~ ZHPDiag v2016.3.26.75 By Nicolas Coolman (2016/03/26)
~ Run by ابداع (Administrator) (2016/03/28 13:07:57)
~ Web: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\ابداع\Desktop\ZHPDiag.txt
~ Report: C:\Users\ابداع\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)

---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v49.0.2623.108
MFIE: Mozilla Firefox 45.0.1 (x86 en-US)
MSIE: Internet Explorer v8.0.7601.17514

---\\ Windows Product Information (5) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Key Management Service client information : KO
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (3) - 1s
COMODO Firewall v8.2.0.4792
ESET Smart Security v9.0.318.24
Malwarebytes Anti-Malware النسخة 2.2.0.1024

---\\ System optimization software (1) - 2s
CCleaner v5.13

---\\ Surveillance software (2) - 2s
Adobe Flash Player 17 PPAPI
Adobe Acrobat Reader DC

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3316.584 MB (17% free)
System Restore: Activé (Enable)
System drive C: has 15 GB () free of 89 GB =>Alerte espace disque inférieur à 20 Go

---\\ Connection to the system mode (3) - 0s
~ Computer Name: ALSAB7-PC
~ User Name: ابداع
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 15 GB free of 89 GB (System)
~ Drive D: has 0 GB free of 0 GB
~ Drive E: has 166 GB free of 386 GB

---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (25) - 4s
[MD5.40D777B7A95E00593EB1568C68514493] - 20/11/2010 - (.Microsoft Corporation - مستكشف Windows.) -- C:\Windows\Explorer.exe [2616320] =>.Microsoft Corporation
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - عملية مضيف Windows (Rundll32)‎.) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) -- C:\Windows\System32\Wininit.exe [96256] =>.Microsoft Corporation
[MD5.44214C94911C7CFB1D52CB64D5E8368D] - 20/11/2010 - (.Microsoft Corporation - ملحقات إنترنت لـ Win32.) -- C:\Windows\System32\wininet.dll [980992] =>.Microsoft Corporation
[MD5.52449FD429D6053B78AE564DEF303870] - 17/07/2014 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\Windows\System32\Winlogon.exe [304128] =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 20/11/2010 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\Windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation
[MD5.B40420876B9288E0A1C8CCA8A84E5DC9] - 03/03/2011 - (.Microsoft Corporation - مكتبة الارتباط الديناميكي لواجهة برمجة تطبي.) -- C:\Windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - 20/11/2010 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480] =>.Microsoft Corporation
[MD5.93B49FA857F7036A4EFF32371F6E7391] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation
[MD5.F024449C97EC1E464AAFFDA18593DB88] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation
[MD5.BA4369E0CA60B1674A66041C36E8754C] - 11/02/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [124416] =>.Microsoft Corporation
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] =>.Microsoft Corporation
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - 12/04/2013 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1211752] =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation
[MD5.B973FCFC50DC1434E1970A146F7E3885] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133632] =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation
[MD5.BB8817D0508DD5EA69C770C8DEF5AB67] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 20/11/2010 - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوح.) -- C:\Windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (33) - 11s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
O23 - Service: Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) - C:\Program Files\Intel\Bluetooth\devmonsrv.exe =>.Motorola Solutions Inc.®
O23 - Service: Bluetooth Media Service (Bluetooth Media Service) . (.Motorola Solutions, Inc. - Bluetooth Media Service.) - C:\Program Files\Intel\Bluetooth\mediasrv.exe =>.Motorola Solutions Inc.®
O23 - Service: Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) - C:\Program Files\Intel\Bluetooth\obexsrv.exe =>.Motorola Solutions Inc.®
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe =>.BlueStack Systems, Inc.®
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - C:\Program Files\BlueStacks\HD-UpdaterService.exe =>.BlueStack Systems, Inc.®
O23 - Service: COMODO Chromodo Update Service (ChromodoUpdater) . (.Comodo - Chromodo.) - C:\Program Files\Comodo\Chromodo\chromodo_updater.exe =>.Comodo Security Solutions®
O23 - Service: COMODO LPS Launcher (CLPSLauncher) . (.Comodo Security Solutions, Inc. - livePCsupport Component.) - C:\Program Files\Common Files\COMODO\launcher_service.exe =>.Comodo Security Solutions®
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe =>.Comodo Security Solutions®
O23 - Service: C:\Windows\system32\CxAudMsg32.exe,-100 (CxAudMsg) . (.Conexant Systems Inc. - Conexant Audio Message Service.) - C:\Windows\System32\CxAudMsg32.exe =>.Conexant Systems, Inc.®
O23 - Service: DFServ (DFServ) . (.Faronics Corporation - Deep Freeze service.) - C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
O23 - Service: Droid4XService (Droid4XService) . (...) - C:\Program Files\Droid4X\Droid4XService.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: GeekBuddyRSP Server (GeekBuddyRSP) . (.Comodo Security Solutions, Inc. - GeekBuddy Remote Screen Protocol Server.) - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe =>.Comodo Security Solutions, Inc.
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation - igfxCUIService Module.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation®
O23 - Service: KMService (KMService) . (...) - C:\Windows\System32\srvany.exe =>PUP.Optional.Office
O23 - Service: Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) - C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe =>.Malwarebytes Corporation®
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: NO-IP DUC v4.1.1 (NoIPDUCService4) . (.Copyright © 2012 - ducservice.) - C:\Program Files\No-IP\ducservice.exe
O23 - Service: OpenVPN Agent (ovpnagent) . (...) - C:\Program Files\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe {0EBD24BDFBD4ADDDD2EDD27E8FB1953C}
O23 - Service: RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc. - RealPlayer Cloud Service.) - C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
O23 - Service: Conexant SmartAudio service (SAService) . (.Conexant Systems, Inc. - SmartAudio Service Application.) - C:\Windows\System32\SASrv.exe =>.Conexant Systems, Inc.®
O23 - Service: Sandboxie Service (SbieSvc) . (.Sandboxie Holdings, LLC - Sandboxie Service.) - C:\Program Files\Sandboxie\SbieSvc.exe =>.Invincea, Inc.®
O23 - Service: SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) - C:\Program Files\SoftEther VPN Client\vpnclient.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
O23 - Service: Baidu Spark Service (SparkSvc) . (.Baidu Inc. - spark.) - C:\Program Files\baidu\Baidu Browser\sparkservice.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 32-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
O23 - Service: TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 11.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe =>.TeamViewer®
O23 - Service: VMware Authorization Service (VMAuthdService) . (.VMware, Inc. - VMware Authorization Service.) - C:\Program Files\VMware\VMware Player\vmware-authd.exe =>.VMware, Inc.®
O23 - Service: VMware DHCP Service (VMnetDHCP) . (.VMware, Inc. - VMware VMnet DHCP service.) - C:\Windows\System32\vmnetdhcp.exe =>.VMware, Inc.®
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc. - VMware USB Arbitration Service.) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe =>.VMware, Inc.®
O23 - Service: VMware NAT Service (VMware NAT Service) . (.VMware, Inc. - VMware NAT Service.) - C:\Windows\System32\vmnat.exe =>.VMware, Inc.®

---\\ Services not Microsoft (SR=Run, SS=Stop) (42) - 72s

SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated®
SS - Demand [24/12/2015] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [25/06/2013] [ 1132920] Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files\Intel\Bluetooth\devmonsrv.exe =>.Motorola Solutions Inc.®
SR - Auto [23/04/2013] [ 1366392] Bluetooth Media Service (Bluetooth Media Service) . (.Motorola Solutions, Inc..) - C:\Program Files\Intel\Bluetooth\mediasrv.exe =>.Motorola Solutions Inc.®
SR - Auto [23/04/2013] [ 1153400] Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files\Intel\Bluetooth\obexsrv.exe =>.Motorola Solutions Inc.®
SS - Demand [05/02/2016] [ 433688] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-Service.exe =>.BlueStack Systems, Inc.®
SR - Auto [05/02/2016] [ 413208] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-LogRotatorService.exe =>.BlueStack Systems, Inc.®
SR - Auto [05/02/2016] [ 859672] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files\BlueStacks\HD-UpdaterService.exe =>.BlueStack Systems, Inc.®
SR - Auto [26/03/2016] [ 2297528] COMODO Chromodo Update Service (ChromodoUpdater) . (.Comodo.) - C:\Program Files\Comodo\Chromodo\chromodo_updater.exe =>.Comodo Security Solutions®
SR - Auto [22/03/2016] [ 76984] COMODO LPS Launcher (CLPSLauncher) . (.Comodo Security Solutions, Inc..) - C:\Program Files\Common Files\COMODO\launcher_service.exe =>.Comodo Security Solutions®
SR - Auto [27/03/2016] [ 4542840] COMODO Internet Security Helper Service (CmdAgent) . (.COMODO.) - C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe =>.Comodo Security Solutions®
SR - Demand [27/03/2016] [ 1670840] COMODO Virtual Service Manager (cmdvirth) . (.COMODO.) - C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe =>.Comodo Security Solutions®
SR - Auto [05/03/2013] [ 193696] C:\Windows\system32\CxAudMsg32.exe,-100 (CxAudMsg) . (.Conexant Systems Inc..) - C:\Windows\System32\CxAudMsg32.exe =>.Conexant Systems, Inc.®
SR - Auto [06/06/2015] [ 1263480] DFServ (DFServ) . (.Faronics Corporation.) - C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
SR - Auto [06/01/2016] [ 269312] Droid4XService (Droid4XService) . (...) - C:\Program Files\Droid4X\Droid4XService.exe
SR - Auto [16/03/2016] [ 1983424] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SR - Auto [22/03/2016] [ 2473472] GeekBuddyRSP Server (GeekBuddyRSP) . (.Comodo Security Solutions, Inc..) - C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe =>.Comodo Security Solutions, Inc.
SS - Auto [06/11/2015] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [06/11/2015] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [30/03/2015] [ 272584] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation®
SS - Auto [01/05/2010] [ 8192] KMService (KMService) . (...) - C:\Windows\System32\srvany.exe =>PUP.Optional.Office
SR - Auto [29/01/2016] [ 740832] Malwarebytes Anti-Exploit Service (MbaeSvc) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe =>.Malwarebytes Corporation®
SS - Disabl [05/10/2015] [ 1513784] (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SS - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [23/03/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [27/03/2016] [ 12288] NO-IP DUC v4.1.1 (NoIPDUCService4) . (.Copyright © 2012.) - C:\Program Files\No-IP\ducservice.exe
SR - Auto [19/02/2016] [ 1493224] OpenVPN Agent (ovpnagent) . (...) - C:\Program Files\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe {0EBD24BDFBD4ADDDD2EDD27E8FB1953C}
SStart Pending - Auto [23/05/2015] [ 1141336] RealPlayer Cloud Service (RealPlayer Cloud Service) . (.RealNetworks, Inc..) - C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe =>.RealNetworks, Inc.®
SR - Demand [29/06/2013] [ 3860480] SafeIPS (SafeIPS) . (.SafeIP.) - C:\Program Files\SafeIP\SafeIPS.exe
SR - Auto [05/03/2013] [ 447104] Conexant SmartAudio service (SAService) . (.Conexant Systems, Inc..) - C:\Windows\System32\SASrv.exe =>.Conexant Systems, Inc.®
SR - Auto [26/02/2016] [ 146576] Sandboxie Service (SbieSvc) . (.Sandboxie Holdings, LLC.) - C:\Program Files\Sandboxie\SbieSvc.exe =>.Invincea, Inc.®
SR - Auto [19/03/2016] [ 3956680] SoftEther VPN Client (SEVPNCLIENT) . (.SoftEther VPN Project at University of Tsukuba, Japan.) - C:\Program Files\SoftEther VPN Client\vpnclient.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
SS - Auto [18/02/2015] [ 315488] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl®
SS - Auto [27/03/2016] [ 97080] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files\baidu\Baidu Browser\sparkservice.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
SS - Demand [26/03/2016] [ 1371960] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files\baidu\SparkUpdate\Sparkupdate.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
SR - Auto [08/08/2014] [ 168688] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated®
SR - Auto [30/11/2015] [ 6887696] TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe =>.TeamViewer®
SR - Auto [24/06/2015] [ 87256] VMware Authorization Service (VMAuthdService) . (.VMware, Inc..) - C:\Program Files\VMware\VMware Player\vmware-authd.exe =>.VMware, Inc.®
SR - Auto [24/06/2015] [ 359128] VMware DHCP Service (VMnetDHCP) . (.VMware, Inc..) - C:\Windows\System32\vmnetdhcp.exe =>.VMware, Inc.®
SR - Auto [21/08/2014] [ 722624] VMware USB Arbitration Service (VMUSBArbService) . (.VMware, Inc..) - C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe =>.VMware, Inc.®
SR - Auto [24/06/2015] [ 437976] VMware NAT Service (VMware NAT Service) . (.VMware, Inc..) - C:\Windows\System32\vmnat.exe =>.VMware, Inc.®

---\\ Process running (53) - 10s
[MD5.AB8B325FC9531B6EBC04E857C463E710] - (.Faronics Corporation - Deep Freeze service.) -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe [1263480] [PID.1220]
[MD5.08AEF77D0762717ADE7158F763BB081D] - (.Comodo Security Solutions, Inc. - livePCsupport Component.) -- C:\Program Files\Common Files\COMODO\launcher_service.exe [76984] [PID.1268] =>.Comodo Security Solutions®
[MD5.96A19820229EF943A1CCCCB7D19428D5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1983424] [PID.1292] =>.ESET, spol. s r.o.®
[MD5.2FB61753D4A8CCFB4926A8CA4172730C] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cmdagent.exe [4542840] [PID.1424] =>.Comodo Security Solutions®
[MD5.20DE117F7B467F3D7B2F8168C933130D] - (.Intel Corporation - igfxCUIService Module.) -- C:\Windows\System32\igfxCUIService.exe [272584] [PID.1812] =>.Intel Corporation®
[MD5.2FBE31281087681508CB3B549A079F7C] - (.Sandboxie Holdings, LLC - Sandboxie Service.) -- C:\Program Files\Sandboxie\SbieSvc.exe [146576] [PID.1876] =>.Invincea, Inc.®
[MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2368] =>.Adobe Systems, Incorporated®
[MD5.A78506EA72B918CAF3082F8DE86434B5] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413208] [PID.2552] =>.BlueStack Systems, Inc.®
[MD5.64A42C8B0AD4DA3D794DF73E6C73B8D1] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) -- C:\Program Files\BlueStacks\HD-UpdaterService.exe [859672] [PID.3012] =>.BlueStack Systems, Inc.®
[MD5.39B9A81D436CDA3BEE09BCCDB71DDAAC] - (.Faronics Corporation - Deep Freeze utility.) -- C:\Program Files\Faronics\Deep Freeze\Install C-0\_$Df\FrzState2k.exe [2906856] [PID.3272] =>.Faronics Corporation®
[MD5.C3BA99B08B8E6EABDAF4604227C9A335] - (.Faronics Corporation - Deep Freeze DF Locker.) -- C:\Windows\Temp\DFLocker.exe [148712] [PID.3392] =>.Faronics Corporation®
[MD5.1A5BCFC72D357830300BD3C2704EBAB9] - (.Conexant Systems Inc. - Conexant Audio Message Service.) -- C:\Windows\System32\CxAudMsg32.exe [193696] [PID.3408] =>.Conexant Systems, Inc.®
[MD5.D0020E4ACE0A932CB8ED4AE9CBB8271A] - (...) -- C:\Program Files\Droid4X\Droid4XService.exe [269312] [PID.3444]
[MD5.8DA6E39ADBD623F63E4E5FFDD2F0A800] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cistray.exe [1491128] [PID.3504] =>.Comodo Security Solutions®
[MD5.F2A930E12E33A5D0B0E914165B64F5DF] - (.Comodo Security Solutions, Inc. - GeekBuddy Remote Screen Protocol Server.) -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe [2473472] [PID.3652] =>.Comodo Security Solutions, Inc.
[MD5.6761C5500F6A54BF31BA91F409234426] - (.Malwarebytes Corporation - Malwarebytes Anti-Exploit Service.) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [740832] [PID.4032] =>.Malwarebytes Corporation®
[MD5.5CC1C1598E004E9C7C00FC9B04E21FF2] - (...) -- C:\Program Files\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [1493224] [PID.1768] {0EBD24BDFBD4ADDDD2EDD27E8FB1953C}
[MD5.09F0253CD415BC716A4132DFAEFE8CB9] - (.RealNetworks, Inc. - RealPlayer Cloud Service.) -- C:\Program Files\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141336] [PID.2312] =>.RealNetworks, Inc.®
[MD5.07D58D5F7839ABA76118BC037C2C63BD] - (.Conexant Systems, Inc. - SmartAudio Service Application.) -- C:\Windows\System32\SASrv.exe [447104] [PID.1252] =>.Conexant Systems, Inc.®
[MD5.FB31B674412D889895F4CC642850D250] - (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpnclient.exe [3956680] [PID.2608] {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
[MD5.393898B432CBB9ECBC6F41AA907807FF] - (.Synaptics Incorporated - 32-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [168688] [PID.3816] =>.Synaptics Incorporated®
[MD5.50F522BA2D9F371211035FA0F53DF864] - (.TeamViewer GmbH - TeamViewer 11.) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe [6887696] [PID.2760] =>.TeamViewer®
[MD5.1EE2546AE9E1AC323E669690F8DFF9E5] - (.Synaptics Incorporated - Synaptics TouchPad 32-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2454768] [PID.4104] =>.Synaptics Incorporated®
[MD5.2B2BB1F8BFEBE6B847FDB32F89EA2A3E] - (.VMware, Inc. - VMware NAT Service.) -- C:\Windows\System32\vmnat.exe [437976] [PID.4240] =>.VMware, Inc.®
[MD5.BD00A8CFB76E6BB0E89DB191E3712528] - (.VMware, Inc. - VMware Authorization Service.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe [87256] [PID.4464] =>.VMware, Inc.®
[MD5.338CD01BD29805A93902B9237A39CAC5] - (.VMware, Inc. - VMware VMnet DHCP service.) -- C:\Windows\System32\vmnetdhcp.exe [359128] [PID.4520] =>.VMware, Inc.®
[MD5.21C8747CF038796D59A5B88A4BAAC7B4] - (.VMware, Inc. - VMware USB Arbitration Service.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe [722624] [PID.4572] =>.VMware, Inc.®
[MD5.163E43BC69AE78F468024EC2133C94A8] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992] [PID.4908] =>.Oracle America, Inc.®
[MD5.8025F05E5A51FD499584AFD7A688423C] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6602152] [PID.5148] =>.Piriform Ltd®
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.5240] =>.Tonec Inc.®
[MD5.2177F5B6C2172D6DA69C66528DDF7D5B] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5556424] [PID.5484] =>.ESET, spol. s r.o.®
[MD5.3FB0146C98E5DC576745BCED1D623FC2] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cavwp.exe [461496] [PID.5928] =>.Comodo Security Solutions®
[MD5.FD52920F1B43AEF97C003D785B2FEFD2] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cis.exe [7851192] [PID.2196] =>.Comodo Security Solutions®
[MD5.119EDA9D849D4DE0F42A5BCF757D6CE0] - (.SafeIP - .) -- C:\Program Files\SafeIP\SafeIPS.exe [3860480] [PID.5300]
[MD5.CA59BC57CB03DC284E59846D6476399B] - (.Comodo Security Solutions, Inc. - livePCsupport Component.) -- C:\Program Files\Comodo\GeekBuddy\unit_manager.exe [784056] [PID.7720] =>.Comodo Security Solutions®
[MD5.E7429ECD0C47CC065EEACF7E9D0E6341] - (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) -- C:\Program Files\Intel\Bluetooth\devmonsrv.exe [1132920] [PID.4776] =>.Motorola Solutions Inc.®
[MD5.6A2D6E28FF19BCE6C94E0D41FFD93669] - (.Motorola Solutions, Inc. - Bluetooth Media Service.) -- C:\Program Files\Intel\Bluetooth\mediasrv.exe [1366392] [PID.3956] =>.Motorola Solutions Inc.®
[MD5.88DB2AE883901282C5B080ADEB41EFCA] - (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) -- C:\Program Files\Intel\Bluetooth\obexsrv.exe [1153400] [PID.7128] =>.Motorola Solutions Inc.®
[MD5.C53B51794903CDA88CD135014C3E90F5] - (.Oracle Corporation - Java Update Checker.) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe [926768] [PID.9576] =>.Oracle America, Inc.®
[MD5.8F371730BCCA56031F716E0C6B66814D] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [183536] [PID.2276] =>.Synaptics Incorporated®
[MD5.63C0B874A0FFCDA3ABB20BA4B7676B95] - (.VMware, Inc. - VMware VPrint Proxy.) -- C:\Program Files\VMware\VMware Player\vprintproxy.exe [19160] [PID.6908] =>.VMware, Inc.®
[MD5.F2616FED761E6A681A18A3E2BD27EF04] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3825232] [PID.11492] =>.Tonec Inc.
[MD5.5501A4C977CA0F0021E54CF532503E32] - (.Comodo - Chromodo.) -- C:\Program Files\Comodo\Chromodo\chromodo_updater.exe [2297528] [PID.12980] =>.Comodo Security Solutions®
[MD5.7896A552726DCE86DFBC43A9CDD328A4] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cmdvirth.exe [1670840] [PID.12040] =>.Comodo Security Solutions®
[MD5.08AEF77D0762717ADE7158F763BB081D] - (.Comodo Security Solutions, Inc. - livePCsupport Component.) -- C:\Program Files\Common Files\COMODO\launcher_service.exe [76984] [PID.12380] =>.Comodo Security Solutions®
[MD5.CCBB3C81469D426354994FDB58506451] - (.Copyright © 2012 - DUC40.) -- C:\Program Files\No-IP\DUC40.exe [347648] [PID.13700]
[MD5.5A38F3BAD50558F0E09D696ACF612D9E] - (.Copyright © 2012 - ducservice.) -- C:\Program Files\No-IP\ducservice.exe [12288] [PID.5724]
[MD5.7DBA1F4E48C3FEAA34F6648A469F210D] - (.Baidu.com, Inc. - spark.) -- C:\Program Files\baidu\Baidu Browser\SparkUpdate.exe [1372472] [PID.13708] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
[MD5.80B72881A9BDDA484867F22DDC2E84DD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [392136] [PID.5532] =>.Mozilla Corporation®
[MD5.CAA3D967EC47D26B17A44D243995510B] - (.Alexander Roshal - WinRAR archiver.) -- C:\Program Files\WinRAR\WinRAR.exe [1437688] [PID.12236] =>.win.rar GmbH®
[MD5.E2292C92A30A63CB54FCEE377D790E7D] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [28917376] [PID.4236] =>.Skype Software Sarl®
[MD5.E2292C92A30A63CB54FCEE377D790E7D] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [28917376] [PID.2420] =>.Skype Software Sarl®
[MD5.6298F3ACEEC7DCF7F454B2B0D93FCDD0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\ابداع\Downloads\ZHPDiag3.exe [2162688] [PID.10676] =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (11) - 1s
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [gkojfkhlekighikafcpjkiklfbnlmeio] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealPlayer Downloader
G2 - GCE: Preference [User Data\Default] [jeaohhlajejodfjadcponpnjgkiikocn] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [opalpjjboefohnelaemnhdhlceibbcgl] Hola - Unlimited Proxy VPN
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 1s
M0 - MFSP: prefs.js [ابداع - j0t1qgf5.default] http://us.yahoo.com?fr=fp-comodo
P2 - EXT FILE: (...) -- C:\Users\ابداع\AppData\Roaming\Mozilla\Firefox\Profiles\j0t1qgf5.default\extensions\client@anonymox.net.xpi
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_20_0_0_267.dll =>.Adobe Systems Incorporated

---\\ Internet Explorer Extensions, Start, Search (4) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.haokan123.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (23)

---\\ Browser Helper Object (BHO) (6) - 1s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll =>.Oracle America, Inc.®

---\\ Auto loading programs from Registry and folders (17) - 1s
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.®
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cistray.exe =>.Comodo Security Solutions®
O4 - HKLM\..\RunOnce: [{dca572ee-b6f6-4560-9879-fec58cc0022c}] . (.Microsoft Corporation - Microsoft Visual Studio Ultimate 2013 with.) -- C:\ProgramData\Package Cache\{dca572ee-b6f6-4560-9879-fec58cc0022c}\vs_ultimate.exe =>.Microsoft Corporation®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKCU\..\Run: [c1fbcceda94af384384c8ff38770d448] . (...) -- C:\Users\ابداع\AppData\Roaming\svchost.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe =>.Adobe Systems Incorporated®
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (.not file.)
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - ‎‎MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - ‎‎MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1779572949-1098654328-2781608554-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\S-1-5-21-1779572949-1098654328-2781608554-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKUS\S-1-5-21-1779572949-1098654328-2781608554-1000\..\Run: [c1fbcceda94af384384c8ff38770d448] . (...) -- C:\Users\ابداع\AppData\Roaming\svchost.exe
O4 - HKUS\S-1-5-21-1779572949-1098654328-2781608554-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe =>.Adobe Systems Incorporated®

---\\ Global shortcuts Startup (166) - 46s
O4 - GS\Desktop [Administrator]: FlyVPN.lnk . (.www.flyvpn.com - FlyVPN.) C:\Program Files\FlyVPN\FlyVPN.exe {1121B7225F596FBEADC5B4D07694003A0917}
O4 - GS\Desktop [Administrator]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Administrator]: Photoshop CS5 ME.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Photoshop CS5 ME\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Administrator]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Desktop [Administrator]: Process Hacker 2 (2).lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [Administrator]: Process Hacker 2.lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [Administrator]: Router Screen Capture.lnk . (.PcWinTech.com - .) C:\RS_Capture\RS_Capture.exe =>.PcWinTech.com
O4 - GS\Desktop [Administrator]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Desktop [Administrator]: TiGeR FireWall.lnk . (.VB_SMITTEN SOFTWARE - TiGeR FireWall Pro.) C:\Program Files\TiGeR FireWall\TiGeR-Firewall.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ابداع\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Administrator]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\Quicklaunch [Administrator]: Ela-Salaty.lnk . (.www.ela-salaty.com - Muslims Prayer Time Reminder..) C:\Program Files\Ela-Salaty\Salaty.exe
O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {11D67F2AF7440EBA275E7E62F6B634FF} =>.Gretech Corp.
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Quicklaunch [Administrator]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Quicklaunch [Administrator]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\Quicklaunch [Administrator]: Sothink Logo Maker Professional.lnk . (.SourceTec - Logo Maker Professional.) C:\Program Files\SourceTec\Sothink Logo Maker Professional\LogoMakerPro.exe {2B82ABA86D863021CD8B799A9D366BE1} =>.SourceTec
O4 - GS\Quicklaunch [Administrator]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Quicklaunch [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Administrator]: متصفح الوب المحمى.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Administrator]: Sandboxie - DefaultBox.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\sendTo [Administrator]: WinSCP (for upload).lnk . (.Martin Prikryl - WinSCP: SFTP, FTP and SCP client.) C:\Program Files\WinSCP\WinSCP.exe =>.Martin Prikryl®
O4 - GS\TaskBar [Administrator]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\TaskBar [Administrator]: DUC.lnk . (.Copyright © 2012 - DUC40.) C:\Program Files\No-IP\DUC40.exe
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Administrator]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Administrator]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\TaskBar [Administrator]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\TaskBar [Administrator]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Startup [Administrator]: cahe free.lnk . (...) C:\Users\ابداع\AppData\Roaming\svchost.exe
O4 - GS\Desktop [Guest]: FlyVPN.lnk . (.www.flyvpn.com - FlyVPN.) C:\Program Files\FlyVPN\FlyVPN.exe {1121B7225F596FBEADC5B4D07694003A0917}
O4 - GS\Desktop [Guest]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Guest]: Photoshop CS5 ME.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Photoshop CS5 ME\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [Guest]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Desktop [Guest]: Process Hacker 2 (2).lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [Guest]: Process Hacker 2.lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [Guest]: Router Screen Capture.lnk . (.PcWinTech.com - .) C:\RS_Capture\RS_Capture.exe =>.PcWinTech.com
O4 - GS\Desktop [Guest]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Desktop [Guest]: TiGeR FireWall.lnk . (.VB_SMITTEN SOFTWARE - TiGeR FireWall Pro.) C:\Program Files\TiGeR FireWall\TiGeR-Firewall.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ابداع\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Guest]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\Quicklaunch [Guest]: Ela-Salaty.lnk . (.www.ela-salaty.com - Muslims Prayer Time Reminder..) C:\Program Files\Ela-Salaty\Salaty.exe
O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {11D67F2AF7440EBA275E7E62F6B634FF} =>.Gretech Corp.
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Quicklaunch [Guest]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Quicklaunch [Guest]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\Quicklaunch [Guest]: Sothink Logo Maker Professional.lnk . (.SourceTec - Logo Maker Professional.) C:\Program Files\SourceTec\Sothink Logo Maker Professional\LogoMakerPro.exe {2B82ABA86D863021CD8B799A9D366BE1} =>.SourceTec
O4 - GS\Quicklaunch [Guest]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Quicklaunch [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [Guest]: متصفح الوب المحمى.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [Guest]: Sandboxie - DefaultBox.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\sendTo [Guest]: WinSCP (for upload).lnk . (.Martin Prikryl - WinSCP: SFTP, FTP and SCP client.) C:\Program Files\WinSCP\WinSCP.exe =>.Martin Prikryl®
O4 - GS\TaskBar [Guest]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\TaskBar [Guest]: DUC.lnk . (.Copyright © 2012 - DUC40.) C:\Program Files\No-IP\DUC40.exe
O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [Guest]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [Guest]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\TaskBar [Guest]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\TaskBar [Guest]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Startup [Guest]: cahe free.lnk . (...) C:\Users\ابداع\AppData\Roaming\svchost.exe
O4 - GS\Desktop [VUSR_ابداع-PC]: FlyVPN.lnk . (.www.flyvpn.com - FlyVPN.) C:\Program Files\FlyVPN\FlyVPN.exe {1121B7225F596FBEADC5B4D07694003A0917}
O4 - GS\Desktop [VUSR_ابداع-PC]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\Desktop [VUSR_ابداع-PC]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [VUSR_ابداع-PC]: Photoshop CS5 ME.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Photoshop CS5 ME\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [VUSR_ابداع-PC]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Desktop [VUSR_ابداع-PC]: Process Hacker 2 (2).lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [VUSR_ابداع-PC]: Process Hacker 2.lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [VUSR_ابداع-PC]: Router Screen Capture.lnk . (.PcWinTech.com - .) C:\RS_Capture\RS_Capture.exe =>.PcWinTech.com
O4 - GS\Desktop [VUSR_ابداع-PC]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Desktop [VUSR_ابداع-PC]: TiGeR FireWall.lnk . (.VB_SMITTEN SOFTWARE - TiGeR FireWall Pro.) C:\Program Files\TiGeR FireWall\TiGeR-Firewall.exe
O4 - GS\Desktop [VUSR_ابداع-PC]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ابداع\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [VUSR_ابداع-PC]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: Ela-Salaty.lnk . (.www.ela-salaty.com - Muslims Prayer Time Reminder..) C:\Program Files\Ela-Salaty\Salaty.exe
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {11D67F2AF7440EBA275E7E62F6B634FF} =>.Gretech Corp.
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: Sothink Logo Maker Professional.lnk . (.SourceTec - Logo Maker Professional.) C:\Program Files\SourceTec\Sothink Logo Maker Professional\LogoMakerPro.exe {2B82ABA86D863021CD8B799A9D366BE1} =>.SourceTec
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [VUSR_ابداع-PC]: متصفح الوب المحمى.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [VUSR_ابداع-PC]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [VUSR_ابداع-PC]: Sandboxie - DefaultBox.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [VUSR_ابداع-PC]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\sendTo [VUSR_ابداع-PC]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\sendTo [VUSR_ابداع-PC]: WinSCP (for upload).lnk . (.Martin Prikryl - WinSCP: SFTP, FTP and SCP client.) C:\Program Files\WinSCP\WinSCP.exe =>.Martin Prikryl®
O4 - GS\TaskBar [VUSR_ابداع-PC]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\TaskBar [VUSR_ابداع-PC]: DUC.lnk . (.Copyright © 2012 - DUC40.) C:\Program Files\No-IP\DUC40.exe
O4 - GS\TaskBar [VUSR_ابداع-PC]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [VUSR_ابداع-PC]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\TaskBar [VUSR_ابداع-PC]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [VUSR_ابداع-PC]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\TaskBar [VUSR_ابداع-PC]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\TaskBar [VUSR_ابداع-PC]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Startup [VUSR_ابداع-PC]: cahe free.lnk . (...) C:\Users\ابداع\AppData\Roaming\svchost.exe
O4 - GS\Desktop [ابداع]: FlyVPN.lnk . (.www.flyvpn.com - FlyVPN.) C:\Program Files\FlyVPN\FlyVPN.exe {1121B7225F596FBEADC5B4D07694003A0917}
O4 - GS\Desktop [ابداع]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\Desktop [ابداع]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [ابداع]: Photoshop CS5 ME.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Photoshop CS5 ME\Photoshop.exe =>.Adobe Systems Incorporated®
O4 - GS\Desktop [ابداع]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Desktop [ابداع]: Process Hacker 2 (2).lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [ابداع]: Process Hacker 2.lnk . (.wj32 - Process Hacker.) C:\Program Files\Process Hacker 2\ProcessHacker.exe {0FF1EF66BD621C65B74B4DE41425717F} =>.wj32
O4 - GS\Desktop [ابداع]: Router Screen Capture.lnk . (.PcWinTech.com - .) C:\RS_Capture\RS_Capture.exe =>.PcWinTech.com
O4 - GS\Desktop [ابداع]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Desktop [ابداع]: TiGeR FireWall.lnk . (.VB_SMITTEN SOFTWARE - TiGeR FireWall Pro.) C:\Program Files\TiGeR FireWall\TiGeR-Firewall.exe
O4 - GS\Desktop [ابداع]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ابداع\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Desktop [ابداع]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [ابداع]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\Quicklaunch [ابداع]: Ela-Salaty.lnk . (.www.ela-salaty.com - Muslims Prayer Time Reminder..) C:\Program Files\Ela-Salaty\Salaty.exe
O4 - GS\Quicklaunch [ابداع]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {11D67F2AF7440EBA275E7E62F6B634FF} =>.Gretech Corp.
O4 - GS\Quicklaunch [ابداع]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [ابداع]: PortExpert.lnk . (.KC Softwares - Cybersecurity at your finge tips.) C:\Program Files\KC Softwares\PortExpert\PortExpert.exe =>.KC Softwares®
O4 - GS\Quicklaunch [ابداع]: SafeIP.lnk . (.SafeIP - .) C:\Program Files\SafeIP\SafeIP.exe {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O4 - GS\Quicklaunch [ابداع]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\Quicklaunch [ابداع]: Sothink Logo Maker Professional.lnk . (.SourceTec - Logo Maker Professional.) C:\Program Files\SourceTec\Sothink Logo Maker Professional\LogoMakerPro.exe {2B82ABA86D863021CD8B799A9D366BE1} =>.SourceTec
O4 - GS\Quicklaunch [ابداع]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Quicklaunch [ابداع]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc®
O4 - GS\Quicklaunch [ابداع]: متصفح الوب المحمى.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [ابداع]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time
O4 - GS\sendTo [ابداع]: Sandboxie - DefaultBox.lnk . (.Sandboxie Holdings, LLC - Sandboxie Start.) C:\Program Files\Sandboxie\Start.exe =>.Invincea, Inc.®
O4 - GS\sendTo [ابداع]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl®
O4 - GS\sendTo [ابداع]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files\TeamViewer\TeamViewer.exe =>.TeamViewer®
O4 - GS\sendTo [ابداع]: WinSCP (for upload).lnk . (.Martin Prikryl - WinSCP: SFTP, FTP and SCP client.) C:\Program Files\WinSCP\WinSCP.exe =>.Martin Prikryl®
O4 - GS\TaskBar [ابداع]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\TaskBar [ابداع]: DUC.lnk . (.Copyright © 2012 - DUC40.) C:\Program Files\No-IP\DUC40.exe
O4 - GS\TaskBar [ابداع]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\TaskBar [ابداع]: GTA V.lnk . (.XB36Hazard - GTA V Save Editor.) C:\Program Files\GTA V\GTA V.exe
O4 - GS\TaskBar [ابداع]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\TaskBar [ابداع]: Shadow Defender.lnk . (.SHADOWDEFENDER.COM - Shadow Defender Application.) C:\Program Files\Shadow Defender\Defender.exe {6E47A70BFCE998BFCD7998A98DD821D2}
O4 - GS\TaskBar [ابداع]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\TaskBar [ابداع]: VMware Player.lnk . (.VMware, Inc. - VMware Player.) C:\Program Files\VMware\VMware Player\vmplayer.exe =>.VMware, Inc.®
O4 - GS\Startup [ابداع]: cahe free.lnk . (...) C:\Users\ابداع\AppData\Roaming\svchost.exe
O4 - GS\CommonDesktop [Public]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\CommonDesktop [Public]: BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks App Player.) C:\ProgramData\BlueStacksGameManager\BlueStacks.exe =>.BlueStack Systems, Inc.®
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: COMODO Firewall.lnk . (.COMODO - COMODO Internet Security.) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe =>.Comodo Security Solutions®
O4 - GS\CommonDesktop [Public]: Facebook.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\CommonDesktop [Public]: GeekBuddy.lnk . (.Comodo Security Solutions, Inc. - livePCsupport Component.) C:\Program Files\Comodo\GeekBuddy\launcher.exe =>.Comodo Security Solutions®
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Google.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O4 - GS\CommonDesktop [Public]: Internet (Chromodo).lnk . (.Comodo - Chromodo.) C:\Program Files\Comodo\Chromodo\chromodo.exe =>.Comodo Security Solutions®
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: PowerISO.lnk . (.Power Software Ltd - PowerISO.) C:\Program Files\PowerISO\PowerISO.exe =>.Power Software Limited®
O4 - GS\CommonDesktop [Public]: Private Tunnel.lnk . (.OpenVPN Technologies - Private Tunnel VPN Client.) C:\Program Files\OpenVPN Technologies\PrivateTunnel\privatetunnel2.5.5.exe {0EBD24BDFBD4ADDDD2EDD27E8FB1953C} =>.OpenVPN Technologies
O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
O4 - GS\CommonDesktop [Public]: SoftEther VPN Client Manager.lnk . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) C:\Program Files\SoftEther VPN Client\vpncmgr.exe {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project at University of Tsukuba, Japan
O4 - GS\CommonDesktop [Public]: TeamSpeak 3 Client.lnk . (.TeamSpeak Systems GmbH - TeamSpeak 3 Client.) C:\Program Files\TeamSpeak 3 Client\ts3client_win32.exe =>.TeamSpeak Systems GmbH®
O4 - GS\CommonDesktop [Public]: UltraISO.lnk . (.EZB Systems, Inc. - UltraISO Premium.) C:\Program Files\UltraISO\UltraISO.exe =>.SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.®
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc

---\\ Winsock hijacker (Layered Service Provider) (5) - 0s
O10 - WLSP:\Catalog_Entries\000000000001\Winsock LSP File . (.SafeIP.) -- C:\Windows\System32\SafeIPs.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000002\Winsock LSP File . (.SafeIP.) -- C:\Windows\System32\SafeIPs.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000003\Winsock LSP File . (.SafeIP.) -- C:\Windows\System32\SafeIPs.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000004\Winsock LSP File . (.SafeIP.) -- C:\Windows\System32\SafeIPs.dll =>Hijacker.Winsock
O10 - WLSP:\Catalog_Entries\000000000018\Winsock LSP File . (.SafeIP.) -- C:\Windows\System32\SafeIPs.dll =>Hijacker.Winsock

---\\ Lop.com/Domain Hijackers (5) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{97A70E30-B46D-412C-9C9C-6CA95DDC720E}: NameServer = 188.121.254.253 188.121.254.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{B804C6C7-2BEF-42D3-9734-46503E36A1B1}: NameServer = 156.154.70.25,156.154.71.25
O17 - HKLM\System\CCS\Services\Tcpip\..\{6645E579-B9E7-4F7B-8984-2181B6496384}: DhcpNameServer = 68.168.114.253 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{DE7B38CE-9724-41BD-A717-1519842DE3F7}: DhcpNameServer = 192.168.1.1 192.168.1.1

---\\ Extra protocols (25) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl®
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation®

---\\ Software installed (109) - 50s
O42 - Logiciel: .NET Reflector Desktop - (.Red Gate Software Ltd.) [HKLM] -- {3450CBDE-2AE7-4FB8-93E3-37995ADE4F13} =>.Red Gate Software Ltd
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Flash Player 17 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC} =>.Adobe Systems, Inc.
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player =>.Adobe Systems, Inc.
O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc.) [HKLM] -- {315BE77E-D725-477D-9C71-63F78844363C} =>.Adobe Systems, Inc
O42 - Logiciel: Advanced RAR Repair v1.2 - (...) [HKLM] -- Advanced RAR Repair v1.2
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} =>.Alps Electric Co., LTD.®
O42 - Logiciel: Andy OS - (.Andy OS, Inc.) [HKLM] -- Andy OS
O42 - Logiciel: ASPack 2.39 - (...) [HKLM] -- ASPack_is1
O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM] -- Spark =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O42 - Logiciel: BeeThink IP Blocker 2.0 - (.BeeThink Software, Inc..) [HKLM] -- BeeThink IP Blocker_is1
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM] -- {AF0D9073-1AE0-4C21-AA70-41294AEFBDFD} =>.BlueStack Systems, Inc.
O42 - Logiciel: Bruteforce Save Data - (...) [HKLM] -- Bruteforce Save Data
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: Chromodo - (.Comodo.) [HKLM] -- Chromodo =>.Comodo Security Solutions®
O42 - Logiciel: CodeWall 2010 - (.CodeWall Technologies.) [HKLM] -- {C7C5B9D0-B580-465B-8856-93CC133DCB26}_is1
O42 - Logiciel: COMODO Firewall - (.COMODO Security Solutions Inc..) [HKLM] -- {04833277-EE61-4251-9273-0CF86C0FE710} =>.COMODO Security Solutions Inc.
O42 - Logiciel: Delete Doctor 2.3 - (...) [HKLM] -- Delete Doctor
O42 - Logiciel: Dolby Advanced Audio v2 - (.Dolby Laboratories Inc.) [HKLM] -- {B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613} =>.Dolby Laboratories Inc
O42 - Logiciel: Droid4X - (.Haiyu Dongxiang Co.,Ltd..) [HKLM] -- Droid4X
O42 - Logiciel: Ela-Salaty - (.Ela-Salaty.) [HKLM] -- Ela-Salaty =>.Ela-Salaty
O42 - Logiciel: Entity Framework Designer for Visual Studio 2012 - enu - (.Microsoft Corporation.) [HKLM] -- {0A1A1D48-DB23-443A-BC7B-49255D138020} =>.Microsoft Corporation
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {993949EA-4382-4C42-A8B0-16FB3D4F8CF8} =>.ESET, spol. s r.o.
O42 - Logiciel: FileZilla Client 3.14.1 - (.Tim Kosse.) [HKLM] -- FileZilla Client =>.Tim Kosse
O42 - Logiciel: FlyVPN - (.FlyVPN.) [HKLM] -- FlyVPN
O42 - Logiciel: FormatFactory 3.0.1 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time
O42 - Logiciel: GeekBuddy - (.Comodo Security Solutions Inc.) [HKLM] -- {88FA2B0F-1999-4AAC-A616-8DEA8307CDBC}
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc.
O42 - Logiciel: GTA V - (.XB36Hazard.) [HKLM] -- GTA V
O42 - Logiciel: Hex Workshop v6.8 - (.BreakPoint Software.) [HKLM] -- {A36AC685-4435-4C16-861F-221231DE165D}
O42 - Logiciel: IIS 8.0 Express - (.Microsoft Corporation.) [HKLM] -- {B8FFB7D6-6ABD-47C3-8BAD-86FF5D8F3EDC} =>.Microsoft Corporation
O42 - Logiciel: IIS Express Application Compatibility Database for x86 - (...) [HKLM] -- {fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation®
O42 - Logiciel: Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version - (.Intel Corporation.) [HKLM] -- {302600C1-6BDF-4FD1-1307-148929CC1385} =>.Intel Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java 8 Update 73 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218073F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: KC Softwares PortExpert - (.KC Softwares.) [HKLM] -- KC Softwares PortExpert_is1 =>.KC Softwares®
O42 - Logiciel: KeyScrambler - (.QFX Software Corporation.) [HKLM] -- KeyScrambler =>.QFX Software Corporation
O42 - Logiciel: Lenovo EasyCamera - (.Realtek Semiconductor Corp..) [HKLM] -- {E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Malwarebytes Anti-Exploit version 1.8.1.1189 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Exploit_is1 =>.Malwarebytes
O42 - Logiciel: Malwarebytes Anti-Malware النسخة 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM] -- MEGAsync =>.MEGA Limited
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight 4 SDK - (.Microsoft Corporation.) [HKLM] -- {189AEA94-DAFB-487A-8CEE-F9D3DDE0A748} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Silverlight 5 SDK - (.Microsoft Corporation.) [HKLM] -- {E1FBB3D4-ADB0-4949-B101-855DA061C735} =>.Microsoft Corporation
O42 - Logiciel: Microsoft System CLR Types for SQL Server 2012 - (.Microsoft Corporation.) [HKLM] -- {070C38AC-05CE-43DF-9A20-141332F6AB2B} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (...) [HKLM] -- MSTTS
O42 - Logiciel: Microsoft VM for Java - (...) [HKLM] -- MsJavaVM
O42 - Logiciel: Microsoft Web Deploy 3.0 - (.Microsoft Corporation.) [HKLM] -- {E43AC95E-66B0-4CEC-AADD-C9BFEF5A4C0A} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Web Deploy dbSqlPackage Provider - enu - (.Microsoft Corporation.) [HKLM] -- {E4C33F5B-1B2F-466E-957E-B274F08151A0} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Web Platform Installer 4.0 - (.Microsoft Corporation.) [HKLM] -- {1F4DF099-EA5C-482D-9901-C0A8B539B417} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Web Publishing Wizard 1.53 - (...) [HKLM] -- WebPost
O42 - Logiciel: Mozilla Firefox 45.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 45.0.1 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: Node.js - (.Joyent, Inc. and other Node contributors.) [HKLM] -- {BA5AF894-392B-42F6-93DD-5FC7DD6972A9} =>.Joyent, Inc. and other Node contributors
O42 - Logiciel: No-IP DUC - (.Vitalwerks Internet Solutions LLC.) [HKLM] -- NoIPDUC =>.Vitalwerks Internet Solutions LLC
O42 - Logiciel: Nsauditor 3.0.6 - (.Nsasoft LLC..) [HKLM] -- Nsauditor_is1
O42 - Logiciel: Oracle VM VirtualBox 4.3.12_ZZZZ - (.Oracle Corporation.) [HKLM] -- {D90E08B8-E7BB-4D29-8249-8670D4CC24BD} =>.Oracle Corporation
O42 - Logiciel: Photoshop CS5 ME trigun - (...) [HKLM] -- Photoshop CS5 ME trigun
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: Prerequisites for SSDT - (.Microsoft Corporation.) [HKLM] -- {9169C939-ED01-446A-BD0C-29873BAF4E48} =>.Microsoft Corporation
O42 - Logiciel: PrivateTunnel - (.OpenVPN Technologies.) [HKLM] -- PrivateTunnel =>.OpenVPN Technologies
O42 - Logiciel: Process Hacker 2.38 (r343) - (.wj32.) [HKLM] -- Process_Hacker2_is1 =>.wj32
O42 - Logiciel: Pure Codec - (.Nick.) [HKLM] -- PureCodec
O42 - Logiciel: Quran in Ms Word - (.Taufiq Product, Inc..) [HKLM] -- Quran in Ms Word_is1
O42 - Logiciel: Router Screen Capture - (.PcWinTech.com.) [HKLM] -- Router Screen Capture =>.PcWinTech.com
O42 - Logiciel: SafeIP - (.SafeIP.) [HKLM] -- SAFEIP_is1
O42 - Logiciel: Sandboxie 5.10 (32-bit) - (.Sandboxie Holdings, LLC.) [HKLM] -- Sandboxie =>.Invincea, Inc.®
O42 - Logiciel: SFX Compiler - (...) [HKLM] -- SFX Compiler
O42 - Logiciel: Shadow Defender - (.ShadowDefender.com.) [HKLM] -- {93A07A0D-454E-43d1-86A9-5DE9C5F4411A} {6E47A70BFCE998BFCD7998A98DD821D2}
O42 - Logiciel: SharePoint Client Components - (.Microsoft Corporation.) [HKLM] -- {95160001-1163-0409-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation
O42 - Logiciel: Skype™ 7.5 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A.
O42 - Logiciel: SoftEther VPN Client - (.SoftEther VPN Project.) [HKLM] -- softether_sevpnclient {1121D141C3B78476420DAB37340E68978A6E} =>.SoftEther VPN Project
O42 - Logiciel: Sothink Logo Maker Professional - (.SourceTec Software Co., LTD.) [HKLM] -- {574FFDC9-AB09-4C4A-B7BE-C6066502181A}_is1
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} =>.Adobe Systems, Inc
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey =>.Synaptics Incorporated
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client =>.TeamSpeak Systems GmbH
O42 - Logiciel: TeamViewer 11 - (.TeamViewer.) [HKLM] -- TeamViewer =>.TeamViewer®
O42 - Logiciel: TiGeR FireWall - (.VB_SMITTEN SOFTWARE.) [HKLM] -- TiGeR FireWall2.0
O42 - Logiciel: tools-linux - (.VMware, Inc..) [HKLM] -- {D102611A-6466-4101-A51D-51069303AC65} =>.VMware, Inc.
O42 - Logiciel: UltraISO Premium V9.65 - (...) [HKLM] -- UltraISO_is1
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb
O42 - Logiciel: Update for (KB2504637) - (.Microsoft Corporation.) [HKLM] -- {CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637 =>.Microsoft Corporation
O42 - Logiciel: UpdateService - (.RealNetworks, Inc..) [HKLM] -- {E3AE96D6-E196-45B4-AF62-2B41998B9E37} =>.RealNetworks, Inc.
O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421} =>.DivX, Inc
O42 - Logiciel: Virtual Audio Cable 4.10 - (...) [HKLM] -- Virtual Audio Cable 4.10 =>.NTONYX Ltd.®
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: VMware Player - (.VMware, Inc..) [HKLM] -- {E452E727-86B8-4233-8CC3-41FD817AFAFF} =>.VMware, Inc.
O42 - Logiciel: VMware VIX - (.VMware, Inc..) [HKLM] -- {F99FC179-EA67-4BBC-8955-BDDA0CB94B88} =>.VMware, Inc.
O42 - Logiciel: WCF RIA Services V1.0 SP2 - (.Microsoft Corporation.) [HKLM] -- {3A523AF9-D32F-4C85-8388-0335731F3405} =>.Microsoft Corporation
O42 - Logiciel: WhySoSlow 0.96 - (.Resplendence Software Projects Sp..) [HKLM] -- WhySoSlowPro_is1 =>.Resplendence Software Projects Sp.
O42 - Logiciel: Windows App Certification Kit Native Components - (.Microsoft Corporation.) [HKLM] -- {AD17194D-3829-E59E-99A4-EC47097722CA} =>.Microsoft Corporation
O42 - Logiciel: Windows Phone 8.1 SDK - Desktop - (.Microsoft Corporation.) [HKLM] -- {AEBB5873-1DF6-4190-98D8-D9FC5144EB3B} =>.Microsoft Corporation
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst =>.CACE Technologies
O42 - Logiciel: WinRAR 5.30 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinSCP 5.7.3 - (.Martin Prikryl.) [HKLM] -- winscp3_is1 =>.Martin Prikryl®
O42 - Logiciel: YTD Video Downloader 5.1.1 - (.GreenTree Applications SRL.) [HKLM] -- {1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
O42 - Logiciel: ZIPmagic - (.Simon King.) [HKLM] -- {7DAE9224-819D-4E66-9C97-35B7E73AFD49}
O42 - Logiciel: الوافي الذهبي - (...) [HKLM] -- الوافي الذهبي_is1

---\\ HKCU & HKLM Software Keys (211) - 50s
HKLM\SOFTWARE\3dtv.at
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Alps
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\AviSynth
HKLM\SOFTWARE\Babylon =>PUP.Optional.Babylon
HKLM\SOFTWARE\Baidu
HKLM\SOFTWARE\BlueStacks
HKLM\SOFTWARE\BlueStacksGameManager
HKLM\SOFTWARE\BreakPoint
HKLM\SOFTWARE\Caphyon
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Chromium
HKLM\SOFTWARE\Chromodo
HKLM\SOFTWARE\Cnxt_Uiu_Parms
HKLM\SOFTWARE\COMODO
HKLM\SOFTWARE\ComodoGroup
HKLM\SOFTWARE\Conexant
HKLM\SOFTWARE\CoreCodec
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\Cypress Keyboard Filter Driver
HKLM\SOFTWARE\DivX
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\Dolby
HKLM\SOFTWARE\EasyBoot Systems
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Faronics
HKLM\SOFTWARE\FileZilla 3
HKLM\SOFTWARE\FileZilla Client
HKLM\SOFTWARE\GeekBuddyRSP
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Golden Al-Wafi Translator
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GRETECH
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\InstalledOptions
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\KCB
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\Lake
HKLM\SOFTWARE\Lenovo
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes Anti-Exploit
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Martin Prikryl
HKLM\SOFTWARE\MimarSinan
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Node.js
HKLM\SOFTWARE\NuGet
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\On2 Technologies
HKLM\SOFTWARE\Oracle
HKLM\SOFTWARE\Patch My PC
HKLM\SOFTWARE\PIP =>Toolbar.Ask
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\PowerISO
HKLM\SOFTWARE\PrivateTunnel
HKLM\SOFTWARE\PureCodec
HKLM\SOFTWARE\QFX Software
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Red Gate
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\S3R521
HKLM\SOFTWARE\Shadow Defender
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Soeperman Enterprises Ltd.
HKLM\SOFTWARE\SoftEther Project
HKLM\SOFTWARE\Software
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SourceCodeControlProvider
HKLM\SOFTWARE\SourceTec
HKLM\SOFTWARE\Synaptics
HKLM\SOFTWARE\TeamSpeak 3 Client
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\ThinPrint
HKLM\SOFTWARE\Toshiba
HKLM\SOFTWARE\TrendMicro
HKLM\SOFTWARE\TVInstallTemp
HKLM\SOFTWARE\UIU
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Vitalwerks
HKLM\SOFTWARE\VMware, Inc.
HKLM\SOFTWARE\Voice
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Xing Technology Corp.
HKCU\SOFTWARE\0932343ebc836c39c857a65dc20ea0fb =>PUP.Optional.CrossRider
HKCU\SOFTWARE\13b744fe92a3e5c630f8f3abb1fe36d1 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\23556fb1360f366337f97c924e76ead3 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\6e4916d81978de39ad3dbae2a458fe60 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\7-ZIP
HKCU\SOFTWARE\984559f52d4087243e95e5ad9bb48e8d =>PUP.Optional.CrossRider
HKCU\SOFTWARE\???????????????????????????????????????????????????"?????????
HKCU\SOFTWARE\AC3Filter
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Andy
HKCU\SOFTWARE\APN PIP =>.Superfluous.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ARAR
HKCU\SOFTWARE\ASPack
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BasicScript Program Settings
HKCU\SOFTWARE\BeeThink
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BreakPoint
HKCU\SOFTWARE\BreakPoint License Manager
HKCU\SOFTWARE\c1fbcceda94af384384c8ff38770d448 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\c25b8192b99348e89785aab790446370 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CodeWall
HKCU\SOFTWARE\ComodoGroup
HKCU\SOFTWARE\Conexant
HKCU\SOFTWARE\CoreCodec
HKCU\SOFTWARE\d761084bef63be7e031d4cb42cbf81e5 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\DAUM
HKCU\SOFTWARE\DivX
HKCU\SOFTWARE\Dolby
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DScaler5
HKCU\SOFTWARE\EasyBoot Systems
HKCU\SOFTWARE\Ela-Salaty
HKCU\SOFTWARE\Elecard
HKCU\SOFTWARE\Enterprise DDNS Client
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FlyVPN
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\FrenchModdingTeam
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GreenTree Applications =>.Superfluous.GreenTreeApp
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hallaj PRO Rat [Fixed]
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\InterVideo
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\KC Softwares
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Martin Prikryl
HKCU\SOFTWARE\MassTube
HKCU\SOFTWARE\MimarSinan
HKCU\SOFTWARE\Moonlight Cordless
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\njRAT v0.6.4
HKCU\SOFTWARE\njRAT v0.7d
HKCU\SOFTWARE\Node.js
HKCU\SOFTWARE\Nsauditor
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PEiD
HKCU\SOFTWARE\PIP =>Toolbar.Ask
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
HKCU\SOFTWARE\PureCodec
HKCU\SOFTWARE\QFX Software
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Red Gate
HKCU\SOFTWARE\Red Gate Software Ltd.
HKCU\SOFTWARE\Resplendence Sp
HKCU\SOFTWARE\SafeIP
HKCU\SOFTWARE\Server
HKCU\SOFTWARE\SimonTatham
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\SourceForge
HKCU\SOFTWARE\SourceTec
HKCU\SOFTWARE\StarForce
HKCU\SOFTWARE\Synaptics
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Thingummy Software
HKCU\SOFTWARE\Tomabo
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\University of Tsukuba
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Vitalwerks
HKCU\SOFTWARE\VMware, Inc.
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\XtremeRAT
HKCU\SOFTWARE\XtremeRAT-DISCLAIMER
HKCU\SOFTWARE\yahoo =>.Yahoo!
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Macromedia
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint

---\\ Contents of the Common Files folders (327) - 114s
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Andy
O43 - CFD: 21/02/2016 - [] D -- C:\Program Files\AndyOfflineInstaller46.2 =>.Andy OS Inc®
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Apoint2K =>.Alps Electric Co., LTD.®
O43 - CFD: 30/05/2015 - [] D -- C:\Program Files\Application Verifier
O43 - CFD: 02/06/2015 - [] D -- C:\Program Files\ARAR
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Armor2net
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\ASPack {392A5D521042412648E0C8FCB1858110}
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\AviSynth 2.5
O43 - CFD: 26/03/2016 - [] D -- C:\Program Files\baidu =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\BeeThink IP_Blocker_2.0
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\BlueStacks
O43 - CFD: 11/03/2016 - [] D -- C:\Program Files\BreakPoint Software {0AC3CF34686D1BFF5FC6519BD737B0C5}
O43 - CFD: 30/12/2015 - [] D -- C:\Program Files\Bruteforce Save Data
O43 - CFD: 26/03/2016 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 06/06/2015 - [] D -- C:\Program Files\CodeWall 4
O43 - CFD: 28/03/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files\Comodo =>.Comodo Security Solutions®
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\CONEXANT =>.Conexant Systems, Inc.®
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files\CyberGhost 5 =>.CyberGhost S.R.L.®
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Cypress
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Delete Doctor
O43 - CFD: 09/10/2009 - [] D -- C:\Program Files\DIC32
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Dolby Advanced Audio v2 =>.Dolby Laboratories, Inc.®
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\Droid4X
O43 - CFD: 20/02/2016 - [] D -- C:\Program Files\Droid4Xext
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 14/11/2015 - [] D -- C:\Program Files\Ela-Salaty
O43 - CFD: 09/01/2016 - [0] D -- C:\Program Files\Enterprise DDNS Client
O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 06/06/2015 - [] D -- C:\Program Files\Faronics
O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\FileZilla FTP Client =>.Open Source Developer, Tim Kosse®
O43 - CFD: 18/03/2016 - [] D -- C:\Program Files\FlyVPN {1121B7225F596FBEADC5B4D07694003A0917}
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\FreeTime
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Golden Al-Wafi Translator
O43 - CFD: 11/03/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 18/02/2016 - [] D -- C:\Program Files\GreenTree Applications =>.Superfluous.GreenTreeApp
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\GRETECH {11D67F2AF7440EBA275E7E62F6B634FF}
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\GTA V
O43 - CFD: 25/05/2015 - [] D -- C:\Program Files\IIS =>.Microsoft Corporation®
O43 - CFD: 19/03/2016 - [] D -- C:\Program Files\IIS Express =>.Microsoft Corporation®
O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\ImageBadger
O43 - CFD: 23/03/2016 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Intel =>.Intel Corporation®
O43 - CFD: 30/12/2015 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 20/03/2016 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 11/03/2016 - [] D -- C:\Program Files\KC Softwares =>.KC Softwares®
O43 - CFD: 21/06/2015 - [] D -- C:\Program Files\KeyScrambler =>.QFX Software Corporation®
O43 - CFD: 04/02/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Exploit =>.Malwarebytes Corporation®
O43 - CFD: 31/12/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 25/05/2015 - [] D -- C:\Program Files\Microsoft =>.Microsoft Corporation®
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\Microsoft ASP.NET =>.Microsoft Corporation®
O43 - CFD: 19/03/2016 - [] D -- C:\Program Files\Microsoft Help Viewer =>.Microsoft Corporation®
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 28/03/2016 - [] D -- C:\Program Files\Microsoft SDKs =>.Microsoft Corporation®
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 30/05/2015 - [] D -- C:\Program Files\Microsoft SQL Server =>.Microsoft Corporation®
O43 - CFD: 30/05/2015 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\Microsoft Visual Studio 11.0 =>.Microsoft Corporation®
O43 - CFD: 28/03/2016 - [] D -- C:\Program Files\Microsoft Visual Studio 12.0
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 28/03/2016 - [] D -- C:\Program Files\Microsoft XDE =>.Microsoft Corporation®
O43 - CFD: 19/03/2016 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 24/03/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 24/03/2016 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 28/03/2016 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\No-IP
O43 - CFD: 31/05/2015 - [] D -- C:\Program Files\nodejs =>.Joyent, Inc®
O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\Nsauditor {14966A76CD72EED75C01DC5BDA611603}
O43 - CFD: 18/03/2016 - [] D -- C:\Program Files\OpenVPN Technologies {0EBD24BDFBD4ADDDD2EDD27E8FB1953C}
O43 - CFD: 20/02/2016 - [] D -- C:\Program Files\Oracle =>.Oracle Corporation®
O43 - CFD: 25/05/2015 - [] D -- C:\Program Files\PowerISO =>.Power Software Limited®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files\Process Hacker 2 {0FF1EF66BD621C65B74B4DE41425717F}
O43 - CFD: 31/12/2015 - [] D -- C:\Program Files\program files
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Quranzu1
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Quran_in_Word
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Real
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files\Red Gate =>.Red Gate Software Ltd®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 18/03/2016 - [] D -- C:\Program Files\SafeIP {00C8E0D1DBDC50BA107C8AF5E7CCE3D25D}
O43 - CFD: 23/03/2016 - [0] D -- C:\Program Files\Samsung
O43 - CFD: 11/03/2016 - [] D -- C:\Program Files\Sandboxie =>.Invincea, Inc.®
O43 - CFD: 13/03/2016 - [] D -- C:\Program Files\SecurityXploded
O43 - CFD: 26/05/2015 - [] D -- C:\Program Files\SFX Compiler
O43 - CFD: 11/06/2015 - [] D -- C:\Program Files\Shadow Defender {6E47A70BFCE998BFCD7998A98DD821D2}
O43 - CFD: 19/03/2016 - [] D -- C:\Program Files\SharePoint Client Components
O43 - CFD: 02/06/2015 - [] D -- C:\Program Files\Simon King
O43 - CFD: 18/02/2016 - [] RD -- C:\Program Files\Skype =>.Skype Software Sarl®
O43 - CFD: 24/03/2016 - [] D -- C:\Program Files\SoftEther VPN Client {1121D141C3B78476420DAB37340E68978A6E}
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\SourceTec {2B82ABA86D863021CD8B799A9D366BE1}
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated®
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files\TAP-Windows
O43 - CFD: 09/03/2016 - [] D -- C:\Program Files\TeamSpeak 3 Client =>.TeamSpeak Systems GmbH®
O43 - CFD: 25/03/2016 - [] D -- C:\Program Files\TeamViewer =>.TeamViewer®
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files\TiGeR FireWall
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files\Tomabo
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\UltraISO =>.SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD.®
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\uPrism
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files\VB Decompiler Lite
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 26/05/2015 - [] D -- C:\Program Files\Virtual Audio Cable =>.NTONYX Ltd.®
O43 - CFD: 21/02/2016 - [] D -- C:\Program Files\VMware =>.VMware, Inc.®
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Web Publish
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\WhySoSlow
O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 19/03/2016 - [] D -- C:\Program Files\Windows Kits
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 19/03/2016 - [] D -- C:\Program Files\Windows Phone Kits
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 16/03/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 04/06/2015 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 01/06/2015 - [] D -- C:\Program Files\WinPcap =>.CACE Technologies, Inc.®
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 04/06/2015 - [] D -- C:\Program Files\WinSCP =>.Martin Prikryl®
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\WMZHE
O43 - CFD: 14/03/2016 - [] D -- C:\Program Files\YaTQA
O43 - CFD: 21/05/2010 - [] D -- C:\Program Files\مصحف مشاري
O43 - CFD: 15/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 13/12/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced RAR Repair
O43 - CFD: 21/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Andy
O43 - CFD: 16/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASPack
O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BeeThink IP Blocker 2.0
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bruteforce Save Data
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeWall
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
O43 - CFD: 20/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Droid4X
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 23/03/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Golden Al-Wafi Translator
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
O43 - CFD: 11/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hex Workshop v6.8
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 20/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 11/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KC Softwares
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler
O43 - CFD: 15/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 04/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
O43 - CFD: 31/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 14/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 4 SDK
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 6.0
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nsauditor
O43 - CFD: 18/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN Technologies
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 15/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Gate
O43 - CFD: 18/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SafeIP
O43 - CFD: 11/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SFX Compiler
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shadow Defender
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 19/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
O43 - CFD: 18/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
O43 - CFD: 27/03/2016 - [0] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 14/07/2009 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 09/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VB Decompiler Lite
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
O43 - CFD: 21/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhySoSlow
O43 - CFD: 28/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WMZHE
O43 - CFD: 18/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader =>PUP.Optional.PDFtoWordConverter
O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 23/05/2015 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon
O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 21/02/2016 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 21/02/2016 - [] D -- C:\ProgramData\BlueStacksGameManager
O43 - CFD: 27/03/2016 - [0] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 21/03/2016 - [] D -- C:\ProgramData\Comodo
O43 - CFD: 27/03/2016 - [0] D -- C:\ProgramData\Comodo Downloader
O43 - CFD: 24/05/2015 - [] D -- C:\ProgramData\Conexant
O43 - CFD: 05/01/2016 - [0] D -- C:\ProgramData\dbg
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Downloaded Installations
O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\ESET
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 18/03/2016 - [] D -- C:\ProgramData\FlyVPN
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\GRETECH
O43 - CFD: 23/05/2015 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 06/06/2015 - [] D -- C:\ProgramData\IsolatedStorage
O43 - CFD: 31/12/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Malwarebytes Anti-Exploit
O43 - CFD: 28/03/2016 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 14/11/2015 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 20/03/2016 - [] D -- C:\ProgramData\Microsoft Visual Studio
O43 - CFD: 23/05/2015 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 23/05/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 28/03/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 15/10/2015 - [] D -- C:\ProgramData\QFX Software
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Real
O43 - CFD: 25/05/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 28/03/2016 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 02/06/2015 - [] D -- C:\ProgramData\regid.2014-06.co.zipmagic,simonking
O43 - CFD: 21/03/2016 - [0] D -- C:\ProgramData\Shared Space
O43 - CFD: 02/06/2015 - [] D -- C:\ProgramData\Simon King
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 23/05/2015 - [] D -- C:\ProgramData\Sun
O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Synaptics
O43 - CFD: 09/01/2016 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 20/02/2016 - [] D -- C:\ProgramData\Thunder Network
O43 - CFD: 17/03/2016 - [] D -- C:\ProgramData\Vitalwerks
O43 - CFD: 25/03/2016 - [] D -- C:\ProgramData\VMware
O43 - CFD: 18/02/2016 - [] D -- C:\ProgramData\YTD Video Downloader =>PUP.Optional.PDFtoWordConverter
O43 - CFD: 23/05/2015 - [] D -- C:\ProgramData\Zbshareware Lab
O43 - CFD: 23/05/2015 - [0] SHD -- C:\ProgramData\سطح المكتب
O43 - CFD: 23/05/2015 - [0] SHD -- C:\ProgramData\قائمة ابدأ
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 07/10/2015 - [] D -- C:\Program Files\Common Files\AV
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Common Files\COMODO
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Common Files\designer
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Common Files\EZB Systems
O43 - CFD: 23/03/2016 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 23/05/2015 - [] D -- C:\Program Files\Common Files\Intel
O43 - CFD: 20/03/2016 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 28/03/2016 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 17/03/2016 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 21/02/2016 - [] D -- C:\Program Files\Common Files\VMware
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 26/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Adobe
O43 - CFD: 15/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Andy
O43 - CFD: 26/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Baidu
O43 - CFD: 27/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\DMCache
O43 - CFD: 19/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\ESET
O43 - CFD: 11/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\FileZilla
O43 - CFD: 14/01/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\GRETECH
O43 - CFD: 20/02/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\HaiYuInst
O43 - CFD: 27/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\IDM
O43 - CFD: 11/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\KC Softwares
O43 - CFD: 20/01/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Macromedia
O43 - CFD: 13/12/2015 - [] SD -- C:\Users\ابداع\AppData\Roaming\Microsoft
O43 - CFD: 13/01/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Mozilla
O43 - CFD: 20/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\NuGet
O43 - CFD: 15/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\PowerISO
O43 - CFD: 13/01/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Process Hacker 2
O43 - CFD: 23/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Real
O43 - CFD: 23/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Samsung
O43 - CFD: 18/02/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Shadow Defender
O43 - CFD: 28/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Skype
O43 - CFD: 13/01/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\SourceTec
O43 - CFD: 20/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Sun
O43 - CFD: 11/03/2016 - [0] D -- C:\Users\ابداع\AppData\Roaming\TeamViewer
O43 - CFD: 27/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\TS3Client
O43 - CFD: 21/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\uTorrent
O43 - CFD: 18/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\vlc
O43 - CFD: 25/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\VMware
O43 - CFD: 13/01/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\WinRAR
O43 - CFD: 14/03/2016 - [0] D -- C:\Users\ابداع\AppData\Roaming\YaTQA
O43 - CFD: 28/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\ZHP
O43 - CFD: 25/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\Adobe
O43 - CFD: 21/02/2016 - [] D -- C:\Users\ابداع\AppData\Local\Bluestacks
O43 - CFD: 25/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\CEF
O43 - CFD: 25/05/2015 - [] D -- C:\Users\ابداع\AppData\Local\Chromium
O43 - CFD: 21/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\Comodo
O43 - CFD: 27/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\CrashDumps
O43 - CFD: 26/06/2015 - [] D -- C:\Users\ابداع\AppData\Local\CyberGhost
O43 - CFD: 09/01/2016 - [] D -- C:\Users\ابداع\AppData\Local\Diagnostics
O43 - CFD: 21/02/2016 - [] D -- C:\Users\ابداع\AppData\Local\Droid4X
O43 - CFD: 23/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\ESET
O43 - CFD: 24/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\Google
O43 - CFD: 18/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\GVSE
O43 - CFD: 05/06/2015 - [] D -- C:\Users\ابداع\AppData\Local\IsolatedStorage
O43 - CFD: 24/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\Macromedia
O43 - CFD: 31/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\Mega Limited
O43 - CFD: 31/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\MEGAsync
O43 - CFD: 30/12/2015 - [] D -- C:\Users\ابداع\AppData\Local\Microsoft
O43 - CFD: 04/10/2015 - [] D -- C:\Users\ابداع\AppData\Local\Microsoft Games
O43 - CFD: 23/05/2015 - [0] D -- C:\Users\ابداع\AppData\Local\Microsoft Help
O43 - CFD: 26/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\MiniService
O43 - CFD: 24/05/2015 - [] D -- C:\Users\ابداع\AppData\Local\Mozilla
O43 - CFD: 18/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\PrivateTunnel
O43 - CFD: 20/11/2015 - [] D -- C:\Users\ابداع\AppData\Local\Programs
O43 - CFD: 06/11/2015 - [] D -- C:\Users\ابداع\AppData\Local\Red Gate
O43 - CFD: 24/05/2015 - [] D -- C:\Users\ابداع\AppData\Local\Skype
O43 - CFD: 28/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\Temp
O43 - CFD: 13/01/2016 - [] D -- C:\Users\ابداع\AppData\Local\VirtualStore
O43 - CFD: 17/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\Vitalwerks
O43 - CFD: 25/03/2016 - [] D -- C:\Users\ابداع\AppData\Local\VMware
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/03/2016 - [] RD -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/02/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy
O43 - CFD: 27/12/2015 - [0] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bruteforce Save Data
O43 - CFD: 15/10/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Delete Doctor
O43 - CFD: 18/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FlyVPN
O43 - CFD: 23/05/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 23/05/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 31/12/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
O43 - CFD: 23/05/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Web Publishing
O43 - CFD: 27/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
O43 - CFD: 31/05/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
O43 - CFD: 17/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Router Screen Capture
O43 - CFD: 26/05/2015 - [0] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SFX Compiler
O43 - CFD: 27/03/2016 - [] RD -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 15/03/2016 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TiGeR FireWall
O43 - CFD: 23/05/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 24/12/2015 - [] D -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ ShellIconOverlayIdentifiers (SIOI) (12) - 1s
O106 - SIOI: ###MegaShellExtPending [###MegaShellExtPending] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\ابداع\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSynced [###MegaShellExtSynced] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\ابداع\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: ###MegaShellExtSyncing [###MegaShellExtSyncing] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\ابداع\AppData\Local\MEGAsync\ShellExtX32.dll
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - مكتبة DLL الخاصة بملحق Shell للتخزين المحسّ.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation®
O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation

---\\ ShareTools MSconfig StartupReg (29) - 3s
O53 - SMSR:HKLM\...\startupreg\Apoint [Key] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe =>.Alps Electric Co., Ltd.
O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O53 - SMSR:HKLM\...\startupreg\BLEServicesCtrl [Key] . (.Intel Corporation - Bluetooth LE Services Control Program.) -- C:\Program Files\Intel\Bluetooth\BleServicesCtrl.exe =>.Intel Corporation
O53 - SMSR:HKLM\...\startupreg\BlueStacks Agent [Key] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files\BlueStacks\HD-Agent.exe =>.BlueStack Systems, Inc.
O53 - SMSR:HKLM\...\startupreg\BTMTrayAgent [Key] . (...) -- C:\Program Files\Intel\Bluetooth\btmshellex.dll",TrayApp (.not file.)
O53 - SMSR:HKLM\...\startupreg\cAudioFilterAgent [Key] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe =>.Conexant Systems, Inc.
O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd
O53 - SMSR:HKLM\...\startupreg\Dolby Advanced Audio v2 [Key] . (.Dolby Laboratories Inc. - Dolby Profile Selector.) -- C:\Program Files\Dolby Advanced Audio v2\pcee4.exe =>.Dolby Laboratories Inc.
O53 - SMSR:HKLM\...\startupreg\GoogleChromeAutoLaunch_D08F2D441B56E34F9C4C0682A574B541 [Key] . (.The Chromium Authors - Chromium.) -- C:\Users\ابداع\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors
O53 - SMSR:HKLM\...\startupreg\GoogleChromeAutoLaunch_E5498460C70284B50AFCA084AEBB91DB [Key] . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O53 - SMSR:HKLM\...\startupreg\IP Blocker [Key] . (.BeeThink SoftWare, Inc. - BeeThink IP Blocker.) -- C:\Program Files\BeeThink IP_Blocker_2.0\IPBlocker.exe
O53 - SMSR:HKLM\...\startupreg\KeyScrambler [Key] . (.QFX Software Corporation - KeyScrambler.) -- C:\Program Files\KeyScrambler\keyscrambler.exe =>.QFX Software Corporation
O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Exploit [Key] . (.Malwarebytes Corporation - Malwarebytes Anti-Exploit.) -- C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe =>.Malwarebytes Corporation
O53 - SMSR:HKLM\...\startupreg\MINI IP Blocker [Key] . (.BeeThink SoftWare, Inc. - Mini IP Blocker.) -- C:\Program Files\BeeThink IP_Blocker_2.0\MiniIPBlocker.exe
O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE =>.Power Software Ltd
O53 - SMSR:HKLM\...\startupreg\SandboxieControl [Key] . (.Sandboxie Holdings, LLC - Sandboxie Control.) -- C:\Program Files\Sandboxie\SbieCtrl.exe =>.Sandboxie Holdings, LLC
O53 - SMSR:HKLM\...\startupreg\Shadow Defender Daemon [Key] . (.SHADOWDEFENDER.COM - Shadow Defender Daemon Application.) -- C:\Program Files\Shadow Defender\DefenderDaemon.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O53 - SMSR:HKLM\...\startupreg\SmartAudio [Key] . (.Conexant Systems, Inc. - SmartAudio CPL (32bit).) -- C:\Program Files\CONEXANT\SAII\SACpl.exe =>.Conexant Systems, Inc.
O53 - SMSR:HKLM\...\startupreg\SoftEther VPN Client UI Helper [Key] . (.SoftEther VPN Project at University of Tsukuba, Japan - SoftEther VPN.) -- C:\Program Files\SoftEther VPN Client\vpnclient.exe =>.SoftEther VPN Project at University of Tsukuba, Japan
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics Incorporated - Synaptics TouchPad 32-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe =>.Synaptics Incorporated
O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (...) -- C:\Program Files\Real\RealPlayer\update\realsched.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TrojanScanner [Key] . (...) -- C:\Program Files\Trojan Remover\Trjscan.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\TunnelBear [Key] . (...) -- C:\Program Files\TunnelBear\TBear.Client.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\tvncontrol [Key] . (.Comodo Security Solutions, Inc. - GeekBuddy Remote Screen Protocol Server.) -- C:\Program Files\Common Files\COMODO\GeekBuddyRSP.exe =>.Comodo Security Solutions, Inc.
O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\ابداع\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc.

---\\ System Drivers List (128) - 20s
O58 - SDL:2014/04/27 20:40:02 A . (.Lenovo Corporation - ACPI Virtual Power Controller Driver.) -- C:\Windows\System32\drivers\AcpiVpc.sys [27896] =>.Lenovo (Beijing) Limited®
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] =>.Microsoft Windows®
O58 - SDL:2010/11/20 15:29:13 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] =>.Microsoft Windows®
O58 - SDL:2010/11/20 15:29:15 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400] =>.Microsoft Windows®
O58 - SDL:2013/07/13 18:13:28 A . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\System32\drivers\Apfiltr.sys [417584] =>.Alps Electric Co., LTD.®
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] =>.Broadcom Corporation
O58 - SDL:2009/07/14 01:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 03:57:25 A . (.Brother Industries Ltd. - برنامج تشغيل I/F التسلسلي لـ Brotehr (WDM)‎.) -- C:\Windows\System32\drivers\BrSerId.sys [272128] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 01:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 01:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 01:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] =>.Brother Industries Ltd.
O58 - SDL:2013/03/18 15:25:42 A . (.Motorola Solutions, Inc. - Bluetooth Audio Driver.) -- C:\Windows\System32\drivers\btmaud.sys [71992] =>.Motorola Solutions Inc.®
O58 - SDL:2013/04/23 15:50:26 A . (.Motorola Solutions, Inc. - Bluetooth Auxiliary Driver.) -- C:\Windows\System32\drivers\btmaux.sys [109880] =>.Motorola Solutions Inc.®
O58 - SDL:2013/04/23 15:50:24 A . (.Motorola Solutions, Inc. - Bluetooth HighSpeed Filter Driver.) -- C:\Windows\System32\drivers\btmhsf.sys [1097528] =>.Motorola Solutions Inc.®
O58 - SDL:2009/07/14 01:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] =>.Broadcom Corporation
O58 - SDL:2016/03/22 05:38:34 A . (.Windows (R) Win 7 DDK provider - Safe Deletion Driver.) -- C:\Windows\System32\drivers\CFRMD.sys [35064] {4A708F805E46E4A95EC561404DF11189} =>.Windows (R) Win 7 DDK provider
O58 - SDL:2013/03/05 08:25:18 A . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\CHDRT32.sys [1363040] =>.Conexant Systems, Inc.®
O58 - SDL:2016/03/21 22:18:55 A . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\System32\drivers\cmderd.sys [27488] =>.Comodo Security Solutions®
O58 - SDL:2016/03/21 22:19:01 A . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\System32\drivers\cmdguard.sys [643032] =>.Comodo Security Solutions®
O58 - SDL:2016/03/21 22:19:07 A . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\System32\drivers\cmdhlp.sys [52312] =>.Comodo Security Solutions®
O58 - SDL:2009/07/14 04:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] =>.Microsoft Windows®
O58 - SDL:2012/06/15 14:53:30 A . (.Cypress Semiconductor, Inc. - Trackpad Driver.) -- C:\Windows\System32\drivers\cykbfltr.sys [13824] =>.Cypress Semiconductor, Inc.
O58 - SDL:2015/01/16 20:00:36 A . (.Faronics Corporation - Deep Freeze driver.) -- C:\Windows\System32\drivers\DeepFrz.sys [154984] =>.Faronics Corporation®
O58 - SDL:2015/01/16 20:01:30 A . (.Faronics Corporation - Deep Freeze driver.) -- C:\Windows\System32\drivers\DfDiskLo.sys [30696] =>.Faronics Corporation®
O58 - SDL:2015/01/16 20:02:08 A . (.Faronics Corporation - Deep Freeze Driver.) -- C:\Windows\System32\drivers\DFFilter.sys [32360] =>.Faronics Corporation®
O58 - SDL:2015/01/01 13:34:26 A . (.SHADOWDEFENDER.COM - Shadow Defender Filter Driver.) -- C:\Windows\System32\drivers\diskpt.sys [341048] {6E47A70BFCE998BFCD7998A98DD821D2}
O58 - SDL:2009/07/14 04:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] =>.Microsoft Windows®
O58 - SDL:2016/03/16 00:38:42 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.®
O58 - SDL:2016/03/23 13:40:20 A . (.ESET - Devmon monitor.) -- C:\Windows\System32\drivers\edevmon.sys [154288] =>.ESET, spol. s r.o.®
O58 - SDL:2016/03/16 00:38:43 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [146024] =>.ESET, spol. s r.o.®
O58 - SDL:2016/03/16 00:38:43 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/14 04:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] =>.Microsoft Windows®
O58 - SDL:2016/03/16 00:38:43 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.®
O58 - SDL:2016/03/16 00:38:43 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44608] =>.ESET, spol. s r.o.®
O58 - SDL:2016/03/16 00:38:43 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [56944] =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/14 01:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] =>.Broadcom Corporation
O58 - SDL:2015/01/16 20:01:10 A . (.Faronics Corporation - Deep Freeze driver.) -- C:\Windows\System32\drivers\FarDisk.sys [25704] =>.Faronics Corporation®
O58 - SDL:2015/01/16 20:00:54 A . (.Faronics Corporation - Deep Freeze Driver.) -- C:\Windows\System32\drivers\FarSpace.sys [82920] =>.Faronics Corporation®
O58 - SDL:2009/09/09 12:23:38 A . (.Intel Corporation - BIOS Update Driver.) -- C:\Windows\System32\drivers\flashud.sys [42496] =>.Intel Corporation
O58 - SDL:2014/08/21 08:07:12 A . (.VMware, Inc. - VMware USB monitor.) -- C:\Windows\System32\drivers\hcmon.sys [43968] =>.VMware, Inc.®
O58 - SDL:2009/07/14 01:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/07/14 04:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] =>.Microsoft Windows®
O58 - SDL:2014/04/24 17:34:12 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\drivers\iaStorA.sys [490856] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2014/04/24 17:34:12 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [24424] =>.Intel Corporation - Intel® Rapid Storage Technology®
O58 - SDL:2010/11/20 15:29:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160] =>.Microsoft Windows®
O58 - SDL:2013/04/23 13:24:26 A . (.Intel Corporation - Intel(R) Centrino(R) Wireless (Bluetooth Ad.) -- C:\Windows\System32\drivers\iBtFltCoex.sys [55776] =>.Intel Corporation-Mobile Wireless Group®
O58 - SDL:2010/08/18 01:28:34 A . (.Intel Corporation - Intel(R) Watchdog Timer Driver (Intel(R) WD.) -- C:\Windows\System32\drivers\ICCWDT.sys [22040] =>.Intel Corporation®
O58 - SDL:2013/11/08 02:41:38 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [108000] =>.Tonec Inc.®
O58 - SDL:2015/03/30 14:49:48 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [3026360] =>.Intel Corporation - pGFX®
O58 - SDL:2009/07/14 04:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] =>.Microsoft Windows®
O58 - SDL:2016/03/21 22:19:13 A . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\System32\drivers\inspect.sys [102184] =>.Comodo Security Solutions®
O58 - SDL:2014/09/26 17:23:30 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [368912] =>.Intel Corporation - Client Components Group®
O58 - SDL:2012/12/04 04:21:12 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\Windows\System32\drivers\iusb3hcs.sys [16440] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2012/12/04 04:21:12 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\Windows\System32\drivers\iusb3hub.sys [351288] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2013/12/10 15:15:56 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys [801776] =>.Intel Corporation - Software and Firmware Products®
O58 - SDL:2015/06/03 17:59:32 A . (.QFX Software Corporation - KeyScrambler Keyboard Encryption Driver.) -- C:\Windows\System32\drivers\keyscrambler.sys [211408] =>.QFX Software Corporation®
O58 - SDL:2013/11/29 13:40:44 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) -- C:\Windows\System32\drivers\L1C62x86.sys [110280] =>.Qualcomm Atheros®
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/23 12:59:46 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [170200] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] =>.Microsoft Windows®
O58 - SDL:2015/10/05 09:50:16 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] =>.Malwarebytes Corporation®
O58 - SDL:2010/05/02 14:10:22 A . (.BeeThink SoftWare, Inc. - BeeThink Network Blocker Driver.) -- C:\Windows\System32\drivers\nblocker.sys [19456]
O58 - SDL:2016/03/19 00:52:45 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\Windows\System32\drivers\Neo_0007.sys [37920] =>.SoftEther Corporation®
O58 - SDL:2014/12/19 00:04:16 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwsn01.sys [10376704] =>.Intel Corporation
O58 - SDL:2009/07/14 04:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] =>.Microsoft Windows®
O58 - SDL:2011/02/12 00:23:34 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [35088] =>.CACE Technologies, Inc.®
O58 - SDL:2010/11/20 15:30:06 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120] =>.Microsoft Windows®
O58 - SDL:2010/11/20 15:30:06 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744] =>.Microsoft Windows®
O58 - SDL:2015/11/10 21:15:14 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\ptun0901.sys [23552] =>.The OpenVPN Project
O58 - SDL:2009/07/14 04:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] =>.Microsoft Windows®
O58 - SDL:2016/03/22 22:54:59 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) -- C:\Windows\System32\drivers\rspWhy32.sys [24832] =>.Daniel Terhell®
O58 - SDL:2014/12/08 16:13:26 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\Windows\System32\drivers\RtsUer.sys [283864] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/04/08 05:44:39 A . (.Realtek Semiconductor Corp. - Realtek UVC Driver for Vista/Win7/Win8/Win8.) -- C:\Windows\System32\drivers\rtsuvc.sys [1927384] =>.Realtek Semiconductor Corp®
O58 - SDL:2015/04/08 05:01:28 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [113984] =>.Power Software Limited®
O58 - SDL:2009/07/13 23:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 04:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] =>.Microsoft Windows®
O58 - SDL:2009/07/14 04:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] =>.Microsoft Windows®
O58 - SDL:2015/01/13 16:02:44 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [25768] =>.Synaptics Incorporated®
O58 - SDL:2009/07/14 04:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] =>.Microsoft Windows®
O58 - SDL:2014/08/08 01:22:00 A . (.Synaptics Incorporated - Synaptics Touchpad Win32 Driver.) -- C:\Windows\System32\drivers\SynTP.sys [414448] =>.Synaptics Incorporated®
O58 - SDL:2015/04/28 13:08:10 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap-tb-0901.sys [33280] =>.TunnelBear, Inc.®
O58 - SDL:2016/03/18 20:30:14 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901_openvpn_accl.sys [32152] =>.FlyVPN INC®
O58 - SDL:2014/04/23 11:45:14 A . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\System32\drivers\tosrfbd.sys [249200] =>.TOSHIBA CORPORATION®
O58 - SDL:2012/08/01 11:02:24 A . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\System32\drivers\Tosrfhid.sys [80624] =>.TOSHIBA CORPORATION®
O58 - SDL:2014/06/22 17:56:22 A . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\System32\drivers\tosrfusb.sys [78840] =>.TOSHIBA CORPORATION®
O58 - SDL:2014/05/16 15:25:48 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [204064] =>.Oracle Corporation®
O58 - SDL:2015/05/13 17:29:54 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [115672] =>.Oracle Corporation®
O58 - SDL:2015/05/13 17:29:54 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [104896] =>.Oracle Corporation®
O58 - SDL:2009/07/14 04:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] =>.Microsoft Windows®
O58 - SDL:2013/10/08 18:20:50 A . (.VMware, Inc. - VMware PCI VMCI Bus Device.) -- C:\Windows\System32\drivers\vmci.sys [71888] =>.VMware, Inc.®
O58 - SDL:2015/06/24 14:25:26 A . (.VMware, Inc. - VMware keyboard filter driver (32-bit).) -- C:\Windows\System32\drivers\VMkbd.sys [26456] =>.VMware, Inc.®
O58 - SDL:2015/06/24 14:25:26 A . (.VMware, Inc. - VMware virtual network driver (32-bit).) -- C:\Windows\System32\drivers\vmnet.sys [20048] =>.VMware, Inc.®
O58 - SDL:2015/06/24 14:25:26 A . (.VMware, Inc. - VMware virtual network adapter driver (32-b.) -- C:\Windows\System32\drivers\vmnetadapter.sys [17104] =>.VMware, Inc.®
O58 - SDL:2015/06/24 14:25:26 A . (.VMware, Inc. - VMware bridge driver (32-bit).) -- C:\Windows\System32\drivers\vmnetbridge.sys [37456] =>.VMware, Inc.®
O58 - SDL:2015/06/24 14:28:48 A . (.VMware, Inc. - VMware network application interface driver.) -- C:\Windows\System32\drivers\vmnetuserif.sys [26968] =>.VMware, Inc.®
O58 - SDL:2015/06/24 14:29:54 A . (.VMware, Inc. - VMware kernel driver.) -- C:\Windows\System32\drivers\vmx86.sys [66136] =>.VMware, Inc.®
O58 - SDL:2015/05/26 02:56:08 A . (.Eugene V. Muzychenko - Kernel-mode WDM driver.) -- C:\Windows\System32\drivers\vrtaucbl.sys [50728] =>.NTONYX Ltd.®
O58 - SDL:2009/07/14 04:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] =>.Microsoft Windows®
O58 - SDL:2013/10/08 18:20:56 A . (.VMware, Inc. - VMware vSockets Service.) -- C:\Windows\System32\drivers\vsock.sys [63824] =>.VMware, Inc.®
O58 - SDL:2009/07/14 00:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/14 00:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/07/14 00:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/14 00:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/14 00:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/14 00:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/14 00:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/14 00:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/14 00:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/14 00:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/14 00:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/14 00:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/14 00:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/14 00:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/14 00:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]

---\\ Last modified or created user files (57) - 89s
O61 - LFC: 2016/03/21 00:04:38 A . (..) -- C:\Users\ابداع\Downloads\DUCSetup_v4_1_1 (1).exe [241736] {0A81B078D1D4554BBFCF3D0162A9962B}
O61 - LFC: 2016/03/27 13:33:20 A . (..) -- C:\Users\ابداع\Downloads\DUCSetup_v4_1_1(1).exe [241736] {0A81B078D1D4554BBFCF3D0162A9962B}
O61 - LFC: 2016/03/22 06:07:58 A . (.Armor2net Software Corporation Ltd..) -- C:\Users\ابداع\Downloads\Programs\armor2nt.exe [3730446]
O61 - LFC: 2016/03/22 06:06:56 A . (..) -- C:\Users\ابداع\Downloads\Programs\spf.exe [9228440] {2B7B1D7E42AFBF6FE5A832EACBDC9DFA}
O61 - LFC: 2016/03/27 14:40:19 A . (..) -- C:\Users\ابداع\Downloads\I386\PRESETUP.CMD [0]
O61 - LFC: 2016/03/21 13:31:10 A . (.Copyright © 2016.) -- C:\Users\ابداع\Documents\Visual Studio 2013\Projects\WindowsFormsApplication1\WindowsFormsApplication1\obj\Debug\WindowsFormsApplication1.exe [11264]
O61 - LFC: 2016/03/21 12:59:55 A . (..) -- C:\Users\ابداع\Documents\Visual Studio 2013\Projects\WindowsApplication1\WindowsApplication1\obj\Debug\TempPE\My Project.Resources.Designer.vb.dll [7680]
O61 - LFC: 2016/03/27 23:50:03 A . (..) -- C:\Users\ابداع\Desktop\cahe free.exe [24064]
O61 - LFC: 2016/03/21 19:57:50 A . (.Copyright © 2014.) -- C:\Users\ابداع\Desktop\theme.dll [86016]
O61 - LFC: 2016/03/27 23:37:51 A . (.Copyright © 2016.) -- C:\Users\ابداع\Desktop\مجلد جديد ‫(2)‬\Builder njRAT.exe [51712]
O61 - LFC: 2016/03/27 23:56:52 A . (..) -- C:\Users\ابداع\Desktop\مجلد جديد ‫(2)‬\cahe free.exe [25088]
O61 - LFC: 2016/03/27 23:37:51 A . (.Copyright © 2008 - 2011 Jb Evain.) -- C:\Users\ابداع\Desktop\مجلد جديد ‫(2)‬\Mono.Cecil.dll [312320]
O61 - LFC: 2016/03/27 23:38:24 A . (.njq8.) -- C:\Users\ابداع\Desktop\مجلد جديد ‫(2)‬\njRAT v0.7d.exe [1723904]
O61 - LFC: 2016/03/27 23:37:51 A . (..) -- C:\Users\ابداع\Desktop\مجلد جديد ‫(2)‬\Stub.exe [26112]
O61 - LFC: 2016/03/27 22:50:06 A . (.BD2 Co..) -- C:\Users\ابداع\Desktop\مجلد جديد ‫(2)‬\BD2.Net Injector\BD2.Net Injector.exe [932864]
O61 - LFC: 2016/03/27 22:50:06 A . (.DevComponents.com.) -- C:\Users\ابداع\Desktop\مجلد جديد ‫(2)‬\BD2.Net Injector\DevComponents.DotNetBar2.dll [4558848]
O61 - LFC: 2016/03/26 01:05:34 A . (.Zaid Al-iRAQi.) -- C:\Users\ابداع\Desktop\VisualBasic4Arab\VisualBasic4Arab\obj\x86\Debug\منتدى فيجوال بيسك.exe [317440]
O61 - LFC: 2016/03/26 15:34:07 A . (..) -- C:\Users\ابداع\Desktop\VisualBasic4Arab\VisualBasic4Arab\obj\x86\Debug\TempPE\Properties.Resources.Designer.cs.dll [4608]
O61 - LFC: 2016/03/26 01:05:33 A . (.Zaid Al-iRAQi.) -- C:\Users\ابداع\Desktop\VisualBasic4Arab\VisualBasic4Arab\bin\Debug\منتدى فيجوال بيسك.exe [317440]
O61 - LFC: 2016/03/21 19:41:11 A . (.Copyright © 2016.) -- C:\Users\ابداع\Desktop\kkkk\Sing In Rghost\Sing In Rghost\obj\Debug\Sing In Rghost.exe [12288]
O61 - LFC: 2016/03/21 19:41:11 A . (.Copyright © 2016.) -- C:\Users\ابداع\Desktop\kkkk\Sing In Rghost\Sing In Rghost\obj\Debug\test.exe [12288]
O61 - LFC: 2016/03/21 19:41:10 A . (.Copyright © 2016.) -- C:\Users\ابداع\Desktop\kkkk\Sing In Rghost\Sing In Rghost\bin\Debug\Sing In Rghost.exe [12288]
O61 - LFC: 2016/03/21 19:41:10 A . (.Copyright © 2016.) -- C:\Users\ابداع\Desktop\kkkk\Sing In Rghost\Sing In Rghost\bin\Debug\test.exe [12288]
O61 - LFC: 2016/03/22 12:22:05 A . (.Copyright (C) 2001.) -- C:\Users\ابداع\Desktop\kjhkjh\SUPPORT\TOOLS\GBUNICNV.EXE [27136]
O61 - LFC: 2016/03/22 12:22:05 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\SUPPORT\TOOLS\SETUP.EXE [20480]
O61 - LFC: 2016/03/22 12:22:04 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\OEM\DP_Install_Tool.cmd [3284]
O61 - LFC: 2016/03/22 12:22:04 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\OEM\bin\DevPath.exe [12288]
O61 - LFC: 2016/03/22 12:22:04 A . (.STK.) -- C:\Users\ابداع\Desktop\kjhkjh\OEM\bin\un7zip.exe [188928]
O61 - LFC: 2016/03/22 12:20:02 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\I386\NTDETECT.COM [47564]
O61 - LFC: 2016/03/22 12:19:51 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\I386\PRESETUP.CMD [3186]
O61 - LFC: 2016/03/22 12:19:42 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\I386\RUNW32.BAT [2589]
O61 - LFC: 2016/03/22 12:19:11 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\I386\WINNT.EXE [84939]
O61 - LFC: 2016/03/22 12:19:05 A . (..) -- C:\Users\ابداع\Desktop\kjhkjh\DOTNETFX\DELTEMP.EXE [36864]
O61 - LFC: 2016/03/27 23:50:14 A . (..) -- C:\Users\ابداع\AppData\Roaming\svchost.exe [25088]
O61 - LFC: 2016/03/28 11:33:17 A . (..) -- C:\Users\ابداع\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\c1fbcceda94af384384c8ff38770d448.exe [25088]
O61 - LFC: 2016/03/26 12:07:54 A . (.Copyright (C) 2011.) -- C:\Users\ابداع\AppData\Roaming\Baidu\Spark\SysData\ExtApp\SnapImg\screensnapshot.exe [530064]
O61 - LFC: 2016/03/26 12:07:54 A . (.Copyright (C) 2011.) -- C:\Users\ابداع\AppData\Roaming\Baidu\Spark\SysData\ExtApp\SnapImg\SnapImg.dll [83088]
O61 - LFC: 2016/03/26 15:36:54 A . (.Zaid Al-iRAQi.) -- C:\Users\ابداع\AppData\Local\Microsoft\VisualStudio\12.0\ProjectAssemblies\ki8p_ree01\منتدى فيجوال بيسك.exe [317440]
O61 - LFC: 2016/03/26 16:05:39 A . (.Sven Walter, Dennis Magno.) -- C:\Users\ابداع\AppData\Local\Microsoft\VisualStudio\12.0\ProjectAssemblies\6wipfoz701\MetroFramework.dll [337920]
O61 - LFC: 2016/03/21 21:47:00 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\Usages.bin [2432]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\438eae57-e5c3-58a0.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\44eacc5f-e52a-ad22.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\7adf99df-bdfe-48f1.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\84af16d6-3a6f-8d1f.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\a9a54134-3d99-910d.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\fea44a51-7991-19e8.bin [8]
O61 - LFC: 2016/03/21 21:46:31 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\RGVjb21waWxlZCBpbnRvIGxhbmd1YWdlIEMjIDQuMA==.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm06IC5ORVQgNC4wIGluc3RhbGxlZA==.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm06IFdpbmRvd3MgNy8yMDA4IFIy.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm0gQ1BVIENvcmVzOiA0.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm0gQ3VsdHVyZSBMQ0lEOiAxMDI1.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm0gQ3VsdHVyZSBOYW1lOiBhci1TQQ==.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm0gT1MgQml0bmVzczogMzI=.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm0gTnVtYmVyIG9mIE1vbml0b3JzOiAx.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm0gVUkgQ3VsdHVyZSBMQ0lEOiAxMDI1.bin [8]
O61 - LFC: 2016/03/21 21:44:10 A . (..) -- C:\Users\ابداع\AppData\Local\IsolatedStorage\flrq2ci3.0wf\d3bfhzey.gsg\StrongName.lbvo3acdz4hduckfkaot5num5lbpheob\AssemFiles\D7909B95\D\UGxhdGZvcm0gVUkgQ3VsdHVyZSBOYW1lOiBhci1TQQ==.bin [8]
O61 - LFC: 2016/03/21 22:16:01 A . (..) -- C:\Users\ابداع\AppData\Local\Adobe\Acrobat\DC\UserCache.bin [83479]

---\\ File Associations Shell Spawning (11) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - ‎‎مشغل الأداة الإضافية لعارض الأحداث.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - ‎‎محرر التسجيل.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

---\\ Start Menu Internet (20) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.The Chromium Authors - Chromium.) -- C:\Users\ابداع\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Comodo - Chromodo.) -- C:\Program Files\Comodo\Chromodo\chromodo.exe =>.Comodo Security Solutions®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.The Chromium Authors - Chromium.) -- C:\Users\ابداع\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Comodo - Chromodo.) -- C:\Program Files\Comodo\Chromodo\chromodo.exe =>.COMODO
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.The Chromium Authors - Chromium.) -- C:\Users\ابداع\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Comodo - Chromodo.) -- C:\Program Files\Comodo\Chromodo\chromodo.exe =>.COMODO
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.The Chromium Authors - Chromium.) -- C:\Users\ابداع\AppData\Local\Chromium\Application\chrome.exe =>.The Chromium Authors
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Comodo - Chromodo.) -- C:\Program Files\Comodo\Chromodo\chromodo.exe =>.COMODO
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.

---\\ Search Browser Infection (4) - 11s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} - (Google) - http://www.google.cn/
O69 - SBI: SearchScopes [HKCU] {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} [DefaultScope] - (Yahoo! Search) - http://us.search.yahoo.com/ =>.Yahoo Search
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/

---\\ Search Svchost Services (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة الخادم.) -- C:\Windows\System32\srvsvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll [593408] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [679424] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - خدمة صوت Windows.) -- C:\Windows\System32\audiosrv.dll [475136] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - إدارة الطلب التلقائي للوصول عن بُعد.) -- C:\Windows\System32\rasauto.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [286208] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - خدمة الإعلام بأحداث النظام (SENS).) -- C:\Windows\System32\Sens.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [242176] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [523776] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll [2062848] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - خدمة النقل الذكي في الخلفية.) -- C:\Windows\System32\qmgr.dll [585728] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [499712] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll [21504] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - خدمة معلومات التطبيقات.) -- C:\Windows\System32\appinfo.dll [47104] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - خدمة اكتشاف iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - خدمة جدولة فئات تعدد الوسائط.) -- C:\Windows\System32\mmcss.dll [49664] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll [61440] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164864] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll [751104] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - خدمة تكوين سطح المكتب البعيد.) -- C:\Windows\System32\SessEnv.dll [113664] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة مستعرض الكم.) -- C:\Windows\System32\browser.dll [102912] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات نُسق Windo.) -- C:\Windows\System32\themeservice.dll [37376] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - خدمة BDE.) -- C:\Windows\System32\bdesvc.dll [76800] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll [149504] =>.Microsoft Corporation

---\\ Firewall Active Exception List (17) - 6s
O87 - FAEL: "{1CC665AB-E836-40D5-BFD2-7212713D3C17}" [In-None-P6-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
O87 - FAEL: "{2CD8103B-1A28-40F0-AD5A-7AE14C3014A4}" [Out-None-P6-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
O87 - FAEL: "{000777B1-1AEC-444F-B5B2-788778B24348}" [In-None-P17-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
O87 - FAEL: "{291235EE-BA35-41CD-B023-67CA7299B52B}" [Out-None-P17-TRUE] .(.Faronics Corporation - Deep Freeze service.) -- C:\Program Files\Faronics\Deep Freeze\Install C-0\DFServ.exe
O87 - FAEL: "TCP Query User{E28A9F57-6FA3-40A4-A901-1CF20DFA0A30}C:\users\ابداع\downloads\apatedns\apatedns.exe" [In-None-P6-TRUE] .(.Mandiant - Mandiant.) -- C:\users\ابداع\downloads\apatedns\apatedns.exe
O87 - FAEL: "UDP Query User{4DA75583-84E3-4C43-A34F-C35A464E1CB5}C:\users\ابداع\downloads\apatedns\apatedns.exe" [In-None-P17-TRUE] .(.Mandiant - Mandiant.) -- C:\users\ابداع\downloads\apatedns\apatedns.exe
O87 - FAEL: "{718BD56A-BDB5-4794-AB97-52A26D026C4A}" [In-None-P6-TRUE] .(.Nsasoft LLC. - Nsauditor Network Security Auditor.) -- C:\Program Files\Nsauditor\Nsauditor.exe {14966A76CD72EED75C01DC5BDA611603}
O87 - FAEL: "{D370F1E3-EE8A-40F2-BC42-A7E7742DCCA0}" [In-None-P17-TRUE] .(.Nsasoft LLC. - Nsauditor Network Security Auditor.) -- C:\Program Files\Nsauditor\Nsauditor.exe {14966A76CD72EED75C01DC5BDA611603}
O87 - FAEL: "{B4BF4A46-278F-4E80-AE1A-6C6F355000EB}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Droid4X\Droid4X.exe {2B86748125644541E9D799554A0D8F15}
O87 - FAEL: "{BBCB035D-0FF0-45F5-8DE5-AE64BE5CAA5A}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Andy\andy.exe (.not file.)
O87 - FAEL: "{5E0B9780-5C4C-48C1-9962-A0B443579616}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\Andy\andy.exe (.not file.)
O87 - FAEL: "{407E70ED-7271-4E67-8851-B6103ED32CE4}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Andy\AndyConsole.exe (.not file.)
O87 - FAEL: "{98DF4CB4-F364-4AE4-8072-3F630B5AD583}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\Andy\AndyConsole.exe (.not file.)
O87 - FAEL: "{0DDEA922-8A04-498F-B570-673AF047BF56}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Andy\SetupFiles\Uninstall.exe (.not file.)
O87 - FAEL: "{3E986A3C-4862-4B58-9AD8-F1B0EFC122F4}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\Andy\SetupFiles\Uninstall.exe (.not file.)
O87 - FAEL: "{C2E8918D-8E1E-463A-AF4A-1CE357CCF692}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Andy\HandyAndy.exe (.not file.)
O87 - FAEL: "{900B8D03-0015-4A5C-9CB3-D9DE806F98DA}" [Out-None-P17-TRUE] .(...) -- C:\Program Files\Andy\HandyAndy.exe (.not file.)

---\\ Additional Scan (O88) (23) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\KMService =>PUP.Optional.Office
C:\Windows\System32\srvany.exe =>PUP.Optional.Office
C:\Windows\System32\SafeIPs.dll =>Hijacker.Winsock
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} =>.Superfluous.GreenTreeApp
HKLM\SOFTWARE\Babylon =>PUP.Optional.Babylon
HKLM\SOFTWARE\PIP =>Toolbar.Ask
HKCU\SOFTWARE\0932343ebc836c39c857a65dc20ea0fb =>PUP.Optional.CrossRider
HKCU\SOFTWARE\13b744fe92a3e5c630f8f3abb1fe36d1 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\23556fb1360f366337f97c924e76ead3 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\6e4916d81978de39ad3dbae2a458fe60 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\984559f52d4087243e95e5ad9bb48e8d =>PUP.Optional.CrossRider
HKCU\SOFTWARE\APN PIP =>.Superfluous.Conduit
HKCU\SOFTWARE\c1fbcceda94af384384c8ff38770d448 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\c25b8192b99348e89785aab790446370 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\d761084bef63be7e031d4cb42cbf81e5 =>PUP.Optional.CrossRider
HKCU\SOFTWARE\GreenTree Applications =>.Superfluous.GreenTreeApp
HKCU\SOFTWARE\PIP =>Toolbar.Ask
HKCU\SOFTWARE\ProductSetup =>Adware.InstallCore
C:\Program Files\GreenTree Applications =>.Superfluous.GreenTreeApp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader =>PUP.Optional.PDFtoWordConverter
C:\ProgramData\Babylon =>PUP.Optional.Babylon
C:\ProgramData\YTD Video Downloader =>PUP.Optional.PDFtoWordConverter

---\\ Summary of the elements found (8) - 0s
http://www.nicolascoolman.fr/?p=888 =>PUP.Optional.Office
http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.GreenTreeApp
http://www.nicolascoolman.fr/?p=170 =>PUP.Optional.Babylon
http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask
http://www.nicolascoolman.fr/?p=180 =>PUP.Optional.CrossRider
http://www.nicolascoolman.fr/?p=210 =>.Superfluous.Conduit
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.PDFtoWordConverter

~ End of the scan, 32457 items in 00h08mn10s (1468)(0)