MSECache
O43 - CFD: 16/12/2015 - [] D -- C:\Program Files\NicController
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Opera =>.Opera Software ASA®
O43 - CFD: 26/12/2015 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 10/10/2015 - [] D -- C:\Program Files\Realtek =>.Realtek Semiconductor Corp®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 21/01/2016 - [] D -- C:\Program Files\Synei {399F70E9618315D198E6BA0C59435A60}
O43 - CFD: 26/12/2015 - [] D -- C:\Program Files\TechSmith =>.TechSmith Corporation®
O43 - CFD: 17/09/2015 - [0] HD -- C:\Program Files\Temp
O43 - CFD: 07/01/2016 - [] D -- C:\Program Files\TNod
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files\TrashReg
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\UX Pack
O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\VIA
O43 - CFD: 20/01/2016 - [0] D -- C:\Program Files\WASEL Pro VPN Service
O43 - CFD: 20/01/2016 - [] D -- C:\Program Files\WhySoSlow =>.Daniel Terhell®
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 01/10/2015 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 10/10/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files\Wise =>.Lespeed Technology Ltd.®
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clear Cookies
O43 - CFD: 23/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dzrepack games
O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 02/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Booster
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 16/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GD Hardware Scan
O43 - CFD: 02/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
O43 - CFD: 01/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
O43 - CFD: 24/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 21/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synei System Utilities
O43 - CFD: 14/07/2009 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder
O43 - CFD: 20/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toptv
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 20/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WASEL Pro VPN Service
O43 - CFD: 10/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 28/09/2015 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 22/09/2015 - [] D -- C:\ProgramData\AutoClearCookies
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\AVG
O43 - CFD: 23/12/2015 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Dropbox
O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\ESET
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 17/09/2015 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\InstallShield
O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\McAfee
O43 - CFD: 22/01/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\MobiConnect
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Real
O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Steam
O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\Sun
O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 18/11/2015 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 18/11/2015 - [] D -- C:\ProgramData\Unchecky
O43 - CFD: 31/12/2015 - [0] D -- C:\ProgramData\ZDSupport
O43 - CFD: 17/09/2015 - [0] SHD -- C:\ProgramData\سطح المكتب
O43 - CFD: 17/09/2015 - [0] SHD -- C:\ProgramData\قائمة ابدأ
O43 - CFD: 01/10/2015 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\Common Files\AV
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 21/09/2015 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 28/12/2015 - [] D -- C:\Program Files\Common Files\Intel
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 03/01/2016 - [0] D -- C:\Program Files\Common Files\Latlight
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\Common Files\postureAgent
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Common Files\TechSmith Shared
O43 - CFD: 27/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Adobe
O43 - CFD: 16/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\ADSafe3
O43 - CFD: 31/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AS
O43 - CFD: 08/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Audacity
O43 - CFD: 22/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AutoClearCookies
O43 - CFD: 23/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AVG
O43 - CFD: 18/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\com.nasser.huaweimanagerpc.main
O43 - CFD: 07/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\CrystalIdea Software
O43 - CFD: 13/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Digiarty
O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\DMCache
O43 - CFD: 21/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\DownloadNinja
O43 - CFD: 24/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Dropbox
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Foxit Software
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Identities
O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\IDM
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\InstallShield
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Macromedia
O43 - CFD: 06/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Maxthon3
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\حاج\AppData\Roaming\Media Center Programs
O43 - CFD: 19/01/2016 - [] SD -- C:\Users\حاج\AppData\Roaming\Microsoft
O43 - CFD: 02/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Mozilla
O43 - CFD: 16/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\MyTotalTV
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Opera Software
O43 - CFD: 29/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Orbit
O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Psiphon3
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Real
O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\SocialWebTechLTD
O43 - CFD: 10/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Soft Solutions
O43 - CFD: 26/11/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Sun
O43 - CFD: 26/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Synei
O43 - CFD: 26/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\TechSmith
O43 - CFD: 24/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Thinstall
O43 - CFD: 20/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Unity
O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\vlc
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\WinRAR
O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\ZHP
O43 - CFD: 16/10/2015 - [] D -- C:\Users\حاج\AppData\Local\AAA_Internet_Publishing,_
O43 - CFD: 26/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Adobe
O43 - CFD: 17/09/2015 - [0] SHD -- C:\Users\حاج\AppData\Local\Application Data
O43 - CFD: 17/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Apps
O43 - CFD: 25/09/2015 - [] D -- C:\Users\حاج\AppData\Local\assembly
O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Local\AVAST Software
O43 - CFD: 23/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Avg
O43 - CFD: 23/10/2015 - [] D -- C:\Users\حاج\AppData\Local\CatalinaGroup
O43 - CFD: 21/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Chromium
O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Local\CrashDumps
O43 - CFD: 25/12/2015 - [0] D -- C:\Users\حاج\AppData\Local\Deployment
O43 - CFD: 24/10/2015 - [0] D -- C:\Users\حاج\AppData\Local\Diagnostics
O43 - CFD: 18/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Downloaded Installations
O43 - CFD: 24/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Dropbox
O43 - CFD: 29/11/2015 - [] D -- C:\Users\حاج\AppData\Local\ESET
O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Local\game-debate
O43 - CFD: 17/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Geckofx
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Google
O43 - CFD: 17/09/2015 - [0] D -- C:\Users\حاج\AppData\Local\History
O43 - CFD: 09/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Intel_Corporation
O43 - CFD: 21/12/2015 - [] D -- C:\Users\حاج\AppData\Local\LTE-Anbieter.info
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Macromedia
O43 - CFD: 19/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Microsoft
O43 - CFD: 22/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Microsoft Games
O43 - CFD: 05/01/2016 - [0] D -- C:\Users\حاج\AppData\Local\Microsoft Help
O43 - CFD: 11/10/2015 - [] D -- C:\Users\حاج\AppData\Local\mixlr
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Mozilla
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Opera Software
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Programs
O43 - CFD: 12/01/2016 - [] D -- C:\Users\حاج\AppData\Local\PunkBuster
O43 - CFD: 12/12/2015 - [] D -- C:\Users\حاج\AppData\Local\RadioSure
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Real
O43 - CFD: 05/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Slimjet
O43 - CFD: 25/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Smart_PC_Soft
O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Local\TechSmith
O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Temp
O43 - CFD: 17/09/2015 - [0] D -- C:\Users\حاج\AppData\Local\Temporary Internet Files
O43 - CFD: 24/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Thinstall
O43 - CFD: 21/01/2016 - [0] D -- C:\Users\حاج\AppData\Local\Unity
O43 - CFD: 21/10/2015 - [] D -- C:\Users\حاج\AppData\Local\Video Enhancer
O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\VirtualStore
O43 - CFD: 01/10/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/09/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 02/01/2016 - [0] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ApeeeGoSoft
O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 18/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-strike 1.6 original
O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 21/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 01/10/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder
O43 - CFD: 24/01/2016 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 10/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Google Drive Shell extension [ GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc®
O106 - SIOI: Google Drive Shell extension [ GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc®
O106 - SIOI: Google Drive Shell extension [ GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc®
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - مكتبة DLL الخاصة بملحق Shell للتخزين المحسّ.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ ShareTools MSconfig StartupReg (14) - 0s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\download.ninja [Key] . (...) -- C:\Program Files\Ninja Download Manager\download.ninja.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation
O53 - SMSR:HKLM\...\startupreg\HSPALauncher [Key] . (...) -- C:\PROGRA~1\HSPAUS~1\HSPALA~1.EXE (.not file.)
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation
O53 - SMSR:HKLM\...\startupreg\ISUSPM Startup [Key] . (...) -- C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ISUSScheduler [Key] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe =>.InstallShield Software Corporation
O53 - SMSR:HKLM\...\startupreg\jswtrayutil [Key] . (...) -- C:\Program Files\Jumpstart\jswtrayutil.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\MTview [Key] . (...) -- C:\Program Files\MTV20151125\MTView.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
---\\ System Drivers List (91) - 19s
O58 - SDL:2015/09/27 13:53:26 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\3B174BAD.sys [98520] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79952] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [23616] =>.Microsoft Windows®
O58 - SDL:2013/10/28 10:02:54 A . (...) -- C:\Windows\System32\drivers\AppleCharger.sys [19168] {5C689B877816AEFFB17C54B08E755785}
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] =>.Microsoft Windows®
O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] =>.Broadcom Corporation
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - برنامج تشغيل I/F التسلسلي لـ Brotehr (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] =>.Brother Industries Ltd.
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] =>.Broadcom Corporation
O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] =>.Microsoft Windows®
O58 - SDL:2013/06/29 17:10:58 A . (.Mobile Connector - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\cmusbser.sys [103552] =>.Mobile Connector
O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] =>.Microsoft Windows®
O58 - SDL:2015/10/04 21:12:46 A . (.Phoenix Technologies - DriverAgent Direct I/O for 32-bit Windows.) -- C:\Windows\System32\drivers\DrvAgent32.sys [31832] =>PUP.Optional.eSupport
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [145512] =>.ESET, spol. s r.o.®
O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] =>.Microsoft Windows®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44608] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [56944] =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] =>.Broadcom Corporation
O58 - SDL:2015/10/05 01:34:29 A . (...) -- C:\Windows\System32\drivers\GVTDrv.sys [24944] {31CB9D6D1714A92F6A11D815A80ABDA6}
O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] =>.Microsoft Windows®
O58 - SDL:2015/10/04 21:07:19 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX®
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332352] =>.Microsoft Windows®
O58 - SDL:2015/12/29 13:18:10 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [124992] =>.Tonec Inc.®
O58 - SDL:2013/10/28 23:01:40 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [3354624] =>.Intel Corporation
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] =>.Microsoft Windows®
O58 - SDL:2008/05/15 03:28:44 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys [20384] =>.Atheros Communications, Inc.
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] =>.Malwarebytes Corporation®
O58 - SDL:2016/01/24 20:37:13 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:16 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117312] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [142416] =>.Microsoft Windows®
O58 - SDL:2016/01/15 19:26:25 A . (...) -- C:\Windows\System32\drivers\PnkBstrK.sys [22328] =>.Even Balance, Inc.®
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] =>.Microsoft Windows®
O58 - SDL:2015/09/21 13:54:10 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) -- C:\Windows\System32\drivers\rspWhy32.sys [24832] =>.Daniel Terhell®
O58 - SDL:2011/09/29 10:30:32 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys [490088] =>.Realtek Semiconductor Corp®
O58 - SDL:2013/08/27 13:37:54 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2821336] =>.Realtek Semiconductor Corp®
O58 - SDL:2011/06/15 14:11:20 RA . (.Realtek - Realtek NDIS Protocol Driver.) -- C:\Windows\System32\drivers\RtNdPt60.sys [33056] =>.Realtek Semiconductor Corp®
O58 - SDL:2012/07/03 13:32:00 RA . (.Realtek Corporation - Realtek NDIS 6.2 Intermediate Miniport Driv.) -- C:\Windows\System32\drivers\RtTeam620.sys [49808] =>.Realtek Semiconductor Corp®
O58 - SDL:2012/09/01 00:00:02 RA . (.Realtek Corporation - Realtek Virtual Miniport Driver for VLAN (N.) -- C:\Windows\System32\drivers\RtVlan620.sys [27792] =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] =>.Microsoft Windows®
O58 - SDL:2012/06/28 08:49:48 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [26624] =>.The OpenVPN Project
O58 - SDL:2013/09/16 12:17:42 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriver.sys [85464] =>.Intel Corporation - Intel® Management Engine Firmware®
O58 - SDL:2013/10/24 17:29:14 A . (...) -- C:\Windows\System32\drivers\UsbCharger.sys [20192] {5C689B877816AEFFB17C54B08E755785}
O58 - SDL:2013/03/19 17:04:20 A . (.VIA Technologies, Inc. - Framework Version of ViaHub3 Dynamic Bus En.) -- C:\Windows\System32\drivers\ViaHub3.sys [190976] =>.VIA Technologies, Inc.
O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] =>.Microsoft Windows®
O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] =>.Microsoft Windows®
O58 - SDL:2013/01/18 03:11:48 A . (.VIA Technologies, Inc. - VIA BulkOnly & UAS driver.) -- C:\Windows\System32\drivers\vusbstor.sys [73264] =>.VIA Technologies Inc.®
O58 - SDL:2013/03/19 17:04:14 A . (.VIA Technologies, Inc. - WDF Driver for VIA eXtensible Host Controll.) -- C:\Windows\System32\drivers\xhcdrv.sys [239104] =>.VIA Technologies, Inc.
O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:1996/04/03 20:33:26 A . (...) -- C:\Windows\System32\giveio.sys [5248]
O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:2011/03/18 17:08:54 A . (.Almico Software - SpeedFan x32 Driver.) -- C:\Windows\System32\speedfan.sys [25240] =>.Sokno S.R.L.®
---\\ Last modified or created user files (3) - 6s
O61 - LFC: 2016/01/22 02:02:57 A . (.embratoria.) -- C:\Users\حاج\Downloads\Programs\Embra3rdG_2.exe [7046739]
O61 - LFC: 2016/01/22 14:43:39 A . (..) -- C:\Users\حاج\AppData\LocalLow\Sun\Java\jre1.8.0_25\java_sp.dll [19157872]
O61 - LFC: 2016/01/24 20:19:29 A . (..) -- C:\Users\حاج\AppData\Local\TechSmith\SnagIt\Tray.bin [756]
---\\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Start Menu Internet (12) - 0s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (2) - 2s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/
---\\ Search Svchost Services (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة الخادم.) -- C:\Windows\System32\srvsvc.dll [168448] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll [591360] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [667136] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - خدمة صوت Windows.) -- C:\Windows\System32\audiosrv.dll [473088] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - إدارة الطلب التلقائي للوصول عن بُعد.) -- C:\Windows\System32\rasauto.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [285184] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - خدمة الإعلام بأحداث النظام (SENS).) -- C:\Windows\System32\Sens.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [241664] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [543232] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll [1912832] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - خدمة النقل الذكي في الخلفية.) -- C:\Windows\System32\qmgr.dll [589312] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [497152] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll [21504] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - خدمة معلومات التطبيقات.) -- C:\Windows\System32\appinfo.dll [46592] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - خدمة اكتشاف iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - خدمة جدولة فئات تعدد الوسائط.) -- C:\Windows\System32\mmcss.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll [61440] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [162816] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll [743424] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - خدمة تكوين سطح المكتب البعيد.) -- C:\Windows\System32\SessEnv.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة مستعرض الكم.) -- C:\Windows\System32\browser.dll [102400] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات نُسق Windo.) -- C:\Windows\System32\themeservice.dll [37376] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - خدمة BDE.) -- C:\Windows\System32\bdesvc.dll [76800] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll [149504] =>.Microsoft Corporation
---\\ Firewall Active Exception List (11) - 1s
O87 - FAEL: "TCP Query User{AAFBAC70-4177-4B73-A959-A067CF2454AF}E:\motogp2 by lmodni\motogp2_demo.exe" [In-None-P6-TRUE] .(...) -- E:\motogp2 by lmodni\motogp2_demo.exe (.not file.)
O87 - FAEL: "UDP Query User{72D74FBF-C8A6-4AB3-AC17-E86F265E3866}E:\motogp2 by lmodni\motogp2_demo.exe" [In-None-P17-TRUE] .(...) -- E:\motogp2 by lmodni\motogp2_demo.exe (.not file.)
O87 - FAEL: "{7C1C3029-4FC0-46BB-AABC-90EA32098630}" [In-None-P17-TRUE] .(...) -- C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe (.not file.)
O87 - FAEL: "{54A2F4EC-C67B-4E22-A5CA-35D7E94F62EC}" [In-None-P17-TRUE] .(...) -- C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe (.not file.)
O87 - FAEL: "{7526B7FE-CAF7-4837-8B00-E4FD48D8E495}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafe.exe (.not file.)
O87 - FAEL: "{B5C31490-575F-4E1D-9496-A4965AEFBDD6}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.)
O87 - FAEL: "{1A34E3C8-DD91-444B-A6A6-2A548FD8CC07}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.)
O87 - FAEL: "{C11A951A-B67B-4A03-B499-B6886B6E2266}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafe.exe (.not file.)
O87 - FAEL: "{A09C9B9E-6EDF-4E81-8A3D-8857BE8F5585}" [In-None-P6-TRUE] .(...) -- C:\Program Files\PicosmosTools\PTInstOnline.exe (.not file.)
O87 - FAEL: "{F9DA99C6-9606-4423-8C16-D029B2710DB7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe (.not file.)
O87 - FAEL: "{3F03C8E5-C15B-4515-8453-3667EF060840}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe (.not file.)
---\\ Additional Scan (O88) (1) - 0s
HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent
---\\ Summary of the elements found (4) - 0s
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OurSurfing
http://www.nicolascoolman.fr/pup-optional-mysites123 =>PUP.Optional.Mysites123
http://www.nicolascoolman.fr/pup-optional-yoursearching =>PUP.Optional.YourSearching
http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent
~ End of the scan, 12877 items in 00h02mn47s (949)(0)