~ ZHPDiag v2016.1.22.19 By Nicolas Coolman (2016/01/22) ~ Run by حاج (Administrator) (2016/01/24 23:03:24) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\حاج\Desktop\ZHPDiag.txt ~ Report: C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows 7 Ultimate, 32-bit (Build 7600) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v48.0.2564.82 OPIE: Opera 34.0.2036.50 MSIE: Internet Explorer v8.0.7600.16385 ---\\ Windows Product Information (5) - 0s Windows Server License Manager Script : Absent (Not found) Windows ID Activation : Inconnue (Unknown) Windows Licence : Inconnue (Unknown) Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software (3) - 2s ESET Smart Security v9.0.318.24 Malwarebytes Anti-Malware version 2.2.0.1024 Windows Defender W7 (Activate) ---\\ Surveillance software (2) - 3s Adobe Flash Player 20 PPAPI Adobe Reader XI ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 3110.404 MB (51% free) System Restore: Activé (Enable) System drive C: has 49 GB () free of 76 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: ZIZO-PC ~ User Name: حاج ~ Logged in as Administrator ---\\ Enumeration of the disk units (3) - 0s ~ Drive C: has 49 GB free of 76 GB (System) ~ Drive D: has 190 GB free of 199 GB ~ Drive E: has 179 GB free of 199 GB ---\\ State of the Windows Security Center (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (25) - 0s [MD5.15BC38A7492BEFE831966ADB477CF76F] - 14/07/2009 - (.Microsoft Corporation - مستكشف Windows.) -- C:\Windows\Explorer.exe [2613248] =>.Microsoft Corporation [MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - عملية مضيف Windows (Rundll32)‎.) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation [MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) -- C:\Windows\System32\Wininit.exe [96256] =>.Microsoft Corporation [MD5.0D874F3BC751CC2198AF2E6783FB8B35] - 14/07/2009 - (.Microsoft Corporation - ملحقات إنترنت لـ Win32.) -- C:\Windows\System32\wininet.dll [977920] =>.Microsoft Corporation [MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - 14/07/2009 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\Windows\System32\Winlogon.exe [285696] =>.Microsoft Corporation [MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - 14/07/2009 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\Windows\System32\sppcomapi.dll [193024] =>.Microsoft Corporation [MD5.6D5A49D6479EB753C7879F73A4C35E0F] - 14/07/2009 - (.Microsoft Corporation - مكتبة الارتباط الديناميكي لواجهة برمجة تطبي.) -- C:\Windows\System32\dnsapi.dll [269824] =>.Microsoft Corporation [MD5.D8714A5FB3141F8226D16861F20C5AC4] - 14/12/2009 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19968] =>.Microsoft Corporation [MD5.DDC040FDB01EF1712A6B13E52AFB104C] - 14/07/2009 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation [MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows® [MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation [MD5.BA6E70AA0E6091BC39DE29477D866A77] - 14/07/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation [MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - 14/07/2009 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] =>.Microsoft Corporation [MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - 14/07/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation [MD5.F4A054BE78AF7F410129C4B64B07DC9B] - 14/07/2009 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123392] =>.Microsoft Corporation [MD5.DD52A733BF4CA5AF84562A5E2F963B91] - 14/07/2009 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] =>.Microsoft Corporation [MD5.3795DCD21F740EE799FB7223234215AF] - 14/07/2009 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1210432] =>.Microsoft Windows® [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation [MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - 14/07/2009 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133120] =>.Microsoft Corporation [MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation [MD5.CB39E896A2A83702D1737BFD402B3542] - 14/07/2009 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74240] =>.Microsoft Corporation [MD5.58DF9D2481A56EDDE167E51B334D44FD] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوح.) -- C:\Windows\System32\drivers\volsnap.sys [245328] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (8) - 1s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: (ADSafeSvc) . (...) - C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.) O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe =>.Even Balance, Inc.® O23 - Service: TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation - TechSmith Uploader Service.) - C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe =>.TechSmith Corporation ---\\ Services not Microsoft (SR=Run, SS=Stop) (21) - 12s SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Demand [20/01/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SS - Demand [06/04/2010] [ 31272] AppleChargerSrv (AppleChargerSrv) . (...) - C:\Windows\System32\AppleChargerSrv.exe =>.Giga-Byte Technology® SS - Disabl [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe {62039EBD474840AA18E634E17D28533C} =>.WIBU-SYSTEMS AG SS - Demand [05/11/2013] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\System32\IntelCpHeciSvc.exe =>.Intel Corporation - Software and Firmware Products® SR - Auto [09/10/2015] [ 1971968] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® SS - Auto [21/09/2015] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [21/09/2015] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [24/04/2012] [ 169752] Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe =>.Intel Corporation® SS - Demand [04/04/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe =>.Macrovision Corporation SS - Disabl [27/08/2013] [ 595968] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation SS - Disabl [27/08/2013] [ 642520] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service® SS - Disabl [16/09/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware® SS - Disabl [16/09/2013] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® SS - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® SR - Auto [15/01/2016] [ 66872] PnkBstrA (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe =>.Even Balance, Inc.® SR - Auto [26/01/2015] [ 3408384] TechSmith Uploader Service (TechSmith Uploader Service) . (.TechSmith Corporation.) - C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe =>.TechSmith Corporation SS - Demand [27/12/2015] [ 1343400] @C:\Windows\system32\Wat\WatUX.exe,-601 (WatAdminSvc) . (...) - C:\Windows\System32\Wat\WatAdminSvc.exe SS - Demand [02/10/2015] [ 13264] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo32.dll =>.Lespeed Technology Ltd.® ---\\ Task Planned Automatically (34) - 5s [MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] =>.Adobe Systems, Incorporated® [MD5.EE8801B157A7E079E3C587718932197E] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [1163968] =>.Adobe Systems Incorporated® [MD5.93FA6CC96875A330E4B208C0A701BBD8] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated® [MD5.13ECAC1C51CC00147BD06B5ABF142956] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- D:\CCleaner.exe [4529944] =>.Piriform Ltd® [MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc® [MD5.053EEEE1ABAE53F044F1E386E22AE525] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] =>.Google Inc® [MD5.0CEEBA2861EAE04BCA8672014DC7F429] [APT] [Opera scheduled Autoupdate 1453478398] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [696952] =>.Opera Software ASA® [MD5.00000000000000000000000000000000] [APT] [SyneiStart] (...) -- D:\SystemUtilities\SystemUtilities.exe (.not file.) [0] [MD5.56C0D9B869C4DB7B2270C68F99E0D007] [APT] [TechSmith Updater] (.TechSmith Corporation.) -- C:\Program Files\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [56640] =>.TechSmith Corporation® [MD5.00000000000000000000000000000000] [APT] [Wise Care 365] (...) -- C:\Program Files\Wise\Wise Care 365\WiseTray.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Wise Turbo Checker] (...) -- C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{567F472B-3B6C-4A35-8AA5-37EAD16E1852}] (...) -- D:\Malwarebytes Anti-Malware\mbam.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{838989A2-628A-4E18-9AD7-2918E6EB933E}] (...) -- D:\Pro Evolution Soccer 2016\PES2016.exe (.not file.) [0] [MD5.3CE1456CE9D67C59CCF6E7D9D3C0A2A3] [APT] [{9513CA4A-B30B-47A4-864E-71B9D159677F}] (.Copyright (C) 2006.) -- C:\Program Files\GIGABYTE\@BIOS\BIOS_Run.exe [207680] {31CB9D6D1714A92F6A11D815A80ABDA6} [MD5.00000000000000000000000000000000] [APT] [{ABE3EB9A-126E-491E-95A0-37BACD49B747}] (...) -- C:\Users\¥ں¤\Downloads\Programs\snagit.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{D2184A61-62D4-459A-AA80-9AD01A444C78}] (...) -- D:\Recover My Files v5\RecoverMyFiles.exe (.not file.) [0] [MD5.0CCB618B6788A5083F85DF4179281E8A] [APT] [AVAST Software\Avast settings backup] (.AVAST Software.) -- C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [665616] =>.AVAST Software a.s.® O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [826] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [830] =>.Google Inc. O39 - APT: Wise Care 365 - (...) -- C:\Windows\Tasks\Wise Care 365.job [394] (.Orphean.) O39 - APT: Wise Turbo Checker - (...) -- C:\Windows\Tasks\Wise Turbo Checker.job [374] (.Orphean.) O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3874] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3880] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2722] =>.Piriform Ltd O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3574] =>.Google Inc. O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3826] =>.Google Inc. O39 - APT: Opera scheduled Autoupdate 1453478398 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453478398 [3818] =>.Opera Software O39 - APT: SyneiStart - (...) -- C:\Windows\System32\Tasks\SyneiStart [3508] (.Orphean.) O39 - APT: TechSmith Updater - (.TechSmith Corporation.) -- C:\Windows\System32\Tasks\TechSmith Updater [3774] =>.TechSmith Corporation O39 - APT: Wise Care 365 - (...) -- C:\Windows\System32\Tasks\Wise Care 365 [2816] (.Orphean.) O39 - APT: Wise Turbo Checker - (...) -- C:\Windows\System32\Tasks\Wise Turbo Checker [3038] (.Orphean.) ---\\ Process running (17) - 0s [MD5.05D36FCAB501C67DEA797FAFB5C42AC5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1971968] [PID.796] =>.ESET, spol. s r.o.® [MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1672] =>.Adobe Systems, Incorporated® [MD5.86701B8E4C53280AA8642AC85F8500F4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.1776] =>.Malwarebytes Corporation® [MD5.968EDA6EA6E00DFAE78586BFA6322B74] - (.VIA Technologies, Inc. - usbmonitor.) -- C:\VIA_XHCI\usb3Monitor.exe [331776] [PID.1268] =>.VIA Technologies, Inc. [MD5.7DC16FAEA44C8D96A1C113305A4059A2] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.29.1\GoogleCrashHandler.exe [245576] [PID.1500] =>.Google Inc® [MD5.831883B107684301F48ACE752C963984] - (...) -- C:\Windows\System32\PnkBstrA.exe [66872] [PID.2096] =>.Even Balance, Inc.® [MD5.439BD966130226F464DC15F55ABD266E] - (.TechSmith Corporation - TechSmith Uploader Service.) -- C:\Program Files\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3408384] [PID.2148] =>.TechSmith Corporation [MD5.E0ED4A85D35E3874A85A25C222326B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5532872] [PID.2868] =>.ESET, spol. s r.o.® [MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3684] =>.Opera Software ASA® [MD5.164B5AE6885EEA05BAA8B0219209873A] - (.Opera Software - Opera crash-reporter.) -- C:\Program Files\Opera\34.0.2036.50\opera_crashreporter.exe [504952] [PID.3696] =>.Opera Software ASA® [MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3808] =>.Opera Software ASA® [MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3844] =>.Opera Software ASA® [MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3852] =>.Opera Software ASA® [MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3860] =>.Opera Software ASA® [MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.3892] =>.Opera Software ASA® [MD5.41F48ABEFB8407A2A7F9A4F80EA10923] - (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\34.0.2036.50\opera.exe [630392] [PID.1100] =>.Opera Software ASA® [MD5.D44A4269EA2773520990A5076ABE7431] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\حاج\Desktop\ZHPDiag3.exe [2088960] [PID.716] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (24) - 1s G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients4.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh5.googleusercontent.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://s2.googleusercontent.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.googleapis.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.oursurfing.com/ =>PUP.Optional.OurSurfing G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.mysites123.com/ =>PUP.Optional.Mysites123 G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.yoursearching.com/ =>PUP.Optional.YourSearching G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__ =>.AdblocPlus Plugin G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [enmofgaijnbjpblfljopnpdogpldapoc] Disable Youtube™ HTML5 Player G2 - GCE: Preference [User Data\Default] [hkihmgfcedmdoaogcjdljeeacngbhinc] JavaScript Editey G2 - GCE: Preference [User Data\Default] [lnkdbjbjpnpjeciipoaflmpcddinpjjp] SmartVideo For YouTube™ G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [oadiaahhieelhhffeofkdchgfpjehjok] __MSG_ext_name__ G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Opera, Plugins,Start,Search (3) - 0s B2 - EXT: [hotboom] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\aejcgigcjcdcbdkdbeiclbpekcjddapp B2 - EXT: [IDM Integration Module] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek B2 - EXT: [Opera Stable] C:\Users\حاج\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp ---\\ Internet Explorer Extensions, Start, Search (12) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (3) - 1s O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.® O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.® ---\\ Internet Explorer Toolbars (2) - 0s O3 - Toolbar: 0x07000000EE0300007E69791EC59CD111A83F00C04FC99D612001000004000000EF0300007E69791EC59CD111A83F00C04FC99D612101000004000000F00300007E69791EC59CD111A83F00C04FC99D613001000004000000 - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} . (...) -- (.not file.) O3 - Toolbar: 0x07000000F40300007E69791EC59CD111A83F00C04FC99D612001000000000000F50300007E69791EC59CD111A83F00C04FC99D612101000000000000F70300007E69791EC59CD111A83F00C04FC99D612501000004000000 - [HKCU]{1E796980-9CC5-11D1-A83F-00C04FC99D61} . (...) -- (.not file.) ---\\ Auto loading programs from Registry and folders (7) - 0s O4 - HKLM\..\Run: [VIAxHCUtl] . (.VIA Technologies, Inc. - usbmonitor.) -- C:\VIA_XHCI\usb3Monitor.exe =>.VIA Technologies, Inc. O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - ‎‎الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - ‎‎الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - ‎‎الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - ‎‎MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - ‎‎MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1322463913-1858526958-1247835930-1000\..\Run: [Sidebar] . (.Microsoft Corporation - ‎‎الأدوات الذكية على سطح المكتب لـ Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation ---\\ Global shortcuts Startup (81) - 4s O4 - GS\Desktop [Administrator]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG O4 - GS\Desktop [Administrator]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd® O4 - GS\Desktop [Administrator]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat O4 - GS\Desktop [Administrator]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [Administrator]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - GS\Desktop [Administrator]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrator]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrator]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe O4 - GS\Quicklaunch [Administrator]: ‏مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [Administrator]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe O4 - GS\TaskBar [Administrator]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrator]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\Desktop [ckztzidwxcii]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG O4 - GS\Desktop [ckztzidwxcii]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd® O4 - GS\Desktop [ckztzidwxcii]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat O4 - GS\Desktop [ckztzidwxcii]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [ckztzidwxcii]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [ckztzidwxcii]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe O4 - GS\Desktop [ckztzidwxcii]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - GS\Desktop [ckztzidwxcii]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe O4 - GS\Desktop [ckztzidwxcii]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [ckztzidwxcii]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe O4 - GS\Quicklaunch [ckztzidwxcii]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [ckztzidwxcii]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe O4 - GS\Quicklaunch [ckztzidwxcii]: ‏مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [ckztzidwxcii]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [ckztzidwxcii]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe O4 - GS\TaskBar [ckztzidwxcii]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe O4 - GS\TaskBar [ckztzidwxcii]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [ckztzidwxcii]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\Desktop [Guest]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG O4 - GS\Desktop [Guest]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd® O4 - GS\Desktop [Guest]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat O4 - GS\Desktop [Guest]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [Guest]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - GS\Desktop [Guest]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Guest]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Guest]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe O4 - GS\Quicklaunch [Guest]: ‏مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [Guest]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe O4 - GS\TaskBar [Guest]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Guest]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\Desktop [حاج]: BMW - رمز اختصار.lnk . (.10tacle Studios AG - BMW M3 Challenge.) D:\BMW M3 Challenge\BMW.exe =>.10tacle Studios AG O4 - GS\Desktop [حاج]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) D:\CCleaner.exe =>.Piriform Ltd® O4 - GS\Desktop [حاج]: Counter-strike 1.6 original.lnk . (...) C:\Program Files\Counter-strike 1.6 original\Counter-Strike WaRzOnE.bat O4 - GS\Desktop [حاج]: egui - رمز اختصار.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [حاج]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\Desktop [حاج]: game - رمز اختصار.lnk . (...) D:\Billiards Club\game.exe O4 - GS\Desktop [حاج]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - GS\Desktop [حاج]: motogp2_demo - رمز اختصار.lnk . (...) E:\العاب\MotoGP2 by lmodni\motogp2_demo.exe O4 - GS\Desktop [حاج]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\حاج\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [حاج]: Firefox Booster.lnk . (...) C:\Program Files\Firefox Booster\FirefoxBooster.exe O4 - GS\Quicklaunch [حاج]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [حاج]: أہح¼ن¯ہہ.lnk . (...) C:\Program Files\MTV20151125\MTView.exe O4 - GS\Quicklaunch [حاج]: ‏مشغل تطبيقات Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\sendTo [حاج]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FormatFactory\FormatFactory.exe =>.chen jun hao® O4 - GS\sendTo [حاج]: Top4toP خدمة رفع الملفات.lnk . (...) C:\Program Files\Top4top Uploading Service\UploadService.exe O4 - GS\TaskBar [حاج]: Camtasia Recorder 8.lnk . (...) C:\Windows\Installer\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}\CamtasiaIcons.exe O4 - GS\TaskBar [حاج]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [حاج]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\CommonDesktop [Public]: Camtasia Studio 8.lnk . (.TechSmith Corporation - Camtasia Studio.) C:\Program Files\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe =>.TechSmith Corporation® O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: Google Earth.lnk . (.Google - Google Earth.) C:\Program Files\Google\Google Earth\client\googleearth.exe =>.Google O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation® O4 - GS\CommonDesktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\CommonDesktop [Public]: Pro Evolution Soccer 2016.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2016.) E:\Pro Evolution Soccer 2016\PES2016.exe =>.Konami Digital Entertainment Co., Ltd. O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player.) D:\VLC\vlc.exe =>.VideoLAN® O4 - GS\Programs [Public]: Start Tor Browser.lnk . (...) C:\Users\حاج\Desktop\Tor Browser\Browser\firefox.exe O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (4) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1 192.168.8.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12249DC2-1D4F-4D85-B0F1-466F9491568B}: NameServer = 8.8.8.8,8.8.4.4 =>.Google Public DNS O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12249DC2-1D4F-4D85-B0F1-466F9491568B}: DhcpNameServer = 192.168.0.1 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{45C81CE6-475B-4267-813A-A677182F772F}: DhcpNameServer = 192.168.8.1 192.168.8.1 ---\\ Extra protocols (25) - 0s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (41) - 8s O42 - Logiciel: @BIOS - (.GIGABYTE.) [HKLM] -- {B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83} =>.Gigabyte O42 - Logiciel: Adobe Flash Player 20 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 20 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Reader XI (11.0.14) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated O42 - Logiciel: AutoGreen B12.0206.1 - (.GIGABYTE.) [HKLM] -- {C75FAD21-EC08-42F3-92D6-C9C0AB355345} =>.Gigabyte O42 - Logiciel: AutoGreen B12.0206.1 - (.GIGABYTE.) [HKLM] -- InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345} =>.Gigabyte O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM] -- {A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0} =>.TechSmith Corporation O42 - Logiciel: Counter-strike 1.6 original - (...) [HKCU] -- Counter-strike 1.6 original O42 - Logiciel: Easy Tune 6 B13.0924.2 - (.GIGABYTE.) [HKLM] -- {457D7505-D665-4F95-91C3-ECB8C56E9ACA} =>.Gigabyte O42 - Logiciel: Easy Tune 6 B13.0924.2 - (.GIGABYTE.) [HKLM] -- InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA} =>.Gigabyte O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {993949EA-4382-4C42-A8B0-16FB3D4F8CF8} =>.ESET, spol. s r.o. O42 - Logiciel: FormatFactory 3.8.0.0 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Drive - (.Google, Inc..) [HKLM] -- {1C3D2F92-D25E-4D98-B810-3F3B0857BF26} =>.Google, Inc. O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {6F545E5E-4595-11E2-93B6-B8AC6F97B88E} =>.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc. O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM] -- {20D55630-5D12-4297-841C-D3165374ECEE} =>.Intel Corporation O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: ON_OFF Charge 2 B13.1028.1 - (.GIGABYTE.) [HKLM] -- {6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A} =>.Gigabyte O42 - Logiciel: ON_OFF Charge 2 B13.1028.1 - (.GIGABYTE.) [HKLM] -- InstallShield_{6B4ED6F7-BB88-4945-B0C6-01410E1BAC3A} {5C689B877816AEFFB17C54B08E755785} =>.Gigabyte O42 - Logiciel: Opera Stable 34.0.2036.50 - (.Opera Software.) [HKLM] -- Opera 34.0.2036.50 =>.Opera Software ASA® O42 - Logiciel: Platform - (.VIA Technologies, Inc..) [HKLM] -- {20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc. O42 - Logiciel: Pro Evolution Soccer 2016 version 1.1.0 - (.dzrepack games.) [HKLM] -- Pro Evolution Soccer 2016_is1 O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek Ethernet Diagnostic Utility - (.Realtek.) [HKLM] -- {DADC7AB0-E554-4705-9F6A-83EA82ED708E} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp. O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM] -- Registry Trash Keys Finder =>.SNC O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM] -- {4FC332FE-CBE3-4AE0-B531-35048FD81912} =>.TechSmith Corporation O42 - Logiciel: Snagit 12 - (.TechSmith Corporation.) [HKLM] -- {ec29af82-9c9e-420e-ab18-53821c36ac3c} =>.TechSmith Corporation® O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc. O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH® ---\\ HKCU & HKLM Software Keys (141) - 8s HKLM\SOFTWARE\8169Diag HKLM\SOFTWARE\AAA Internet Publishing HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\AdwCleaner HKLM\SOFTWARE\AS_Mubashir HKLM\SOFTWARE\Atheros HKLM\SOFTWARE\ATI Technologies HKLM\SOFTWARE\AutoClearCookies HKLM\SOFTWARE\AVG HKLM\SOFTWARE\AviSynth HKLM\SOFTWARE\Blimey! Games HKLM\SOFTWARE\Chromium HKLM\SOFTWARE\Creative Tech HKLM\SOFTWARE\Digeus HKLM\SOFTWARE\DownloadCenter HKLM\SOFTWARE\Dropbox HKLM\SOFTWARE\DropboxUpdate HKLM\SOFTWARE\DRWIsUpgrade HKLM\SOFTWARE\EASEUS HKLM\SOFTWARE\Eidos HKLM\SOFTWARE\EnigmaSoftwareGroup HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Fraps HKLM\SOFTWARE\Gigabyte HKLM\SOFTWARE\GNU HKLM\SOFTWARE\Google HKLM\SOFTWARE\HaaliMkx HKLM\SOFTWARE\HitmanPro HKLM\SOFTWARE\Huawei technologies HKLM\SOFTWARE\InstallShield HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\IObit HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\Khronos HKLM\SOFTWARE\KONAMIPES6 HKLM\SOFTWARE\Licenses HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\mtcaMyciloP HKLM\SOFTWARE\Nuance HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Opera Software HKLM\SOFTWARE\PES 2016 Selector Tool HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\Realtek HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\RTLSetup HKLM\SOFTWARE\Rtp HKLM\SOFTWARE\SNC HKLM\SOFTWARE\Sonic HKLM\SOFTWARE\SRS Labs HKLM\SOFTWARE\Stellar Information Systems Ltd. HKLM\SOFTWARE\TechSmith HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Top4top HKLM\SOFTWARE\Tukero[X]Team HKLM\SOFTWARE\TuneUp HKLM\SOFTWARE\Unchecky HKLM\SOFTWARE\Valve HKLM\SOFTWARE\VIA Technologies, Inc HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\Volatile HKLM\SOFTWARE\WIBU-SYSTEMS HKLM\SOFTWARE\Windows X HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\WiseCleaner HKLM\SOFTWARE\Wow6432Node HKLM\SOFTWARE\Even Balance HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\ADSafe4 HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Atheros HKCU\SOFTWARE\AVG HKCU\SOFTWARE\BugSplat HKCU\SOFTWARE\CatalinaGroup HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Crystal Reality HKCU\SOFTWARE\DownloadCenter HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\Dropbox HKCU\SOFTWARE\DropboxUpdate HKCU\SOFTWARE\Enigma Protector HKCU\SOFTWARE\ESET HKCU\SOFTWARE\file repair HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GetData HKCU\SOFTWARE\Gibson Research HKCU\SOFTWARE\Gigabyte HKCU\SOFTWARE\GNU HKCU\SOFTWARE\GoldWave HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\HWiNFO32 HKCU\SOFTWARE\IGA HKCU\SOFTWARE\InstallShield HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\JEDI-VCL HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MiniTool Solution Ltd. HKCU\SOFTWARE\mixlr HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Psiphon3 HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Resplendence Sp HKCU\SOFTWARE\Rtp HKCU\SOFTWARE\SmartDeblur HKCU\SOFTWARE\Synei HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\Teorex HKCU\SOFTWARE\TomsGuide HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Tukero[X]Team HKCU\SOFTWARE\Unchecky HKCU\SOFTWARE\Unity HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\WASEL Pro VPN Service HKCU\SOFTWARE\Windows X HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Xirrus HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Unity ---\\ Contents of the Common Files folders (229) - 16s O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 16/12/2015 - [] D -- C:\Program Files\ADSafe O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Adware Removal Tool by TSA O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\AMD O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\ApeeeGoSoft O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\AVG O43 - CFD: 18/09/2015 - [] D -- C:\Program Files\CodeMeter {62039EBD474840AA18E634E17D28533C} O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Core Temp O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Counter-strike 1.6 original O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 20/01/2016 - [] D -- C:\Program Files\dzrepack games O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\EaseUS O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Enigma Software Group =>.Superfluous.SpyHunter O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.® O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\FormatFactory =>.chen jun hao® O43 - CFD: 26/09/2015 - [0] D -- C:\Program Files\FreeTime O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\GetData O43 - CFD: 09/10/2015 - [] D -- C:\Program Files\GIGABYTE O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Google =>.Google Inc® O43 - CFD: 31/12/2015 - [0] D -- C:\Program Files\Hostless Modem O43 - CFD: 12/01/2016 - [] HD -- C:\Program Files\InstallShield Installation Information =>.Macrovision Corporation® O43 - CFD: 28/12/2015 - [] D -- C:\Program Files\Intel =>.Intel Corporation - Software and Firmware Products® O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc.® O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 26/11/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Maxthon O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Visual Studio O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft Works O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\MiniToolPhotoRecovery O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild O43 - CFD: 09/12/2015 - [] D -- C:\Program Files\MSECache O43 - CFD: 16/12/2015 - [] D -- C:\Program Files\NicController O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Opera =>.Opera Software ASA® O43 - CFD: 26/12/2015 - [] D -- C:\Program Files\QuickTime O43 - CFD: 10/10/2015 - [] D -- C:\Program Files\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 21/01/2016 - [] D -- C:\Program Files\Synei {399F70E9618315D198E6BA0C59435A60} O43 - CFD: 26/12/2015 - [] D -- C:\Program Files\TechSmith =>.TechSmith Corporation® O43 - CFD: 17/09/2015 - [0] HD -- C:\Program Files\Temp O43 - CFD: 07/01/2016 - [] D -- C:\Program Files\TNod O43 - CFD: 21/09/2015 - [] D -- C:\Program Files\TrashReg O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Unlocker O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\UX Pack O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\VIA O43 - CFD: 20/01/2016 - [0] D -- C:\Program Files\WASEL Pro VPN Service O43 - CFD: 20/01/2016 - [] D -- C:\Program Files\WhySoSlow =>.Daniel Terhell® O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 01/10/2015 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 14/12/2009 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 10/10/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 26/11/2015 - [] D -- C:\Program Files\Wise =>.Lespeed Technology Ltd.® O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clear Cookies O43 - CFD: 23/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dzrepack games O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET O43 - CFD: 02/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Booster O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 16/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GD Hardware Scan O43 - CFD: 02/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 01/10/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek O43 - CFD: 01/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan O43 - CFD: 24/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 21/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synei System Utilities O43 - CFD: 14/07/2009 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TNod User & Password Finder O43 - CFD: 20/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toptv O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 20/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WASEL Pro VPN Service O43 - CFD: 10/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 01/10/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 28/09/2015 - [] D -- C:\ProgramData\Atheros O43 - CFD: 22/09/2015 - [] D -- C:\ProgramData\AutoClearCookies O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\AVG O43 - CFD: 23/12/2015 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Dropbox O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\ESET O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\HitmanPro O43 - CFD: 17/09/2015 - [0] D -- C:\ProgramData\IDM O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\InstallShield O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\Intel O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\KONAMI O43 - CFD: 21/09/2015 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 24/10/2015 - [] D -- C:\ProgramData\McAfee O43 - CFD: 22/01/2016 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\MobiConnect O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Oracle O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 22/01/2016 - [] D -- C:\ProgramData\Real O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\Steam O43 - CFD: 17/09/2015 - [] D -- C:\ProgramData\Sun O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\TechSmith O43 - CFD: 18/11/2015 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 18/11/2015 - [] D -- C:\ProgramData\Unchecky O43 - CFD: 31/12/2015 - [0] D -- C:\ProgramData\ZDSupport O43 - CFD: 17/09/2015 - [0] SHD -- C:\ProgramData\سطح المكتب O43 - CFD: 17/09/2015 - [0] SHD -- C:\ProgramData\قائمة ابدأ O43 - CFD: 01/10/2015 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\Common Files\AV O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\DESIGNER O43 - CFD: 21/09/2015 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 28/12/2015 - [] D -- C:\Program Files\Common Files\Intel O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Common Files\Java O43 - CFD: 03/01/2016 - [0] D -- C:\Program Files\Common Files\Latlight O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\microsoft shared O43 - CFD: 17/09/2015 - [] D -- C:\Program Files\Common Files\postureAgent O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Common Files\TechSmith Shared O43 - CFD: 27/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Adobe O43 - CFD: 16/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\ADSafe3 O43 - CFD: 31/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AS O43 - CFD: 08/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Audacity O43 - CFD: 22/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AutoClearCookies O43 - CFD: 23/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\AVG O43 - CFD: 18/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\com.nasser.huaweimanagerpc.main O43 - CFD: 07/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\CrystalIdea Software O43 - CFD: 13/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Digiarty O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\DMCache O43 - CFD: 21/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\DownloadNinja O43 - CFD: 24/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Dropbox O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Foxit Software O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Identities O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\IDM O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\InstallShield O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Macromedia O43 - CFD: 06/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Maxthon3 O43 - CFD: 14/07/2009 - [0] D -- C:\Users\حاج\AppData\Roaming\Media Center Programs O43 - CFD: 19/01/2016 - [] SD -- C:\Users\حاج\AppData\Roaming\Microsoft O43 - CFD: 02/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Mozilla O43 - CFD: 16/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\MyTotalTV O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Opera Software O43 - CFD: 29/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Orbit O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Psiphon3 O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Real O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\SocialWebTechLTD O43 - CFD: 10/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Soft Solutions O43 - CFD: 26/11/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Sun O43 - CFD: 26/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Synei O43 - CFD: 26/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\TechSmith O43 - CFD: 24/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Thinstall O43 - CFD: 20/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Unity O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\vlc O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\WinRAR O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\ZHP O43 - CFD: 16/10/2015 - [] D -- C:\Users\حاج\AppData\Local\AAA_Internet_Publishing,_ O43 - CFD: 26/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Adobe O43 - CFD: 17/09/2015 - [0] SHD -- C:\Users\حاج\AppData\Local\Application Data O43 - CFD: 17/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Apps O43 - CFD: 25/09/2015 - [] D -- C:\Users\حاج\AppData\Local\assembly O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Local\AVAST Software O43 - CFD: 23/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Avg O43 - CFD: 23/10/2015 - [] D -- C:\Users\حاج\AppData\Local\CatalinaGroup O43 - CFD: 21/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Chromium O43 - CFD: 23/01/2016 - [] D -- C:\Users\حاج\AppData\Local\CrashDumps O43 - CFD: 25/12/2015 - [0] D -- C:\Users\حاج\AppData\Local\Deployment O43 - CFD: 24/10/2015 - [0] D -- C:\Users\حاج\AppData\Local\Diagnostics O43 - CFD: 18/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Downloaded Installations O43 - CFD: 24/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Dropbox O43 - CFD: 29/11/2015 - [] D -- C:\Users\حاج\AppData\Local\ESET O43 - CFD: 16/01/2016 - [] D -- C:\Users\حاج\AppData\Local\game-debate O43 - CFD: 17/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Geckofx O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Google O43 - CFD: 17/09/2015 - [0] D -- C:\Users\حاج\AppData\Local\History O43 - CFD: 09/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Intel_Corporation O43 - CFD: 21/12/2015 - [] D -- C:\Users\حاج\AppData\Local\LTE-Anbieter.info O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Macromedia O43 - CFD: 19/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Microsoft O43 - CFD: 22/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Microsoft Games O43 - CFD: 05/01/2016 - [0] D -- C:\Users\حاج\AppData\Local\Microsoft Help O43 - CFD: 11/10/2015 - [] D -- C:\Users\حاج\AppData\Local\mixlr O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Mozilla O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Opera Software O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Programs O43 - CFD: 12/01/2016 - [] D -- C:\Users\حاج\AppData\Local\PunkBuster O43 - CFD: 12/12/2015 - [] D -- C:\Users\حاج\AppData\Local\RadioSure O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Real O43 - CFD: 05/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Slimjet O43 - CFD: 25/12/2015 - [] D -- C:\Users\حاج\AppData\Local\Smart_PC_Soft O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Local\TechSmith O43 - CFD: 24/01/2016 - [] D -- C:\Users\حاج\AppData\Local\Temp O43 - CFD: 17/09/2015 - [0] D -- C:\Users\حاج\AppData\Local\Temporary Internet Files O43 - CFD: 24/09/2015 - [] D -- C:\Users\حاج\AppData\Local\Thinstall O43 - CFD: 21/01/2016 - [0] D -- C:\Users\حاج\AppData\Local\Unity O43 - CFD: 21/10/2015 - [] D -- C:\Users\حاج\AppData\Local\Video Enhancer O43 - CFD: 17/09/2015 - [] D -- C:\Users\حاج\AppData\Local\VirtualStore O43 - CFD: 01/10/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/09/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 02/01/2016 - [0] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ApeeeGoSoft O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 18/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-strike 1.6 original O43 - CFD: 27/12/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 21/09/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 22/01/2016 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 01/10/2015 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder O43 - CFD: 24/01/2016 - [] RD -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 01/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker O43 - CFD: 10/10/2015 - [] D -- C:\Users\حاج\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.® O106 - SIOI: Google Drive Shell extension [ GoogleDriveBlacklisted] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc® O106 - SIOI: Google Drive Shell extension [ GoogleDriveSynced] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc® O106 - SIOI: Google Drive Shell extension [ GoogleDriveSyncing] - {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}. (.Google - Google Drive shell extension.) -- C:\Program Files\Google\Drive\googledrivesync32.dll =>.Google Inc® O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - مكتبة DLL الخاصة بملحق Shell للتخزين المحسّ.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ ShareTools MSconfig StartupReg (14) - 0s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\download.ninja [Key] . (...) -- C:\Program Files\Ninja Download Manager\download.ninja.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe =>.Intel Corporation O53 - SMSR:HKLM\...\startupreg\HSPALauncher [Key] . (...) -- C:\PROGRA~1\HSPAUS~1\HSPALA~1.EXE (.not file.) O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc. O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe =>.Intel Corporation O53 - SMSR:HKLM\...\startupreg\ISUSPM Startup [Key] . (...) -- C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\ISUSScheduler [Key] . (.InstallShield Software Corporation - InstallShield Update Service Scheduler.) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe =>.InstallShield Software Corporation O53 - SMSR:HKLM\...\startupreg\jswtrayutil [Key] . (...) -- C:\Program Files\Jumpstart\jswtrayutil.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\MTview [Key] . (...) -- C:\Program Files\MTV20151125\MTView.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant [Key] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe ---\\ System Drivers List (91) - 19s O58 - SDL:2015/09/27 13:53:26 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\3B174BAD.sys [98520] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79952] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [23616] =>.Microsoft Windows® O58 - SDL:2013/10/28 10:02:54 A . (...) -- C:\Windows\System32\drivers\AppleCharger.sys [19168] {5C689B877816AEFFB17C54B08E755785} O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] =>.Microsoft Windows® O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] =>.Broadcom Corporation O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] =>.Brother Industries, Ltd. O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - برنامج تشغيل I/F التسلسلي لـ Brotehr (WDM)‎.) -- C:\Windows\System32\drivers\BrSerId.sys [272128] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] =>.Broadcom Corporation O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] =>.Microsoft Windows® O58 - SDL:2013/06/29 17:10:58 A . (.Mobile Connector - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\cmusbser.sys [103552] =>.Mobile Connector O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] =>.Microsoft Windows® O58 - SDL:2015/10/04 21:12:46 A . (.Phoenix Technologies - DriverAgent Direct I/O for 32-bit Windows.) -- C:\Windows\System32\drivers\DrvAgent32.sys [31832] =>PUP.Optional.eSupport O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [145512] =>.ESET, spol. s r.o.® O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.® O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] =>.Microsoft Windows® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44608] =>.ESET, spol. s r.o.® O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [56944] =>.ESET, spol. s r.o.® O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] =>.Broadcom Corporation O58 - SDL:2015/10/05 01:34:29 A . (...) -- C:\Windows\System32\drivers\GVTDrv.sys [24944] {31CB9D6D1714A92F6A11D815A80ABDA6} O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] =>.Hauppauge Computer Works, Inc. O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] =>.Microsoft Windows® O58 - SDL:2015/10/04 21:07:19 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX® O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332352] =>.Microsoft Windows® O58 - SDL:2015/12/29 13:18:10 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [124992] =>.Tonec Inc.® O58 - SDL:2013/10/28 23:01:40 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [3354624] =>.Intel Corporation O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] =>.Microsoft Windows® O58 - SDL:2008/05/15 03:28:44 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys [20384] =>.Atheros Communications, Inc. O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] =>.Microsoft Windows® O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation® O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] =>.Malwarebytes Corporation® O58 - SDL:2016/01/24 20:37:13 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] =>.Microsoft Windows® O58 - SDL:2015/10/05 09:50:16 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117312] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [142416] =>.Microsoft Windows® O58 - SDL:2016/01/15 19:26:25 A . (...) -- C:\Windows\System32\drivers\PnkBstrK.sys [22328] =>.Even Balance, Inc.® O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] =>.Microsoft Windows® O58 - SDL:2015/09/21 13:54:10 A . (.Resplendence Software Projects Sp. - Resplendence WhySoSlow Monitoring Driver.) -- C:\Windows\System32\drivers\rspWhy32.sys [24832] =>.Daniel Terhell® O58 - SDL:2011/09/29 10:30:32 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys [490088] =>.Realtek Semiconductor Corp® O58 - SDL:2013/08/27 13:37:54 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [2821336] =>.Realtek Semiconductor Corp® O58 - SDL:2011/06/15 14:11:20 RA . (.Realtek - Realtek NDIS Protocol Driver.) -- C:\Windows\System32\drivers\RtNdPt60.sys [33056] =>.Realtek Semiconductor Corp® O58 - SDL:2012/07/03 13:32:00 RA . (.Realtek Corporation - Realtek NDIS 6.2 Intermediate Miniport Driv.) -- C:\Windows\System32\drivers\RtTeam620.sys [49808] =>.Realtek Semiconductor Corp® O58 - SDL:2012/09/01 00:00:02 RA . (.Realtek Corporation - Realtek Virtual Miniport Driver for VLAN (N.) -- C:\Windows\System32\drivers\RtVlan620.sys [27792] =>.Realtek Semiconductor Corp® O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] =>.Microsoft Windows® O58 - SDL:2012/06/28 08:49:48 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [26624] =>.The OpenVPN Project O58 - SDL:2013/09/16 12:17:42 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriver.sys [85464] =>.Intel Corporation - Intel® Management Engine Firmware® O58 - SDL:2013/10/24 17:29:14 A . (...) -- C:\Windows\System32\drivers\UsbCharger.sys [20192] {5C689B877816AEFFB17C54B08E755785} O58 - SDL:2013/03/19 17:04:20 A . (.VIA Technologies, Inc. - Framework Version of ViaHub3 Dynamic Bus En.) -- C:\Windows\System32\drivers\ViaHub3.sys [190976] =>.VIA Technologies, Inc. O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] =>.Microsoft Windows® O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] =>.Microsoft Windows® O58 - SDL:2013/01/18 03:11:48 A . (.VIA Technologies, Inc. - VIA BulkOnly & UAS driver.) -- C:\Windows\System32\drivers\vusbstor.sys [73264] =>.VIA Technologies Inc.® O58 - SDL:2013/03/19 17:04:14 A . (.VIA Technologies, Inc. - WDF Driver for VIA eXtensible Host Controll.) -- C:\Windows\System32\drivers\xhcdrv.sys [239104] =>.VIA Technologies, Inc. O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:1996/04/03 20:33:26 A . (...) -- C:\Windows\System32\giveio.sys [5248] O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672] O58 - SDL:2011/03/18 17:08:54 A . (.Almico Software - SpeedFan x32 Driver.) -- C:\Windows\System32\speedfan.sys [25240] =>.Sokno S.R.L.® ---\\ Last modified or created user files (3) - 6s O61 - LFC: 2016/01/22 02:02:57 A . (.embratoria.) -- C:\Users\حاج\Downloads\Programs\Embra3rdG_2.exe [7046739] O61 - LFC: 2016/01/22 14:43:39 A . (..) -- C:\Users\حاج\AppData\LocalLow\Sun\Java\jre1.8.0_25\java_sp.dll [19157872] O61 - LFC: 2016/01/24 20:19:29 A . (..) -- C:\Users\حاج\AppData\Local\TechSmith\SnagIt\Tray.bin [756] ---\\ File Associations Shell Spawning (11) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - ‎‎مشغل الأداة الإضافية لعارض الأحداث.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software ASA® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - ‎‎محرر التسجيل.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software ASA® ---\\ Start Menu Internet (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe =>.Opera Software ASA® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software ---\\ Search Browser Infection (2) - 2s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Search Svchost Services (33) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة الخادم.) -- C:\Windows\System32\srvsvc.dll [168448] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll [591360] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [667136] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - خدمة صوت Windows.) -- C:\Windows\System32\audiosrv.dll [473088] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - إدارة الطلب التلقائي للوصول عن بُعد.) -- C:\Windows\System32\rasauto.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [285184] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - خدمة الإعلام بأحداث النظام (SENS).) -- C:\Windows\System32\Sens.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [241664] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [543232] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll [1912832] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - خدمة النقل الذكي في الخلفية.) -- C:\Windows\System32\qmgr.dll [589312] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [497152] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll [21504] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - خدمة معلومات التطبيقات.) -- C:\Windows\System32\appinfo.dll [46592] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - خدمة اكتشاف iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - خدمة جدولة فئات تعدد الوسائط.) -- C:\Windows\System32\mmcss.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll [61440] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [162816] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll [743424] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - خدمة تكوين سطح المكتب البعيد.) -- C:\Windows\System32\SessEnv.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة مستعرض الكم.) -- C:\Windows\System32\browser.dll [102400] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات نُسق Windo.) -- C:\Windows\System32\themeservice.dll [37376] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - خدمة BDE.) -- C:\Windows\System32\bdesvc.dll [76800] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll [149504] =>.Microsoft Corporation ---\\ Firewall Active Exception List (11) - 1s O87 - FAEL: "TCP Query User{AAFBAC70-4177-4B73-A959-A067CF2454AF}E:\motogp2 by lmodni\motogp2_demo.exe" [In-None-P6-TRUE] .(...) -- E:\motogp2 by lmodni\motogp2_demo.exe (.not file.) O87 - FAEL: "UDP Query User{72D74FBF-C8A6-4AB3-AC17-E86F265E3866}E:\motogp2 by lmodni\motogp2_demo.exe" [In-None-P17-TRUE] .(...) -- E:\motogp2 by lmodni\motogp2_demo.exe (.not file.) O87 - FAEL: "{7C1C3029-4FC0-46BB-AABC-90EA32098630}" [In-None-P17-TRUE] .(...) -- C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe (.not file.) O87 - FAEL: "{54A2F4EC-C67B-4E22-A5CA-35D7E94F62EC}" [In-None-P17-TRUE] .(...) -- C:\Program Files\FormatFactory\FFModules\Package\PFInstOnline.exe (.not file.) O87 - FAEL: "{7526B7FE-CAF7-4837-8B00-E4FD48D8E495}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafe.exe (.not file.) O87 - FAEL: "{B5C31490-575F-4E1D-9496-A4965AEFBDD6}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.) O87 - FAEL: "{1A34E3C8-DD91-444B-A6A6-2A548FD8CC07}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafeSvc.exe (.not file.) O87 - FAEL: "{C11A951A-B67B-4A03-B499-B6886B6E2266}" [In-None-P6-TRUE] .(...) -- C:\Program Files\ADSafe\ADSafe.exe (.not file.) O87 - FAEL: "{A09C9B9E-6EDF-4E81-8A3D-8857BE8F5585}" [In-None-P6-TRUE] .(...) -- C:\Program Files\PicosmosTools\PTInstOnline.exe (.not file.) O87 - FAEL: "{F9DA99C6-9606-4423-8C16-D029B2710DB7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe (.not file.) O87 - FAEL: "{3F03C8E5-C15B-4515-8453-3667EF060840}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe (.not file.) ---\\ Additional Scan (O88) (1) - 0s HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent ---\\ Summary of the elements found (4) - 0s http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.OurSurfing http://www.nicolascoolman.fr/pup-optional-mysites123 =>PUP.Optional.Mysites123 http://www.nicolascoolman.fr/pup-optional-yoursearching =>PUP.Optional.YourSearching http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent ~ End of the scan, 12877 items in 00h02mn47s (949)(0)