~ ZHPDiag v2015.8.17.120 By Nicolas Coolman (2015/08/17) ~ Run by Cheb Khalid (Administrator) (2015/08/17 20:14:46) ~ Site: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Cheb Khalid\Desktop\ZHPDiag.txt ~ Report: C:\Users\Cheb Khalid\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Pro, 64-bit (Build 10240) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v44.0.2403.155 MFIE: Mozilla Firefox 39.0 (x86 en-US) v39.0 MSIE: Internet Explorer v11.0.10240.16384 ---\\ Windows Product Information (4) - 4s ~ Windows Server License Manager Script : OK System - VBScript Engine not found Windows Automatic Updates : OK (Demand) Windows Activation Technologies : OK ---\\ System protection software (2) - 1s Malwarebytes Anti-Malware version 2.1.8.1057 Windows Defender W10 (Deactivate) ---\\ System optimization software (1) - 1s CCleaner v5.00 ---\\ Surveillance software (2) - 1s Adobe Flash Player 18 PPAPI Adobe Reader 9.5.5 ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 3004.268 MB (14% free) ~ System Restore: Activé (Enable) ~ System drive C: has 144 GB free of 290 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: CHEBMAROC ~ User Name: Cheb Khalid ~ Logged in as Administrator ---\\ Enumeration of the disk units (2) - 0s ~ Drive C: has 144 GB free of 290 GB (System) ~ Drive D: has 1 GB free of 14 GB ---\\ State of the Windows Security Center (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (22) - 2s [MD5.6E756C33B5ECBD96756086A34D9A90DC] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [4532304] [MD5.5DED2A3F11AE916C8F2724947E736261] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\WINDOWS\System32\rundll32.exe [59392] [MD5.7718A2A9B2BFB2C8E2BAEB03310CA3FD] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\WINDOWS\System32\Wininit.exe [290312] [MD5.FE32B8423711B4B4378C0BA3C3560ED4] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [2741760] [MD5.26EFEFD877A84EE9FBDE6DEE630892C9] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [578048] [MD5.ECB1943967424DFB96E03F6A098434EF] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\WINDOWS\System32\sppcomapi.dll [430592] [MD5.6C12C7E01A4F64E0AA9C88AF66955CC9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [577888] [MD5.8921DF6060DB5C7700AA48CB12E9EA08] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [28512] [MD5.F2829DC6D292DCAC5029893BB2E9FEE3] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] [MD5.CA160E02F35A61C6F5C681FB4669C519] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [174080] [MD5.25435407D97419627F4B10653433BF2B] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\WINDOWS\System32\drivers\DfsC.sys [138240] [MD5.C277A49F8A8295840DEBC9240B75A282] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [80896] [MD5.D4CDEE4A62BDFFF6E8558A9552148EA7] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] [MD5.5D3744E6FDEC1A6FB3FA9B1DD4AF0694] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] [MD5.1DF2C5FD2710A13B07E663A12F0E0EEA] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [415232] [MD5.F0D791348AD254360CC3C3E501CCB745] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [273408] [MD5.466EC5659C02ED53DBD47DC1BC2B8086] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [2116448] [MD5.38F1AE32339731F6E5A7281AE8042545] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [96768] [MD5.CA60F6C03611AF1710BC903ED9F566FB] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] [MD5.A32AED8C644734B283A7C9D08D76064D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [176128] [MD5.28E1E63A1AC65E17B3194238FA2CF3BF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\WINDOWS\System32\drivers\tdx.sys [116576] [MD5.823A237D871CD652C6BFD47BECB6810A] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [378720] ---\\ Process running (48) - 8s [MD5.7C49A5E1943AFDA4672D80726AF3BAE4] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\stacsv64.exe [275968] [PID.1208] [MD5.F630DD7564EBB7248A13B1CC774D9EA6] - (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [26680] [PID.1836] [MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.1864] [MD5.2A047E7E0F1018E3134A4065636F2025] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.1900] [MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.1912] [MD5.FA4A45C179AB0E0F1A31B9751D4B18D7] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.1920] [MD5.ACB44407FF63C3A5A22AB5782F209604] - (.Broadcom Corporation. - Bluetooth Radio Management Support.) -- C:\WINDOWS\system32\BtwRSupportService.exe [2255064] [PID.1936] [MD5.FB51E8E39E3FDB6757874653B743BE72] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576] [PID.1968] [MD5.301E3FDFCF33640BB8763BA444BC5093] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1708] [MD5.0405F4BCD1C7A7B309F620FE0B5DE5E6] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1768] [MD5.BBFCAC1C23B867AE5D7EF96DF40680C5] - (.Realtek - RtlService MFC Application.) -- C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960] [PID.2136] [MD5.83C982A395D00BAFF6515FB38424EA76] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880] [PID.2144] [MD5.3EEDF446E29B6B8F7AD5AFA59B84800B] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.2228] [MD5.59CB6A1CA093EDC2881598A45518857D] - (.Hewlett-Packard Company - hpqwmiex Module.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [769592] [PID.6700] [MD5.7A24AD37416B91E4B5E5B46BD25C075F] - (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [126520] [PID.512] [MD5.C930128C8F8FF03D8F8C42B570920D56] - (.Hewlett-Packard Company - HPPA_Service.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [103992] [PID.6704] [MD5.B25F192EA1F84A316EB7C19EFCCCF33D] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.3432] [MD5.6F895CA96552069B3D3EF5B4F6E90D3E] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.6804] [MD5.ABFF2B3A80AA5348BE5E43EFD6B415D1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [6554424] [PID.8828] [MD5.84222E8F33BB6080953F130D246BB78B] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136] [PID.7556] [MD5.66F39EB030F69731FD2731D83D6A3DBD] - (.Realtek Semiconductor Corp. - RtWLan ( For Vista / Win7) Application(Exte.) -- C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe [1118208] [PID.8808] [MD5.015BE8DC7A551728CEFD5DD96EE14E80] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [210120] [PID.5284] [MD5.6A59AE2735639095CD93E58B0893914C] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [168480] [PID.1156] [MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [PID.8344] [MD5.4341A0AE66759EDC080D92DAA0D9B341] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [393760] [PID.4264] [MD5.5451A9DA41DA19CDD467616492D4096F] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [418336] [PID.5404] [MD5.287F22918F320D9409C60D6DC85D0DFE] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe [524800] [PID.7300] [MD5.C6CF3BBD590309E9C01FAA79C1B8A1E2] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848] [PID.6948] [MD5.5881014FEADC6E65C08586D6E33CB8C7] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152] [PID.1036] [MD5.8EDE61AD829449DC37458C29B73B6788] - (.Hewlett-Packard Company - .) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128] [PID.2680] [MD5.4BC504F17B301603778898B2CB35DFB6] - (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [318520] [PID.2976] [MD5.62671FD60D37214538CC44D0D603BC21] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1980416] [PID.3932] [MD5.C0B97E53A0E39A48EEA2DCD500EEA07A] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.4448] [MD5.D59ABED205F424BD4C52419479930BE9] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [586296] [PID.2096] [MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.3516] [MD5.CD5A799588932311C123FC6052FA46AA] - (.Intel Corporation - Intel(R) Management and Security Status.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1114648] [PID.3612] [MD5.BCFD8732024541C75D890D7122C16C4F] - (.Copyright Microsoft Corporation - Microsoft Photos.) -- C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.803.16240.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [7168] [PID.8956] [MD5.E953326C284A35B05D91566C9DE235D1] - (.MPC-HC Team - MPC-HC.) -- C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC\mpc-hc.exe [6150656] [PID.9096] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4732] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.5452] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.2648] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.8524] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.7612] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.8080] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.6736] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.6872] [MD5.F820401D0D2754C3A78C707927058A41] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.4712] [MD5.8BBBDE2F8710EA78AE249C508F96F498] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Cheb Khalid\AppData\Roaming\ZHP\ZHPDiag3.exe [1902592] [PID.5992] ---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (13) - 1s G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__ G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [hehijbfgiekmjfkfjpbkbammjbdenadd] IE Tab G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pmmeolboeidmfiiingaoifjhjdkgmlgj] facemoji - Stickers and emoji for Facebook ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (20) - 3s P2 - EXT FILE: (...) -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla\Firefox\Profiles\z2z0lwmz.dev-edition-default\extensions\jid0-XZn6pYCdV3ANrfYigxlyyGDrxAM@jetpack.xpi P2 - EXT FILE: (...) -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla\Firefox\Profiles\z2z0lwmz.dev-edition-default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla\Firefox\Profiles\x4fttkgq.default-1436137409083\extensions\useragentoverrider@qixinglu.com.xpi P2 - EXT FILE: (...) -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla\Firefox\Profiles\x4fttkgq.default-1436137409083\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} P2 - EXT: (.IE Tab Team - IE Tab.) -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla\Firefox\Profiles\z2z0lwmz.dev-edition-default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9} P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google.) -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google.) -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla\plugins\npo1d.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.5] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (18) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.jp.msn.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (R5) (4) - 1s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (O1) (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (22) ---\\ Browser Helper Object (BHO) (O2) (1) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll ---\\ Internet Explorer Toolbars (O3) (1) - 0s O3 - Toolbar: 0xE3EFEB7F196B494398D2FFB09D4B49CA0129030000 - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.) ---\\ Auto loading programs from Registry and folders (O4) (28) - 2s O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (.not file.) O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - .) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Cheb Khalid\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Cheb Khalid\AppData\Local\Microsoft\OneDrive\OneDrive.exe O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Cheb Khalid\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] . (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\System32\cmd.exe O4 - HKLM\..\Wow6432Node\Run: [HPOSD] . (.Hewlett-Packard Development Company, L.P. - HP On Screen Display.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O4 - HKLM\..\Wow6432Node\Run: [IMSS] . (.Copyright © 2009, Intel Corporation. All rights reser - PIconStartup application.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Wow6432Node\Run: [HP Quick Launch] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe O4 - HKUS\S-1-5-21-1817632741-1959125580-3575791240-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (.not file.) O4 - HKUS\S-1-5-21-1817632741-1959125580-3575791240-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe O4 - HKUS\S-1-5-21-1817632741-1959125580-3575791240-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - .) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe O4 - HKUS\S-1-5-21-1817632741-1959125580-3575791240-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\Cheb Khalid\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-1817632741-1959125580-3575791240-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe O4 - HKUS\S-1-5-21-1817632741-1959125580-3575791240-1000\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\Cheb Khalid\AppData\Local\Microsoft\OneDrive\OneDrive.exe O4 - HKUS\S-1-5-21-1817632741-1959125580-3575791240-1000\..\RunOnce: [Uninstall C:\Users\Cheb Khalid\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] . (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\System32\cmd.exe ---\\ Lop.com/Domain Hijackers (O17) (8) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = dlinkrouter O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 10.1.0.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = dlinkrouter ---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (19) - 1s O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @oem39.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Managem (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\WINDOWS\system32\BtwRSupportService.exe O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P. - HP Quick Launch WMI Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Realtek87B (Realtek87B) . (.Realtek - RtlService MFC Application.) - C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @C:\WINDOWS\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv64.exe O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe O23 - Service: Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ---\\ Task Planned Automatically (O39) (36) - 7s [MD5.0FBC0E179CA71FAD0832FF479439BFFB] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [1156296] [MD5.BBF37D81780EBB4919636CF7E5C789BE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] [MD5.2E4EE47FBD9BB663A5220DBC38579986] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5282584] [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core] (.Facebook Inc..) -- C:\Users\Cheb Khalid\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA] (.Facebook Inc..) -- C:\Users\Cheb Khalid\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [MD5.C6FF00DA1605982E616C03BE809FFE2D] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core] (.Google Inc..) -- C:\Users\Cheb Khalid\AppData\Local\Google\Update\GoogleUpdate.exe [107848] [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA] (.Google Inc..) -- C:\Users\Cheb Khalid\AppData\Local\Google\Update\GoogleUpdate.exe [107848] [MD5.8231A10FC523A93F3B2D54714E157021] [APT] [JetBoost_AutoUpdate] (.BlueSprig.) -- C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [724336] [MD5.B00F98FF6FE8682FF941BEB2559BF191] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488] [MD5.00000000000000000000000000000000] [APT] [SidebarExecute] (...) -- C:\Program Files\Windows Sidebar\sidebar.exe (.not file.) [0] [MD5.F820401D0D2754C3A78C707927058A41] [APT] [{7AA56E24-3E99-4A41-B4F7-EE408E00EE98}] (.Google Inc..) -- c:\program files (x86)\Google\Chrome\application\chrome.exe [813896] O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated O39 - APT: FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core.job [930] =>.Facebook Inc. O39 - APT: FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA - (.Facebook Inc..) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA.job [952] =>.Facebook Inc. O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [924] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [928] =>.Google Inc. O39 - APT: GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core.job [880] =>.Google Inc. O39 - APT: GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA.job [932] =>.Google Inc. O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier [4010] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [3878] =>.Adobe Systems Incorporated O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\WINDOWS\System32\Tasks\CCleanerSkipUAC [2894] =>.Piriform Ltd O39 - APT: FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core - (.Facebook Inc..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core [3682] =>.Facebook Inc. O39 - APT: FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA - (.Facebook Inc..) -- C:\WINDOWS\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA [4050] =>.Facebook Inc. O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3754] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3986] =>.Google Inc. O39 - APT: GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000Core [3628] =>.Google Inc. O39 - APT: GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1817632741-1959125580-3575791240-1000UA [4024] =>.Google Inc. O39 - APT: JetBoost_AutoUpdate - (.BlueSprig.) -- C:\WINDOWS\System32\Tasks\JetBoost_AutoUpdate [3320] =>.BlueSprig O39 - APT: MirageAgent - (.CyberLink.) -- C:\WINDOWS\System32\Tasks\MirageAgent [3258] =>.CyberLink O39 - APT: SidebarExecute - (...) -- C:\WINDOWS\System32\Tasks\SidebarExecute [3300] O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{428DED43-1DD4-4AAF-9770-BDF673894ED3} [3332] O39 - APT: {7AA56E24-3E99-4A41-B4F7-EE408E00EE98} - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\{7AA56E24-3E99-4A41-B4F7-EE408E00EE98} [3210] =>.Google Inc. O39 - APT: Orphean - (...) -- C:\WINDOWS\System32\Tasks\{800B728C-25C9-418F-8F8F-68DA66A104F9} [3392] ---\\ Software installed (O42) (81) - 12s O42 - Logiciel: Broadcom 802.11 Wireless LAN Adapter - (.Broadcom Corporation.) [HKLM][64Bits] -- Broadcom 802.11 Wireless LAN Adapter O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner O42 - Logiciel: Synaptics TouchPad Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM][64Bits] -- TAP-Windows O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {13DCC2C7-454D-42F0-A892-E0E9A5DE4E67} O42 - Logiciel: Java(TM) 6 Update 22 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416022FF} O42 - Logiciel: ESET Smart Security - (.ESET, spol s r. o..) [HKLM][64Bits] -- {293ADC3B-DCF3-44C2-9CE8-19DD2B4F7646} O42 - Logiciel: Broadcom 2070 Bluetooth 3.0 - (.Broadcom Corporation.) [HKLM][64Bits] -- {436E0B79-2CFB-4E5F-9380-E17C1B25D0C5} O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {5A68A656-979F-4168-8795-E2E368AA4DC2} O42 - Logiciel: Revo Uninstaller Pro 3.1.2 - (.VS Revo Group, Ltd..) [HKLM][64Bits] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Adblock Plus for IE (32-bit and 64-bit) - (.Eyeo GmbH.) [HKLM][64Bits] -- {77588F59-3C58-4675-8EEE-998E5BC33CF4} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {787136D2-F0F8-4625-AA3F-72D7795AC842} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.11761. - (.Microsoft Corporation.) [HKLM][64Bits] -- {986E003C-E56D-5A47-110E-D3C81F0E8535} O42 - Logiciel: HP Auto - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {CC4D56B7-6F18-470B-8734-ABCD75BCF4F1} O42 - Logiciel: Adobe Flash Player 18 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI O42 - Logiciel: Adobe Flash Player 18 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI O42 - Logiciel: Betternet - (...) [HKLM][64Bits] -- Betternet O42 - Logiciel: FormatFactory 3.3.3.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory O42 - Logiciel: FreeCommander XE - (.Marek Jasinski.) [HKLM][64Bits] -- FreeCommander XE_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome O42 - Logiciel: iFunbox (v2.1.2228.731), iFunbox DevTeam - (...) [HKLM][64Bits] -- iFunbox_is1 O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager O42 - Logiciel: JetBoost - (.BlueSprig.) [HKLM][64Bits] -- JetBoost_is1 O42 - Logiciel: K-Lite Codec Pack 10.6.5 Full - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Livestreamer 1.5.2 - (...) [HKLM][64Bits] -- Livestreamer O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 O42 - Logiciel: Microsoft Report Viewer Redistributable 2005 - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Report Viewer Redistributable 2005 O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 en-US) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService O42 - Logiciel: OpenVPN 2.3.6-I001 - (...) [HKLM][64Bits] -- OpenVPN O42 - Logiciel: SopCast 3.5.0 - (.www.sopcast.com.) [HKLM][64Bits] -- SopCast O42 - Logiciel: Split MP3 1.1 - (.prvsoft.com.) [HKLM][64Bits] -- Split MP3_is1 O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player O42 - Logiciel: WinRAR archiver - (...) [HKLM][64Bits] -- WinRAR archiver O42 - Logiciel: HP CloudDrive - (.Zecter Inc..) [HKLM][64Bits] -- ZumoDrive O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544} O42 - Logiciel: REALTEK Wireless LAN Driver and Utility - (...) [HKLM][64Bits] -- {0DF70CB6-553A-4C57-8E6D-87635EECFB78} O42 - Logiciel: HP On Screen Display - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {124DB96E-CBF5-44FB-AB59-7D2444DEC777} O42 - Logiciel: CyberLink DVD Suite - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7} O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} O42 - Logiciel: ActiveCheck component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {254C37AA-6B72-4300-84F6-98A82419187E} O42 - Logiciel: Java 7 Update 17 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217017FF} O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {3577E42B-3347-4EB8-BFDA-D36E8ED3C519} O42 - Logiciel: HP Software Framework - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {35D2E477-8524-4294-9D6A-D8481328389F} O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM][64Bits] -- {3877C901-7B90-4727-A639-B6ED2DD59D43} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {3B834B54-EC4B-48E2-BFC6-03FF5DA06F62} O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: HP Documentation - (.Hewlett-Packard.) [HKLM][64Bits] -- {53CD60C7-12F9-420D-A9BF-EC8D815475A9} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: HPAsset component for HP Active Support Library - (.Hewlett-Packard.) [HKLM][64Bits] -- {669D4A35-146B-4314-89F1-1AC3D7B88367} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: HP Setup - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {802C068E-0576-4F25-8137-D54B7DB0FC5E} O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM][64Bits] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {9FEFA8C2-80EB-4B7A-BDE0-E077D94C36C4} O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM][64Bits] -- {A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: Adobe Reader 9.5.5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-A95000000001} O42 - Logiciel: Energy Star Digital Logo - (.Hewlett-Packard.) [HKLM][64Bits] -- {BD1A34C9-4764-4F79-AE1F-112F8C89D3D4} O42 - Logiciel: Realtek PCIE Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {C1594429-8296-4652-BF54-9DBE4932A44C} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: Recovery Manager - (.Hewlett-Packard.) [HKLM][64Bits] -- {C7231F7C-6530-4E65-ADA6-5B392CF5BEB1} O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6} O42 - Logiciel: دعم تطبيق Apple - (.Apple Inc..) [HKLM][64Bits] -- {D9DAD0FF-495A-472B-9F10-BAE430A26682} O42 - Logiciel: IDT Audio - (.IDT.) [HKLM][64Bits] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001} O42 - Logiciel: HP Quick Launch - (.Hewlett-Packard Company.) [HKLM][64Bits] -- {EB58480C-0721-483C-B354-9D35A147999F} O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} O42 - Logiciel: System Requirements Lab - (.Husdawg, LLC.) [HKLM][64Bits] -- {F89CDED6-B1F1-489F-BA44-698BF6A737C2} O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} O42 - Logiciel: TopTv version 2.0 - (.Alsersawy.stream, Inc..) [HKLM][64Bits] -- {FCCEA808-0710-4650-AE1D-BFC8848D373B}_is1 O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8} O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent ---\\ HKCU & HKLM Software Keys (152) - 12s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\AviSynth HKLM\SOFTWARE\Wow6432Node\Baidu HKLM\SOFTWARE\Wow6432Node\Bunndle HKLM\SOFTWARE\Wow6432Node\Caphyon HKLM\SOFTWARE\Wow6432Node\Cisco Systems HKLM\SOFTWARE\Wow6432Node\CyberGhost HKLM\SOFTWARE\Wow6432Node\CyberLink HKLM\SOFTWARE\Wow6432Node\ESET HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\IDT HKLM\SOFTWARE\Wow6432Node\illiminable HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\ImTOO HKLM\SOFTWARE\Wow6432Node\Innovative Solutions HKLM\SOFTWARE\Wow6432Node\Insyde HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\InterVideo HKLM\SOFTWARE\Wow6432Node\IO3O HKLM\SOFTWARE\Wow6432Node\IObit HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\Lake HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\LightScribe HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Netscape HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OpenVPN HKLM\SOFTWARE\Wow6432Node\P2G_Upgrade HKLM\SOFTWARE\Wow6432Node\Product_Upgrade HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\Research In Motion HKLM\SOFTWARE\Wow6432Node\RtWLan HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Smart Projects HKLM\SOFTWARE\Wow6432Node\SoftEther Project HKLM\SOFTWARE\Wow6432Node\SopCast HKLM\SOFTWARE\Wow6432Node\TuneUp HKLM\SOFTWARE\Wow6432Node\UCBrowserPID HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Windows HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\Zecter HKLM\SOFTWARE\Wow6432Node\ZumoDrive HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\AdblockPlus HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ASProtect HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\Betternet HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Bmupd HKCU\SOFTWARE\Bogosoft HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Cisco Systems HKCU\SOFTWARE\CooolSoft HKCU\SOFTWARE\CyberLink HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\ej-technologies HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Facebook HKCU\SOFTWARE\famatech HKCU\SOFTWARE\FreeAudioVideo HKCU\SOFTWARE\FreeDownloadManager.ORG HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\i-FunBox.com HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IE Tab HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\ImTOO HKCU\SOFTWARE\Innovative Solutions HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Lake HKCU\SOFTWARE\License HKCU\SOFTWARE\LightScribe HKCU\SOFTWARE\LiveUpdate360 HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\Magnet HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Medieval HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mirage HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Norton HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\PdaNetIPhone HKCU\SOFTWARE\PDF Editor HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Polipo HKCU\SOFTWARE\RealVNC HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\Research In Motion HKCU\SOFTWARE\RocketDock HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SkypeRS HKCU\SOFTWARE\Smart Projects HKCU\SOFTWARE\SoftEther Project HKCU\SOFTWARE\StackDocklet HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\System Requirements Lab HKCU\SOFTWARE\TAdvCheckList HKCU\SOFTWARE\Tasksgr HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\txn HKCU\SOFTWARE\UCBrowserPID HKCU\SOFTWARE\University of Tsukuba HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VS Revo Group HKCU\SOFTWARE\Widcomm HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WSVCUPlugin HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\Adobe HKCU\SOFTWARE\AppDataLow\Software\JavaSoft ---\\ Contents of the Common Files folders (O43) (289) - 14s O43 - CFD: 2013/05/22 04:02:42 - [] D -- C:\Program Files (x86)\Adobe O43 - CFD: 2013/04/11 04:13:43 - [] D -- C:\Program Files (x86)\Apple Software Update O43 - CFD: 2015/08/10 00:10:01 - [] D -- C:\Program Files (x86)\betternet O43 - CFD: 2015/08/09 01:47:16 - [] D -- C:\Program Files (x86)\BlueSprig O43 - CFD: 2013/04/11 04:13:27 - [] D -- C:\Program Files (x86)\Bonjour O43 - CFD: 2013/10/28 22:48:42 - [0] D -- C:\Program Files (x86)\Bzeek O43 - CFD: 2015/08/15 07:16:59 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 2011/02/11 12:59:44 - [] D -- C:\Program Files (x86)\CyberLink O43 - CFD: 2014/05/18 04:02:02 - [] D -- C:\Program Files (x86)\FreeCommander XE O43 - CFD: 2014/04/17 17:46:39 - [] D -- C:\Program Files (x86)\FreeTime O43 - CFD: 2015/08/16 02:31:43 - [] D -- C:\Program Files (x86)\Google O43 - CFD: 2015/08/15 07:16:59 - [] D -- C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 2013/04/11 20:06:22 - [] D -- C:\Program Files (x86)\HP Games O43 - CFD: 2013/04/11 04:16:27 - [] D -- C:\Program Files (x86)\i-Funbox DevTeam O43 - CFD: 2014/01/03 14:53:14 - [0] D -- C:\Program Files (x86)\ImTOO O43 - CFD: 2014/10/09 08:33:39 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2011/02/11 12:49:00 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 2015/08/16 23:40:27 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 2015/08/15 18:55:22 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2014/10/06 04:33:17 - [] D -- C:\Program Files (x86)\IObit O43 - CFD: 2014/06/04 19:02:56 - [] D -- C:\Program Files (x86)\iTunes O43 - CFD: 2013/04/11 04:04:03 - [] D -- C:\Program Files (x86)\Java O43 - CFD: 2014/08/16 03:11:57 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 2013/09/10 01:53:46 - [] D -- C:\Program Files (x86)\Livestreamer O43 - CFD: 2015/06/28 18:30:00 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware O43 - CFD: 2015/02/13 16:21:38 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 2015/02/13 16:21:21 - [] D -- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2015/08/12 05:48:38 - [] D -- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2015/02/13 16:22:27 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 2015/08/15 07:16:59 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2015/08/15 04:20:56 - [] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 2015/08/15 22:21:51 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 2013/06/10 20:02:59 - [] D -- C:\Program Files (x86)\MSECache O43 - CFD: 2013/09/29 06:46:52 - [0] D -- C:\Program Files (x86)\MyLanViewer O43 - CFD: 2015/06/05 10:29:25 - [0] D -- C:\Program Files (x86)\NirSoft O43 - CFD: 2013/04/11 03:48:33 - [] RD -- C:\Program Files (x86)\Online Services O43 - CFD: 2015/07/02 00:13:55 - [] D -- C:\Program Files (x86)\OpenVPN O43 - CFD: 2014/07/23 23:43:08 - [] D -- C:\Program Files (x86)\Realtek O43 - CFD: 2015/08/15 18:37:29 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2015/07/04 03:50:23 - [] RD -- C:\Program Files (x86)\Skype O43 - CFD: 2015/01/24 21:04:41 - [] D -- C:\Program Files (x86)\SopCast O43 - CFD: 2015/01/09 17:44:53 - [] D -- C:\Program Files (x86)\Split MP3 O43 - CFD: 2015/08/12 22:04:08 - [] D -- C:\Program Files (x86)\SystemRequirementsLab O43 - CFD: 2015/06/07 03:00:46 - [] D -- C:\Program Files (x86)\TopTv O43 - CFD: 2009/07/14 08:57:06 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 2013/10/30 07:11:02 - [] D -- C:\Program Files (x86)\Unlockroot Pro O43 - CFD: 2015/06/21 02:10:34 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 2015/08/15 18:49:02 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 2015/08/15 07:17:00 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 2015/08/15 18:49:02 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2015/07/10 15:04:26 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 2015/07/10 15:04:22 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 2015/08/15 18:49:02 - [] D -- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2015/07/10 15:04:26 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2015/08/15 07:17:00 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2015/07/10 15:04:22 - [] SD -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 2013/05/03 22:20:18 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 2014/04/17 17:45:07 - [0] D -- C:\Program Files (x86)\Wondershare O43 - CFD: 2015/07/10 15:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/07/10 17:14:55 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALFA Wireless LAN Driver and Utility O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9 O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Energy Star O43 - CFD: 2015/08/15 07:17:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander XE O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/08/16 02:31:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam O43 - CFD: 2015/08/15 07:17:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImTOO O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBoost O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling O43 - CFD: 2015/07/10 15:04:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2015/08/15 07:24:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 2015/08/15 07:17:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Split MP3 O43 - CFD: 2015/07/10 15:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 2013/04/11 04:45:58 - [0] HD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupAdvanced Uninstaller O43 - CFD: 2015/07/10 15:04:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2015/07/10 17:14:53 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 2015/08/15 07:17:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows O43 - CFD: 2015/08/15 07:17:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopTv O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 2015/08/15 07:24:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 2014/06/04 19:02:58 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 2013/05/22 04:02:48 - [] D -- C:\ProgramData\Adobe O43 - CFD: 2014/06/04 18:56:26 - [] D -- C:\ProgramData\Apple O43 - CFD: 2013/04/11 04:14:19 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 2015/07/10 16:21:38 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 2014/08/18 18:53:37 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 2015/05/16 22:02:06 - [] D -- C:\ProgramData\Baidu O43 - CFD: 2015/08/09 01:47:17 - [] D -- C:\ProgramData\BlueSprig O43 - CFD: 2014/06/03 23:31:56 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 2014/08/01 22:32:36 - [] D -- C:\ProgramData\boost_interprocess O43 - CFD: 2013/05/22 03:49:46 - [] D -- C:\ProgramData\Cisco Systems O43 - CFD: 2013/07/23 09:17:24 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 2015/07/10 15:04:22 - [0] D -- C:\ProgramData\Comms O43 - CFD: 2014/01/03 14:57:16 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 2015/07/10 16:21:38 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 2015/07/10 16:21:38 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 2015/06/28 18:46:48 - [] D -- C:\ProgramData\ESET O43 - CFD: 2015/08/15 07:42:24 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 2011/02/11 13:09:10 - [] D -- C:\ProgramData\Hewlett-Packard O43 - CFD: 2014/10/02 06:40:26 - [0] D -- C:\ProgramData\IDM O43 - CFD: 2014/01/03 14:44:42 - [] D -- C:\ProgramData\ImTOO O43 - CFD: 2013/04/11 03:38:23 - [] D -- C:\ProgramData\Innovative Solutions O43 - CFD: 2011/02/11 13:08:17 - [] D -- C:\ProgramData\Intel O43 - CFD: 2014/10/02 19:30:49 - [] D -- C:\ProgramData\IObit O43 - CFD: 2015/08/12 19:35:50 - [] D -- C:\ProgramData\LightScribe O43 - CFD: 2014/08/25 20:09:28 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 2013/11/14 18:49:54 - [] D -- C:\ProgramData\McAfee O43 - CFD: 2013/05/02 17:00:29 - [] D -- C:\ProgramData\Medieval Software O43 - CFD: 2015/08/15 07:17:11 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 2015/08/12 05:19:03 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 2015/08/15 08:23:25 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 2014/08/23 02:42:29 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 2013/04/11 03:46:34 - [] D -- C:\ProgramData\Norton O43 - CFD: 2011/02/11 13:00:47 - [] D -- C:\ProgramData\NortonInstaller O43 - CFD: 2015/04/17 05:44:42 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 2014/12/03 19:18:57 - [] D -- C:\ProgramData\ProductData O43 - CFD: 2014/06/10 05:30:00 - [0] D -- C:\ProgramData\RealVNC-Service O43 - CFD: 2014/10/24 16:55:38 - [] D -- C:\ProgramData\Reflection O43 - CFD: 2015/07/10 17:14:53 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 2015/07/04 03:50:34 - [] D -- C:\ProgramData\Skype O43 - CFD: 2015/07/10 15:04:22 - [0] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 2011/01/05 23:58:57 - [] D -- C:\ProgramData\Stardock O43 - CFD: 2015/07/10 16:21:38 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 2011/01/06 00:11:39 - [] D -- C:\ProgramData\Sun O43 - CFD: 2015/08/10 23:52:45 - [] D -- C:\ProgramData\Synaptics O43 - CFD: 2013/09/16 12:21:32 - [] D -- C:\ProgramData\SystemRequirementsLab O43 - CFD: 2013/09/25 18:57:11 - [] AD -- C:\ProgramData\Temp O43 - CFD: 2015/07/10 16:21:38 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 2015/04/17 05:38:15 - [] D -- C:\ProgramData\Thunder Network O43 - CFD: 2013/09/07 05:32:13 - [] D -- C:\ProgramData\TuneUp Software O43 - CFD: 2015/07/10 16:22:45 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 2015/07/10 16:22:45 - [] D -- C:\ProgramData\USOShared O43 - CFD: 2014/10/02 06:30:16 - [] D -- C:\ProgramData\VS Revo Group O43 - CFD: 2013/04/11 20:06:18 - [] D -- C:\ProgramData\WildTangent O43 - CFD: 2014/04/17 17:42:26 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate O43 - CFD: 2013/07/23 09:23:31 - [0] D -- C:\ProgramData\{7A89BFAF-D4AA-434A-B652-6F880DD86278} O43 - CFD: 2013/07/23 09:23:31 - [0] SHD -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 2013/05/22 04:02:49 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2014/06/04 19:02:12 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 2011/02/11 13:00:29 - [] D -- C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 2014/10/02 07:06:43 - [] D -- C:\Program Files (x86)\Common Files\EagleGet O43 - CFD: 2013/04/11 03:38:21 - [] D -- C:\Program Files (x86)\Common Files\Innovative Solutions O43 - CFD: 2014/10/09 08:33:45 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 2011/02/11 12:47:42 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 2013/04/11 04:04:22 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 2011/02/11 12:56:57 - [] D -- C:\Program Files (x86)\Common Files\LightScribe O43 - CFD: 2015/08/15 07:16:58 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 2011/02/11 12:48:41 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 2015/07/10 15:04:26 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2015/01/21 00:43:55 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 2015/08/15 07:16:58 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 2015/08/15 07:16:58 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 2011/01/06 00:01:54 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 2014/04/17 17:39:43 - [] D -- C:\Program Files (x86)\Common Files\Wondershare O43 - CFD: 2014/08/24 20:15:15 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\.ACEStream O43 - CFD: 2013/07/20 03:36:32 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\.Torrent Stream O43 - CFD: 2014/08/24 20:15:15 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\ACEStream O43 - CFD: 2013/04/13 20:20:14 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Adobe O43 - CFD: 2014/08/23 02:57:05 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Apple Computer O43 - CFD: 2015/07/01 06:30:29 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Azureus O43 - CFD: 2015/05/16 22:02:07 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Baidu O43 - CFD: 2014/08/01 22:32:56 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\CometPlayer O43 - CFD: 2014/01/03 14:57:19 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\CyberLink O43 - CFD: 2015/08/17 07:52:33 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\DMCache O43 - CFD: 2013/04/11 04:51:40 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\ESET O43 - CFD: 2015/04/04 19:14:06 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\Google O43 - CFD: 2013/04/11 03:48:44 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Hewlett-Packard O43 - CFD: 2013/04/11 03:51:11 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\hpqLog O43 - CFD: 2013/04/11 03:50:55 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Identities O43 - CFD: 2015/08/16 23:18:14 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\IDM O43 - CFD: 2013/09/08 02:09:05 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\IDT O43 - CFD: 2014/04/09 00:36:32 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\iFunbox_UserCache O43 - CFD: 2014/01/03 14:45:33 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\ImTOO O43 - CFD: 2013/04/11 03:51:13 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Intel Corporation O43 - CFD: 2013/09/10 01:53:45 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\livestreamer O43 - CFD: 2015/01/01 05:13:01 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Macromedia O43 - CFD: 2014/10/18 16:57:14 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\MarySoft O43 - CFD: 2015/08/15 08:38:58 - [] SD -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft O43 - CFD: 2015/04/22 04:32:58 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Mozilla O43 - CFD: 2014/08/16 03:13:07 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\MPC-HC O43 - CFD: 2015/07/06 05:19:09 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\Opera Software O43 - CFD: 2014/06/06 03:02:42 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\ProductData O43 - CFD: 2014/05/06 00:21:53 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Research In Motion O43 - CFD: 2014/08/23 02:52:29 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\rmi O43 - CFD: 2013/04/28 03:39:23 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\SimpleTV V03 O43 - CFD: 2015/07/22 02:41:50 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Skype O43 - CFD: 2014/06/18 02:58:02 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\StreamTorrent O43 - CFD: 2013/04/11 03:51:10 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Synaptics O43 - CFD: 2014/05/13 18:51:13 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\System O43 - CFD: 2014/02/14 23:32:06 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\tigerplayer O43 - CFD: 2013/07/20 03:36:32 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\TorrentStream O43 - CFD: 2013/07/23 09:18:36 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\TuneUp Software O43 - CFD: 2015/08/12 20:25:50 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\uTorrent O43 - CFD: 2015/06/21 05:20:23 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\vlc O43 - CFD: 2013/04/11 19:48:33 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\WinRAR O43 - CFD: 2014/04/17 17:41:45 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Wondershare Video Converter Ultimate O43 - CFD: 2015/08/17 20:15:17 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\ZHP O43 - CFD: 2014/04/17 17:40:07 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} O43 - CFD: 2014/10/11 07:17:39 - [] D -- C:\Users\Cheb Khalid\AppData\Local\1BN_(www.1bn.in) O43 - CFD: 2015/06/21 04:22:18 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Adobe O43 - CFD: 2013/04/11 04:13:43 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Apple O43 - CFD: 2014/08/23 02:57:05 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Apple Computer O43 - CFD: 2015/08/15 07:14:05 - [0] SHD -- C:\Users\Cheb Khalid\AppData\Local\Application Data O43 - CFD: 2014/11/13 23:45:04 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Apps O43 - CFD: 2015/08/10 00:01:18 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\Betternet Updater O43 - CFD: 2013/05/02 03:51:24 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Broadcom O43 - CFD: 2015/08/15 21:15:24 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Comms O43 - CFD: 2015/08/12 20:14:34 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\CrashDumps O43 - CFD: 2014/01/03 14:57:23 - [] D -- C:\Users\Cheb Khalid\AppData\Local\CyberLink O43 - CFD: 2013/10/28 22:39:59 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\DanuSoft O43 - CFD: 2015/06/27 00:38:49 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\Diagnostics O43 - CFD: 2014/10/09 08:28:49 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Disc_Soft_Ltd O43 - CFD: 2015/08/14 05:18:42 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\ElevatedDiagnostics O43 - CFD: 2013/04/11 04:51:40 - [] D -- C:\Users\Cheb Khalid\AppData\Local\ESET O43 - CFD: 2014/05/11 22:57:48 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Facebook O43 - CFD: 2014/05/18 04:02:00 - [] D -- C:\Users\Cheb Khalid\AppData\Local\FreeCommanderXE O43 - CFD: 2015/06/07 03:01:05 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Geckofx O43 - CFD: 2015/01/09 17:39:35 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\GGEmpire O43 - CFD: 2015/08/16 02:32:11 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Google O43 - CFD: 2015/08/14 06:37:11 - [] D -- C:\Users\Cheb Khalid\AppData\Local\GWX O43 - CFD: 2013/04/11 03:50:37 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Hewlett-Packard O43 - CFD: 2013/04/11 03:48:30 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Hewlett-Packard_Company O43 - CFD: 2015/08/15 07:14:05 - [0] SHD -- C:\Users\Cheb Khalid\AppData\Local\History O43 - CFD: 2015/06/06 22:40:11 - [] D -- C:\Users\Cheb Khalid\AppData\Local\IE Tab O43 - CFD: 2013/04/11 03:38:21 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Innovative Solutions O43 - CFD: 2014/12/01 05:16:59 - [] D -- C:\Users\Cheb Khalid\AppData\Local\IsolatedStorage O43 - CFD: 2015/01/01 05:17:40 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Macromedia O43 - CFD: 2015/08/17 19:39:52 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Microsoft O43 - CFD: 2015/02/17 21:41:06 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Microsoft Help O43 - CFD: 2015/08/15 08:28:07 - [] D -- C:\Users\Cheb Khalid\AppData\Local\MicrosoftEdge O43 - CFD: 2015/02/05 01:50:07 - [] D -- C:\Users\Cheb Khalid\AppData\Local\MiniService O43 - CFD: 2014/08/23 02:42:49 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Mozilla O43 - CFD: 2015/08/15 08:24:33 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\NetworkTiles O43 - CFD: 2015/07/06 05:19:09 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\Opera Software O43 - CFD: 2015/08/15 22:27:05 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Packages O43 - CFD: 2015/08/16 02:40:12 - [0] D -- C:\Users\Cheb Khalid\AppData\Local\PeerDistRepub O43 - CFD: 2013/05/02 04:06:40 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Programs O43 - CFD: 2015/08/15 08:26:30 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Publishers O43 - CFD: 2014/06/10 05:39:52 - [] D -- C:\Users\Cheb Khalid\AppData\Local\RealVNC O43 - CFD: 2013/04/11 03:50:35 - [] D -- C:\Users\Cheb Khalid\AppData\Local\RemEngine O43 - CFD: 2014/05/06 00:21:29 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Research In Motion O43 - CFD: 2013/05/30 05:53:08 - [] D -- C:\Users\Cheb Khalid\AppData\Local\SkinSoft O43 - CFD: 2014/03/04 23:50:15 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Skype O43 - CFD: 2015/08/17 20:15:17 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Temp O43 - CFD: 2015/08/15 07:14:05 - [0] SHD -- C:\Users\Cheb Khalid\AppData\Local\Temporary Internet Files O43 - CFD: 2015/08/15 07:44:30 - [] D -- C:\Users\Cheb Khalid\AppData\Local\TileDataLayer O43 - CFD: 2013/09/25 18:45:03 - [] D -- C:\Users\Cheb Khalid\AppData\Local\VirtualRouterPlus O43 - CFD: 2014/11/18 03:19:57 - [] D -- C:\Users\Cheb Khalid\AppData\Local\VirtualStore O43 - CFD: 2014/10/02 06:30:23 - [] D -- C:\Users\Cheb Khalid\AppData\Local\VS Revo Group O43 - CFD: 2013/05/06 02:02:21 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Western Digital O43 - CFD: 2014/04/16 00:10:41 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Windows Live O43 - CFD: 2014/04/17 17:39:45 - [] D -- C:\Users\Cheb Khalid\AppData\Local\Wondershare O43 - CFD: 2015/07/10 15:04:26 - [] RD -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 2015/08/15 07:44:34 - [] RD -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 2015/08/15 08:20:54 - [] RD -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/04/19 01:27:33 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices O43 - CFD: 2015/08/15 07:24:51 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike O43 - CFD: 2015/08/15 07:24:51 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 2015/08/15 07:24:51 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 2015/08/15 07:24:51 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Half-Life O43 - CFD: 2015/08/15 07:15:10 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HLDS O43 - CFD: 2015/08/15 07:24:51 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 2015/07/10 15:04:26 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 2015/01/24 21:04:37 - [0] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast O43 - CFD: 2015/08/15 08:20:54 - [] RD -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 2015/07/10 15:04:26 - [] RD -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 2015/08/15 07:15:10 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro O43 - CFD: 2015/08/15 07:24:51 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool O43 - CFD: 2015/07/10 15:04:45 - [] RSD -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell O43 - CFD: 2015/08/15 07:24:51 - [] D -- C:\Users\Cheb Khalid\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (5) - 0s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe ---\\ System Drivers List (SDL) (O58) (130) - 22s O58 - SDL:2014/10/02 19:35:08 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\00707964.sys [122584] O58 - SDL:2015/06/14 01:40:24 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\04BE04E7.sys [136408] O58 - SDL:2015/03/04 19:28:31 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\053C14D8.sys [129752] O58 - SDL:2014/11/19 20:28:47 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\07203702.sys [129752] O58 - SDL:2014/12/18 23:33:15 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\0737080A.sys [129752] O58 - SDL:2014/10/18 18:21:33 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\0914187C.sys [122584] O58 - SDL:2014/12/20 20:28:31 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\092D2CED.sys [129752] O58 - SDL:2015/03/08 19:28:37 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\0DC64D74.sys [129752] O58 - SDL:2015/04/08 17:44:29 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\0DD61630.sys [136408] O58 - SDL:2015/05/29 05:28:43 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\0FF35186.sys [136408] O58 - SDL:2015/05/26 22:17:02 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\133A6ADC.sys [136408] O58 - SDL:2015/01/07 23:29:14 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\17C535A2.sys [129752] O58 - SDL:2015/03/10 19:28:31 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\182B69A4.sys [129752] O58 - SDL:2014/12/23 02:28:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\1A265CD7.sys [129752] O58 - SDL:2014/12/01 20:42:42 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\1F456B41.sys [129752] O58 - SDL:2015/04/04 17:28:30 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\22252F1C.sys [136408] O58 - SDL:2014/10/06 20:24:49 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\26D368AE.sys [122584] O58 - SDL:2015/01/19 00:28:42 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\28653E9C.sys [129752] O58 - SDL:2015/03/02 21:28:39 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\29BD5486.sys [129752] O58 - SDL:2015/02/18 14:28:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\2F9B697C.sys [129752] O58 - SDL:2015/04/14 15:28:47 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\308960D0.sys [136408] O58 - SDL:2015/03/26 17:36:01 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\3D6A75AA.sys [136408] O58 - SDL:2015/05/22 22:44:54 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\3F2247A8.sys [136408] O58 - SDL:2015/07/10 14:59:38 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] O58 - SDL:2015/02/07 03:28:44 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\40B914EE.sys [129752] O58 - SDL:2015/06/13 00:34:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\41020469.sys [136408] O58 - SDL:2014/11/27 00:28:42 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\41251190.sys [129752] O58 - SDL:2014/11/22 21:28:41 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\42244F40.sys [129752] O58 - SDL:2014/11/24 00:28:56 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\437B2757.sys [129752] O58 - SDL:2015/05/05 13:06:07 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\4AF75C69.sys [136408] O58 - SDL:2014/12/06 20:32:04 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\4C0169C8.sys [129752] O58 - SDL:2015/01/14 23:19:34 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\4E00512A.sys [129752] O58 - SDL:2014/12/15 23:28:39 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\51AE3021.sys [129752] O58 - SDL:2015/03/17 21:34:34 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\52186D0C.sys [129752] O58 - SDL:2014/10/16 17:12:19 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\535643DE.sys [122584] O58 - SDL:2015/05/13 23:39:25 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\5AD0322F.sys [136408] O58 - SDL:2014/11/10 23:27:25 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\5CD20F5A.sys [129752] O58 - SDL:2015/03/31 23:27:09 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\5D730914.sys [136408] O58 - SDL:2015/04/10 01:25:21 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\5E4C22BE.sys [136408] O58 - SDL:2014/08/27 23:42:56 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\5FA223C9.sys [122584] O58 - SDL:2015/05/11 22:21:47 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\61E45A80.sys [136408] O58 - SDL:2014/11/25 23:28:45 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\647F1588.sys [129752] O58 - SDL:2014/09/25 17:41:04 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\664939EB.sys [122584] O58 - SDL:2015/02/17 03:28:35 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\66682225.sys [129752] O58 - SDL:2014/12/04 18:45:44 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\67417C21.sys [129752] O58 - SDL:2015/01/30 00:34:11 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\68F1702C.sys [129752] O58 - SDL:2015/02/05 19:28:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\69E7575E.sys [129752] O58 - SDL:2015/03/06 22:22:32 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\72FB364C.sys [129752] O58 - SDL:2014/10/30 22:28:52 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\74DE7841.sys [129752] O58 - SDL:2015/02/26 19:36:42 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\7968464F.sys [129752] O58 - SDL:2014/11/04 01:33:41 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\797D3E4B.sys [129752] O58 - SDL:2015/04/02 23:28:38 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\7C83267A.sys [136408] O58 - SDL:2014/08/28 22:04:11 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\7DA369C2.sys [122584] O58 - SDL:2015/05/22 20:28:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\7DEE5F56.sys [136408] O58 - SDL:2015/03/13 01:28:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\7F28198B.sys [129752] O58 - SDL:2015/07/10 14:59:38 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] O58 - SDL:2015/07/10 14:59:38 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] O58 - SDL:2015/07/10 14:59:38 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] O58 - SDL:2015/07/10 14:59:38 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] O58 - SDL:2015/07/10 14:59:38 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] O58 - SDL:2013/10/28 18:02:16 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\WINDOWS\System32\drivers\bcbtums.sys [170712] O58 - SDL:2015/07/10 14:59:38 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [17624] O58 - SDL:2011/02/11 12:50:52 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\WINDOWS\System32\drivers\BCMWL664.SYS [3065408] O58 - SDL:2013/10/28 18:02:18 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\WINDOWS\System32\drivers\btwampfl.sys [166104] O58 - SDL:2015/07/10 14:59:38 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] O58 - SDL:2010/12/11 11:03:46 A . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\WINDOWS\System32\drivers\clwvd.sys [31088] O58 - SDL:2013/05/30 05:50:42 A . (.Connectify - NDIS filter driver.) -- C:\WINDOWS\System32\drivers\cnnctfy2.sys [31344] O58 - SDL:2014/10/23 23:11:28 A . (.Connectify - NDISRD helper driver.) -- C:\WINDOWS\System32\drivers\cnnctfy3.sys [42152] O58 - SDL:2011/06/02 14:39:44 A . (.Infowatch - Cryptographic Algorithm Lib Driver..) -- C:\WINDOWS\System32\drivers\CSCrySec.sys [84536] O58 - SDL:2011/06/02 14:39:44 A . (.Infowatch - Virtual Volume Container Driver (wnet).) -- C:\WINDOWS\System32\drivers\CSVirtualDiskDrv.sys [66616] O58 - SDL:2014/10/09 08:19:06 A . (.Disc Soft Ltd - DAEMON Tools Virtual SCSI Bus Driver.) -- C:\WINDOWS\System32\drivers\dtscsibus.sys [29696] O58 - SDL:2014/09/22 21:32:02 A . (.eagleGet - eagleGet Network Filter.) -- C:\WINDOWS\System32\drivers\eagleGet.sys [79696] O58 - SDL:2015/01/30 16:13:30 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [246000] O58 - SDL:2015/01/30 16:13:30 A . (.ESET - Devmon monitor.) -- C:\WINDOWS\System32\drivers\edevmon.sys [241880] O58 - SDL:2015/01/30 16:13:30 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [169792] O58 - SDL:2015/01/30 16:13:30 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [222280] O58 - SDL:2015/01/30 16:13:30 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\WINDOWS\System32\drivers\EpfwLWF.sys [44632] O58 - SDL:2015/01/30 16:13:30 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfwwfp.sys [64208] O58 - SDL:2015/07/10 14:59:38 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] O58 - SDL:2012/08/21 14:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [33240] O58 - SDL:2009/09/18 01:54:54 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [56344] O58 - SDL:2015/07/10 14:59:38 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] O58 - SDL:2015/07/10 14:59:36 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] O58 - SDL:2015/07/10 14:59:36 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [122608] O58 - SDL:2010/09/14 06:24:26 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStor.sys [437272] O58 - SDL:2015/07/10 14:59:38 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] O58 - SDL:2015/07/10 14:59:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] O58 - SDL:2015/07/10 14:59:39 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] O58 - SDL:2015/06/12 06:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [197616] O58 - SDL:2012/11/27 00:26:12 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\igdkmd64.sys [12311776] O58 - SDL:2010/12/08 22:55:14 A . (.Intel Corporation - Intel(R) Turbo Boost Technology Driver.) -- C:\WINDOWS\System32\drivers\Impcd.sys [158976] O58 - SDL:2011/08/23 05:12:56 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\WINDOWS\System32\drivers\IntcDAud.sys [317440] O58 - SDL:2015/07/10 14:59:38 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108896] O58 - SDL:2015/07/10 14:59:38 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] O58 - SDL:2015/07/10 14:59:38 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] O58 - SDL:2015/07/10 14:59:38 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] O58 - SDL:2015/06/18 08:41:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [25816] O58 - SDL:2015/06/18 08:41:44 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [109272] O58 - SDL:2015/08/17 19:35:40 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [113880] O58 - SDL:2015/07/10 14:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] O58 - SDL:2015/07/10 14:59:39 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] O58 - SDL:2015/07/10 14:59:39 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] O58 - SDL:2015/07/10 14:59:39 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] O58 - SDL:2015/06/18 08:41:56 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [63704] O58 - SDL:2015/07/10 14:59:39 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] O58 - SDL:2015/06/20 05:49:01 A . (.SoftEther Corporation - SoftEther VPN.) -- C:\WINDOWS\System32\drivers\Neo_0053.sys [40704] O58 - SDL:2015/07/10 14:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] O58 - SDL:2015/07/10 14:59:39 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] O58 - SDL:2015/07/10 14:59:39 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] O58 - SDL:2015/07/10 14:59:39 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] O58 - SDL:2007/03/07 14:13:20 A . (.June Fabrics Technology - PdaNet Driver.) -- C:\WINDOWS\System32\drivers\pnetmdm64.sys [17920] O58 - SDL:2009/12/30 10:21:26 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\WINDOWS\System32\drivers\revoflt.sys [31800] O58 - SDL:2009/01/09 15:02:08 A . (.Research in Motion Ltd - RIM Virtual Serial Driver.) -- C:\WINDOWS\System32\drivers\RimSerial_AMD64.sys [31744] O58 - SDL:2015/07/10 14:59:39 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.40 64-bit Dri.) -- C:\WINDOWS\System32\drivers\rt640x64.sys [587264] O58 - SDL:2015/08/15 22:12:29 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\WINDOWS\System32\drivers\RtsPStor.sys [374016] O58 - SDL:2015/07/10 14:59:39 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] O58 - SDL:2015/07/10 14:59:39 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] O58 - SDL:2015/07/17 07:51:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [42184] O58 - SDL:2015/07/17 07:51:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [42696] O58 - SDL:2015/07/17 07:51:46 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [42696] O58 - SDL:2015/07/10 14:59:39 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] O58 - SDL:2010/12/14 02:04:48 A . (.IDT, Inc. - IDT PC Audio.) -- C:\WINDOWS\System32\drivers\stwrt64.sys [520192] O58 - SDL:2015/07/17 07:51:46 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [614088] O58 - SDL:2013/08/22 16:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [40664] O58 - SDL:2015/07/10 14:59:48 A . (...) -- C:\WINDOWS\System32\drivers\Udecx.sys [44032] O58 - SDL:2014/06/03 10:51:02 A . (.RealVNC Ltd. - VNC Mirror Miniport.) -- C:\WINDOWS\System32\drivers\vncmirror.sys [4608] O58 - SDL:2015/07/10 14:59:39 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] O58 - SDL:2015/07/10 14:59:39 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] O58 - SDL:2015/07/10 14:59:39 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] O58 - SDL:2015/07/10 14:59:39 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] ---\\ Last modified or created user files (O61) (21) - 27s O61 - LFC: 2015/08/14 04:28:30 A . (..) -- C:\Users\Cheb Khalid\Downloads\Programs\adblockplusie-1.4.exe [6162288] O61 - LFC: 2015/08/16 23:17:53 A . (..) -- C:\Users\Cheb Khalid\Downloads\Programs\hwmonitor_1.28.exe [1199856] O61 - LFC: 2015/08/16 03:55:48 A . (..) -- C:\Users\Cheb Khalid\Desktop\setcqjxy.exe [169652280] O61 - LFC: 2015/08/16 23:33:38 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\Desktop\Important Downloads\IDM\IDMan\idman623build19.exe [6659432] O61 - LFC: 2015/08/16 23:34:41 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2.dll [332824] O61 - LFC: 2015/08/16 23:34:41 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2_64.dll [460824] O61 - LFC: 2015/08/16 23:34:42 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc.dll [34216] O61 - LFC: 2015/08/16 23:34:42 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc64.dll [28512] O61 - LFC: 2015/08/16 23:34:41 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc.dll [26648] O61 - LFC: 2015/08/16 23:34:41 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc64.dll [31768] O61 - LFC: 2015/08/16 23:34:41 A . (.Tonec Inc..) -- C:\Users\Cheb Khalid\AppData\Roaming\IDM\idmmzcc5\components\idmmzcc.dll [34216] O61 - LFC: 2015/08/15 23:54:50 A . (..) -- C:\Users\Cheb Khalid\AppData\Roaming\Adobe\Acrobat\9.0\UserCache.bin [64406] O61 - LFC: 2015/08/15 08:25:00 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Data.bin [2167056] O61 - LFC: 2015/08/15 08:25:00 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [9640] O61 - LFC: 2015/08/17 07:52:38 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192] O61 - LFC: 2015/08/16 21:13:38 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_635753391153600578.bin [90953] O61 - LFC: 2015/08/15 08:25:25 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [397521] O61 - LFC: 2015/08/13 22:49:18 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0] O61 - LFC: 2015/08/16 02:28:53 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Microsoft\Internet Explorer\UrlBlock\urlblock_635752700307540414.bin [91177] O61 - LFC: 2015/08/15 08:53:07 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Microsoft\GameDVR\KnownGameList.bin [38396] O61 - LFC: 2015/08/17 20:07:16 A . (..) -- C:\Users\Cheb Khalid\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849] ---\\ File Associations Shell Spawning (O67) (10) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (SMI) (O68) (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ---\\ Search Browser Infection (SBI) (O69) (2) - 7s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {89DCE8D5-264B-480A-A937-8AF1D02AA76B} [DefaultScope] - (Google) - http://www.google.com/ ---\\ Search Svchost Services (SSS) (O83) (42) - 4s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1335296] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [954368] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [954880] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [93696] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [106496] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [1008640] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [226304] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [133120] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [324608] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [371200] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [95744] O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2093056] O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [196096] O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [167424] O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [186368] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [679936] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [497152] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [72192] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [452608] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2235904] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1168896] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [593920] O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [63488] O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1149440] O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1019392] O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [343040] O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [717312] O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [267776] O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [918016] O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [988672] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [359936] O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [237568] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [58368] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [200192] ---\\ Firewall Active Exception List (FirewallRules) (O87) (6) - 2s O87 - FAEL: "{D19A8840-82C9-4094-8A8F-6646EA634392}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Cheb Khalid\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{128A42C1-C8E0-4539-AC57-84F47DF8F2EB}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Cheb Khalid\AppData\Roaming\uTorrent\uTorrent.exe O87 - FAEL: "{D8F42CF3-FBF4-4509-A5AA-1D4FE8F65454}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RTLDHCP.exe O87 - FAEL: "{B8C36DFB-9D18-4D15-8634-6FA0C5256CB8}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RTLDHCP.exe O87 - FAEL: "{B9E3864C-5CD9-4DA8-BB61-F3351BB4B4AE}" [Out-None-P6-TRUE] .(.Zecter Inc. - HP CloudDrive.) -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe O87 - FAEL: "{DF46C489-9FD7-4AA1-A738-729713EB447C}" [In-None-P6-TRUE] .(.Zecter Inc. - HP CloudDrive.) -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (25) - 34s SS - Demand [2015/08/11 23:56:45] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - Auto [2014/02/12 16:50:20] [ 43336] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - Auto [2013/10/28 18:02:18] [ 2255064] @oem39.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Managem (BcmBtRSupport) . (.Broadcom Corporation..) - C:\WINDOWS\system32\BtwRSupportService.exe SR - Auto [2011/08/31 00:05:32] [ 462184] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - Auto [2015/01/28 14:08:58] [ 1349576] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe SS - Auto [2015/08/16 02:30:52] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - Demand [2015/08/16 02:30:52] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - Auto [2010/12/01 21:17:42] [ 126520] HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe SR - Auto [2010/07/22 02:33:00] [ 103992] HP Wireless Assistant Service (HP Wireless Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe SR - Auto [2010/11/04 04:12:54] [ 92216] HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe SR - Demand [2010/11/04 04:07:10] [ 769592] HP Software Framework Service (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - Auto [2010/11/10 03:20:34] [ 26680] HPWMISVC (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe SR - Auto [2010/09/14 06:32:32] [ 13336] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SS - Demand [2014/05/26 19:12:34] [ 641352] خدمة iPod (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - Auto [2010/11/23 02:27:00] [ 73728] LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SR - Auto [2010/07/23 23:44:48] [ 268824] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - Auto [2015/06/18 08:39:46] [ 1871160] MBAMScheduler (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe SR - Auto [2015/06/18 08:39:50] [ 1133880] MBAMService (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe SS - Demand [2015/08/15 04:20:53] [ 148136] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - Demand [2014/12/01 13:18:04] [ 33080] OpenVPN Service (OpenVPNService) . (.The OpenVPN Project.) - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe SR - Auto [2009/12/07 13:49:24] [ 40960] Realtek87B (Realtek87B) . (.Realtek.) - C:\Program Files (x86)\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SR - Auto [2010/12/14 02:04:46] [ 275968] @C:\WINDOWS\system32\stlang64.dll,-10101 (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\stacsv64.exe SR - Auto [2015/07/17 07:51:48] [ 246472] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe SR - Auto [2010/07/23 23:44:54] [ 2320920] Intel(R) Management & Security Application User Notificatio (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe ---\\ Additional Scan (O88) (1) - 0s C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo ---\\ Summary of the elements found on your workstation (1) - 0s http://www.nicolascoolman.fr/blog =>PUP.Optional.BDYahoo ~ End of the scan, 33931 items in 206 seconds (1066)(0)()