~ ZHPDiag v2016.4.6.84 By Nicolas Coolman (2016/04/06) ~ Run by ASSIL-TECH (Administrator) (2016/04/06 22:58:43) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\ASSIL-TECH\Desktop\ZHPDiag.txt ~ Report: C:\Users\ASSIL-TECH\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (1) - 0s MSIE: Internet Explorer v8.0.7601.17514 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : KO ---\\ System protection software (1) - 0s ESET NOD32 Antivirus v9.0.318.30 ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 2088.248 MB (22% free) System Restore: Activé (Enable) System drive C: has 16 GB () free of 53 GB =>Alerte espace disque inférieur à 20 Go ---\\ Connection to the system mode (3) - 0s ~ Computer Name: ASSIL-TECH-PC ~ User Name: ASSIL-TECH ~ Logged in as Administrator ---\\ Enumeration of the disk units (4) - 1s ~ Drive C: has 16 GB free of 53 GB (System) ~ Drive D: has 33 GB free of 45 GB ~ Drive E: has 27 GB free of 49 GB ~ Drive F: has 10 GB free of 58 GB ---\\ State of the Windows Security Center (10) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (23) - 0s [MD5.40D777B7A95E00593EB1568C68514493] - 20/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2616320] =>.Microsoft Corporation [MD5.51138BEEA3E2C21EC44D0932C71762A8] - 13/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] =>.Microsoft Corporation [MD5.B5C5DCAD3899512020D135600129D665] - 13/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [96256] =>.Microsoft Corporation [MD5.44214C94911C7CFB1D52CB64D5E8368D] - 20/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [980992] =>.Microsoft Corporation [MD5.6D13E1406F50C66E2A95D97F22C47560] - 20/11/2010 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [286720] =>.Microsoft Corporation [MD5.E3AE23569749DE12D45BA3B489A036AE] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [193536] =>.Microsoft Corporation [MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.1151FD4FB0216CFED887BFDE29EBD516] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] =>.Microsoft Corporation [MD5.338C86357871C167A96AB976519BF59E] - 13/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] =>.Microsoft Windows® [MD5.77EA11B065E0A8AB902D78145CA51E10] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] =>.Microsoft Corporation [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] =>.Microsoft Corporation [MD5.F024449C97EC1E464AAFFDA18593DB88] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] =>.Microsoft Corporation [MD5.9036377B8A6C15DC2EEC53E489D159B5] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] =>.Microsoft Corporation [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] =>.Microsoft Corporation [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 13/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] =>.Microsoft Corporation [MD5.B272B4C3E085EA860C12F2E4FAF2FFA2] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123904] =>.Microsoft Corporation [MD5.280122DDCF04B378EDD1AD54D71C1E54] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] =>.Microsoft Corporation [MD5.33C3093D09017CFE2E219F2472BFF6EB] - 20/11/2010 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1211264] =>.Microsoft Windows® [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 13/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [79360] =>.Microsoft Corporation [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 13/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] =>.Microsoft Corporation [MD5.3E21C083B8A01CB70BA1F09303010FCE] - 13/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] =>.Microsoft Corporation [MD5.B459575348C20E8121D6039DA063C704] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74752] =>.Microsoft Corporation [MD5.F497F67932C6FA693D7DE2780631CFE7] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [245632] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (2) - 0s O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe =>.ESET, spol. s r.o.® O23 - Service: Baidu Spark Service (SparkSvc) . (.Baidu Inc. - spark.) - C:\Program Files\baidu\Baidu Browser\sparkservice.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® ---\\ Services not Microsoft (SR=Run, SS=Stop) (6) - 10s SR - Demand [26/10/2012] [ 282112] BrYNSvc (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files\Browny02\BrYNSvc.exe =>.Brother Industries, Ltd. SR - Auto [09/10/2015] [ 1971968] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe =>.ESET, spol. s r.o.® SS - Demand [06/01/2016] [ 655624] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe =>.Acresso Software Inc.® SR - Auto [22/03/2016] [ 97080] Baidu Spark Service (SparkSvc) . (.Baidu Inc..) - C:\Program Files\baidu\Baidu Browser\sparkservice.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® SS - Demand [16/12/2015] [ 1372472] Baidu Spark Updater (SparkUpdater) . (.Baidu.com, Inc..) - C:\Program Files\baidu\SparkUpdate\Sparkupdate.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® ---\\ Task Planned Automatically (8) - 4s [MD5.13E901EEC0347A024450962C48385120] [APT] [SparkUpdater] (.Baidu.com, Inc..) -- C:\Program Files\baidu\Baidu Browser\SparkUpdate.exe [1372472] (.Activate.) =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.00000000000000000000000000000000] [APT] [{47C51E8B-7D1C-4524-AA66-B2F139F28E21}] (...) -- C:\Users\ASSIL-TECH\Desktop\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.C66A9E8DA5D457C616588AFA7F51FE34] [APT] [{74DBBA12-9E16-4709-B24D-F1CBCA932DBF}] (.Copyright (C) 2011.) -- c:\program files\baidu\baidu browser\spark.exe [983352] (.Activate.) =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.00000000000000000000000000000000] [APT] [{AAD9127C-A6A0-45A6-B8E6-99E772BCDD41}] (...) -- C:\Users\ASSIL-TECH\Desktop\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{AED9D922-2077-4CE5-AA03-E653F84692DF}] (...) -- C:\Downloads\Portable-Counter-Strike-1.6.By.Mody\Portable_CS1.6.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{C4CBA9C5-2FC2-473F-A277-84E596754B0E}] (...) -- C:\Users\ASSIL-TECH\Desktop\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{CDCE3307-78BA-4F90-90AD-21FFDF619B55}] (...) -- C:\Users\ASSIL-TECH\Desktop\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty O39 - APT: SparkUpdater - (.Baidu.com, Inc..) -- C:\Windows\System32\Tasks\SparkUpdater [4082] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® ---\\ Process running (21) - 1s [MD5.05D36FCAB501C67DEA797FAFB5C42AC5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1971968] [PID.808] =>.ESET, spol. s r.o.® [MD5.6A881210DB2753D610EF045BF27BC022] - (.Baidu Inc. - spark.) -- C:\Program Files\baidu\Baidu Browser\sparkservice.exe [97080] [PID.1604] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.E0ED4A85D35E3874A85A25C222326B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5532872] [PID.2668] =>.ESET, spol. s r.o.® [MD5.AA16204FD1F75637E8EAEB593A8FA597] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE [180224] [PID.3032] =>.PowerISO Computing, Inc. [MD5.22310E2C6AE375142ABBB9EF384ECD40] - (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe [4522496] [PID.3048] =>.Brother Industries, Ltd. [MD5.0C0DD390CF53D506414AC2CAA68E7F34] - (.Brother Industries, Ltd. - Brother Help Application.) -- C:\Program Files\Brother\Brother Help\BrotherHelp.exe [2009088] [PID.3056] =>.Brother Industries, Ltd. [MD5.0B82EFCF8D6CA4B6AD91154DDBCD575A] - (.FreeDownloadManager.ORG - Free Download Manager.) -- C:\Program Files\Free Download Manager\fdm.exe [3399727] [PID.3064] =>.FreeDownloadManager.ORG [MD5.6804EF3CF25A71EED994884424F16591] - (.Tencent Ltd. - QQ影音工具箱.) -- C:\Program Files\Tencent\QQPlayer\QPToolbox.exe [4300344] [PID.3080] =>.Superfluous.Tencent [MD5.A98D23910862BE46A333D9EB1398C57E] - (.Brother Industries, Ltd. - ControlCenter Main Process.) -- C:\Program Files\ControlCenter4\BrCtrlCntr.exe [505856] [PID.3160] =>.Brother Industries, Ltd. [MD5.065818B8A2CD7F08D6DC8C598191548C] - (.Brother Industries, Ltd. - BrYNCSvc.) -- C:\Program Files\Browny02\BrYNSvc.exe [282112] [PID.3168] =>.Brother Industries, Ltd. [MD5.8EE66B490856B2823DF82BF1B747A738] - (.Brother Industries, Ltd. - ControlCenter UX System.) -- C:\Program Files\ControlCenter4\BrCcUxSys.exe [1448960] [PID.3344] =>.Brother Industries, Ltd. [MD5.C66A9E8DA5D457C616588AFA7F51FE34] - (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe [983352] [PID.2056] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.C66A9E8DA5D457C616588AFA7F51FE34] - (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe [983352] [PID.3992] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.C66A9E8DA5D457C616588AFA7F51FE34] - (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe [983352] [PID.2188] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.C66A9E8DA5D457C616588AFA7F51FE34] - (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe [983352] [PID.2728] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.C66A9E8DA5D457C616588AFA7F51FE34] - (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe [983352] [PID.2860] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.C66A9E8DA5D457C616588AFA7F51FE34] - (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe [983352] [PID.3176] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.C66A9E8DA5D457C616588AFA7F51FE34] - (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe [983352] [PID.2960] =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® [MD5.D53CBE3561CB77EF03B1965B55D89CF3] - (.腾讯科技(深圳)有限公司 - QQ影音.) -- C:\Program Files\Tencent\QQPlayer\QQPlayer.exe [10190904] [PID.736] =>.Superfluous.Tencent [MD5.16E27465FC02E6974704FD2187E92144] - (.Tencent - 腾讯高速下载引擎.) -- C:\program files\common files\Tencent\qqdownload\130\tencentdl.exe [1097272] [PID.4368] =>.Superfluous.Tencent [MD5.87E06FEE953DAA671BE0CFAD7B927D9C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\ASSIL-TECH\Desktop\ZHPDiag3.exe [2179072] [PID.5600] =>.Nicolas Coolman ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 0s P2 - FPN: [HKLM] [@qq.com/npAndroidAssistant] - (.腾讯公司.) -- C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll =>.Superfluous.Tencent ---\\ Internet Explorer Extensions, Start, Search (10) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (2) - 1s O2 - BHO: QPMIEHelper - {50F4150A-48B2-417A-BE4C-C83F580FB904} . (.腾讯公司 - QQPhoneManager Onekey-Install plug-in for A.) -- C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll =>.Superfluous.Tencent O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} . (...) -- C:\Program Files\Free Download Manager\iefdm2.dll ---\\ Auto loading programs from Registry and folders (13) - 0s O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Run: [PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE =>.PowerISO Computing, Inc. O4 - HKLM\..\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files\ControlCenter4\BrCcBoot.exe =>.Brother Industries, Ltd. O4 - HKLM\..\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files\Browny02\Brother\BrStMonW.exe =>.Brother Industries, Ltd. O4 - HKLM\..\Run: [BrHelp] . (.Brother Industries, Ltd. - Brother Help Application.) -- C:\Program Files\Brother\Brother Help\BrotherHelp.exe =>.Brother Industries, Ltd. O4 - HKCU\..\Run: [Free Download Manager] . (.FreeDownloadManager.ORG - Free Download Manager.) -- C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - HKCU\..\Run: [qptoolbox] . (.Tencent Ltd. - QQ影音工具箱.) -- C:\Program Files\Tencent\QQPlayer\QPToolbox.exe =>.Superfluous.Tencent O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2758367036-1795556693-171510311-1000\..\Run: [Free Download Manager] . (.FreeDownloadManager.ORG - Free Download Manager.) -- C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - HKUS\S-1-5-21-2758367036-1795556693-171510311-1000\..\Run: [qptoolbox] . (.Tencent Ltd. - QQ影音工具箱.) -- C:\Program Files\Tencent\QQPlayer\QPToolbox.exe =>.Superfluous.Tencent ---\\ Global shortcuts Startup (61) - 11s O4 - GS\Desktop [Administrator]: Adobe Photoshop CC.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC.) C:\Program Files\Adobe\Adobe Photoshop CC\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\Desktop [Administrator]: ESET NOD32 Antivirus.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\Desktop [Administrator]: Free Download Manager.lnk . (.FreeDownloadManager.ORG - Free Download Manager.) C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - GS\Desktop [Administrator]: Microsoft Office Excel 2007.lnk . (...) C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\Desktop [Administrator]: Microsoft Office Word 2007.lnk . (...) C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [Administrator]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Desktop [Administrator]: RosettaStoneVersion3 - Shortcut.lnk . (.Multidmedia Limited - My Flash Application.) C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe =>.Multidmedia Limited O4 - GS\Desktop [Administrator]: Vegas Pro 11.0.lnk . (.Sony Creative Software Inc. - Vegas Pro.) C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe =>.Sony Creative Software Inc. O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ASSIL-TECH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrator]: Ashampoo Burning Studio 8.lnk . (...) C:\Program Files\Ashampoo\Ashampoo Burning Studio 8\burningstudio8.exe =>.ashampoo GmbH & Co. KG® O4 - GS\Quicklaunch [Administrator]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O4 - GS\Quicklaunch [Administrator]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [Administrator]: Free Download Manager.lnk . (.FreeDownloadManager.ORG - Free Download Manager.) C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - GS\Quicklaunch [Administrator]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\sendTo [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\TaskBar [Administrator]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O4 - GS\TaskBar [Administrator]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Desktop [ASSIL-TECH]: Adobe Photoshop CC.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC.) C:\Program Files\Adobe\Adobe Photoshop CC\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\Desktop [ASSIL-TECH]: ESET NOD32 Antivirus.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [ASSIL-TECH]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\Desktop [ASSIL-TECH]: Free Download Manager.lnk . (.FreeDownloadManager.ORG - Free Download Manager.) C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - GS\Desktop [ASSIL-TECH]: Microsoft Office Excel 2007.lnk . (...) C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\Desktop [ASSIL-TECH]: Microsoft Office Word 2007.lnk . (...) C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [ASSIL-TECH]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Desktop [ASSIL-TECH]: RosettaStoneVersion3 - Shortcut.lnk . (.Multidmedia Limited - My Flash Application.) C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe =>.Multidmedia Limited O4 - GS\Desktop [ASSIL-TECH]: Vegas Pro 11.0.lnk . (.Sony Creative Software Inc. - Vegas Pro.) C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe =>.Sony Creative Software Inc. O4 - GS\Desktop [ASSIL-TECH]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ASSIL-TECH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [ASSIL-TECH]: Ashampoo Burning Studio 8.lnk . (...) C:\Program Files\Ashampoo\Ashampoo Burning Studio 8\burningstudio8.exe =>.ashampoo GmbH & Co. KG® O4 - GS\Quicklaunch [ASSIL-TECH]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O4 - GS\Quicklaunch [ASSIL-TECH]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [ASSIL-TECH]: Free Download Manager.lnk . (.FreeDownloadManager.ORG - Free Download Manager.) C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - GS\Quicklaunch [ASSIL-TECH]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\sendTo [ASSIL-TECH]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\TaskBar [ASSIL-TECH]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O4 - GS\TaskBar [ASSIL-TECH]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Desktop [Guest]: Adobe Photoshop CC.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CC.) C:\Program Files\Adobe\Adobe Photoshop CC\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\Desktop [Guest]: ESET NOD32 Antivirus.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe =>.ESET, spol. s r.o.® O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\Desktop [Guest]: Free Download Manager.lnk . (.FreeDownloadManager.ORG - Free Download Manager.) C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - GS\Desktop [Guest]: Microsoft Office Excel 2007.lnk . (...) C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe =>.Microsoft Corporation® O4 - GS\Desktop [Guest]: Microsoft Office Word 2007.lnk . (...) C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [Guest]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\Desktop [Guest]: RosettaStoneVersion3 - Shortcut.lnk . (.Multidmedia Limited - My Flash Application.) C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe =>.Multidmedia Limited O4 - GS\Desktop [Guest]: Vegas Pro 11.0.lnk . (.Sony Creative Software Inc. - Vegas Pro.) C:\Program Files\Sony\Vegas Pro 11.0\vegas110.exe =>.Sony Creative Software Inc. O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\ASSIL-TECH\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Guest]: Ashampoo Burning Studio 8.lnk . (...) C:\Program Files\Ashampoo\Ashampoo Burning Studio 8\burningstudio8.exe =>.ashampoo GmbH & Co. KG® O4 - GS\Quicklaunch [Guest]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O4 - GS\Quicklaunch [Guest]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\Quicklaunch [Guest]: Free Download Manager.lnk . (.FreeDownloadManager.ORG - Free Download Manager.) C:\Program Files\Free Download Manager\fdm.exe =>.FreeDownloadManager.ORG O4 - GS\Quicklaunch [Guest]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\sendTo [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.Free Time O4 - GS\TaskBar [Guest]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O4 - GS\TaskBar [Guest]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>.Superfluous.Tencent O4 - GS\CommonDesktop [Public]: Ashampoo Burning Studio 8.lnk . (...) C:\Program Files\Ashampoo\Ashampoo Burning Studio 8\burningstudio8.exe =>.ashampoo GmbH & Co. KG® O4 - GS\CommonDesktop [Public]: Baidu Browser.lnk . (.Copyright (C) 2011 - spark.) C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O4 - GS\CommonDesktop [Public]: Brother Creative Center.lnk . (...) C:\Program Files\Brother\CreativeCenter\Brother Creative Center.url O4 - GS\CommonDesktop [Public]: FastStone Capture.lnk . (.FastStone Soft - FastStone Capture.) C:\Program Files\FastStone Capture\FSCapture.exe =>.FastStone Soft O4 - GS\CommonDesktop [Public]: Foxit Reader.lnk . (.Foxit Software Inc. - Foxit Reader 7.2, Best Reader for Everyday.) C:\Program Files\Foxit Software\Foxit Reader\FoxitReader.exe =>.Foxit Software Incorporated® O4 - GS\CommonDesktop [Public]: PowerISO.lnk . (.PowerISO Computing, Inc. - PowerISO.) C:\Program Files\PowerISO\PowerISO.exe =>.PowerISO Computing, Inc. O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 0.0.0.0 O17 - HKLM\System\CCS\Services\Tcpip\..\{0B1F307D-F527-4F91-9221-FCD83D2C41AC}: DhcpNameServer = 192.168.1.1 0.0.0.0 ---\\ Extra protocols (24) - 0s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (28) - 9s O42 - Logiciel: Adobe Photoshop CC - (.Adobe Systems Incorporated.) [HKLM] -- {2D99B50E-431D-4AA8-85C1-172A6F8BCF09} =>.Adobe Systems Incorporated® O42 - Logiciel: Ashampoo Burning Studio 8.09 - (.ashampoo GmbH & Co. KG.) [HKLM] -- Ashampoo Burning Studio 8_is1 =>.ashampoo GmbH & Co. KG® O42 - Logiciel: Baidu Browser - (.Baidu Inc..) [HKLM] -- Spark =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O42 - Logiciel: Brother MFL-Pro Suite DCP-J152W - (.Brother Industries, Ltd..) [HKLM] -- {B742757A-7658-4E09-A51A-085CF0F7F4D3} =>.Macrovision Corporation® O42 - Logiciel: Cracklock 3.9.44 - (.William Blum.) [HKLM] -- Cracklock_is1 =>.William Blum O42 - Logiciel: ESET NOD32 Antivirus - (.ESET, spol. s r.o..) [HKLM] -- {5050B852-8DB0-4C3A-A559-DAD4E7B086F9} =>.ESET, spol. s r.o. O42 - Logiciel: FastStone Capture 8.3 - (.FastStone Soft.) [HKLM] -- FastStone Capture =>.FastStone Soft O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM] -- FormatFactory =>.Free Time O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM] -- Foxit Reader_is1 =>.Foxit Software Incorporated® O42 - Logiciel: Free Download Manager 3.0 - (.FreeDownloadManager.ORG.) [HKLM] -- Free Download Manager_is1 =>.FreeDownloadManager.ORG O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM] -- {E9627240-E930-11E0-8690-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: PDF Settings CC - (.Adobe Systems Incorporated.) [HKLM] -- {1FBAE18D-4DE4-47AA-83EC-D1B046F262DC} =>.Adobe Systems Incorporated O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM] -- PowerISO =>.PowerISO Computing, Inc. O42 - Logiciel: QQ影音3.9 - (.腾讯科技(深圳)有限公司.) [HKCU] -- QQPlayer O42 - Logiciel: Rosetta Stone Version 3 - (.Rosetta Stone Ltd..) [HKLM] -- {99011A6E-5200-11DE-BDB8-7ACD56D89593} =>.Rosetta Stone Ltd. O42 - Logiciel: Topaz Adjust 5 - (.Topaz Labs, LLC.) [HKLM] -- Topaz Adjust 5 =>.Topaz Labs, LLC O42 - Logiciel: Topaz B&W Effects - (.Topaz Labs, LLC.) [HKLM] -- Topaz BW Effects 2 =>.Topaz Labs, LLC O42 - Logiciel: Topaz Clarity - (.Topaz Labs, LLC.) [HKLM] -- Topaz Clarity =>.Topaz Labs, LLC O42 - Logiciel: Topaz DeJpeg 4 - (.Topaz Labs, LLC.) [HKLM] -- Topaz DeJpeg 4 =>.Topaz Labs, LLC O42 - Logiciel: Topaz Detail 3 - (.Topaz Labs, LLC.) [HKLM] -- Topaz Detail 3 =>.Topaz Labs, LLC O42 - Logiciel: Topaz Fusion Express 2 - (.Topaz Labs, LLC.) [HKLM] -- Topaz Fusion Express 2 =>.Topaz Labs, LLC O42 - Logiciel: Topaz InFocus - (.Topaz Labs, LLC.) [HKLM] -- Topaz InFocus =>.Topaz Labs, LLC O42 - Logiciel: Topaz Lens Effects - (.Topaz Labs, LLC.) [HKLM] -- Topaz Lens Effects =>.Topaz Labs, LLC O42 - Logiciel: Topaz ReStyle - (.Topaz Labs, LLC.) [HKLM] -- Topaz ReStyle =>.Topaz Labs, LLC O42 - Logiciel: Topaz Simplify 4 - (.Topaz Labs, LLC.) [HKLM] -- Topaz Simplify 4 =>.Topaz Labs, LLC O42 - Logiciel: Topaz Star Effects - (.Topaz Labs, LLC.) [HKLM] -- Topaz Star Effects =>.Topaz Labs, LLC O42 - Logiciel: Vegas Pro 11.0 - (.Sony.) [HKLM] -- {E6F012B0-E930-11E0-A67A-F04DA23A5C58} =>.Sony O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver ---\\ HKCU & HKLM Software Keys (70) - 9s HKLM\SOFTWARE\Activision HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\Ashampoo HKLM\SOFTWARE\ATI Technologies HKLM\SOFTWARE\Baidu HKLM\SOFTWARE\Brother HKLM\SOFTWARE\Brother Industries, Ltd. HKLM\SOFTWARE\CBSTEST HKLM\SOFTWARE\CDDB HKLM\SOFTWARE\CloudOPTInfo HKLM\SOFTWARE\CoreCodec HKLM\SOFTWARE\CyberLink HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Foxit Software HKLM\SOFTWARE\FreeDownloadManager.ORG HKLM\SOFTWARE\Google HKLM\SOFTWARE\HaaliMkx HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Macrovision HKLM\SOFTWARE\MimarSinan HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\PowerISO HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\Skype HKLM\SOFTWARE\Sonic HKLM\SOFTWARE\Sony Creative Software HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent HKLM\SOFTWARE\Topaz Labs HKLM\SOFTWARE\Volatile HKLM\SOFTWARE\VST HKLM\SOFTWARE\WOW6432Node HKCU\SOFTWARE\8322898 HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Akeo Consulting HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Ashampoo HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\Brother HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\CoreAAC HKCU\SOFTWARE\CyberLink HKCU\SOFTWARE\DirectShow HKCU\SOFTWARE\DSP-worx HKCU\SOFTWARE\ESET HKCU\SOFTWARE\FastStone HKCU\SOFTWARE\Foxit Software HKCU\SOFTWARE\FreeDownloadManager.ORG HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Haali HKCU\SOFTWARE\MiniTool Solution Ltd. HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\PowerISO HKCU\SOFTWARE\Sony Creative Software HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\Topaz Labs HKCU\SOFTWARE\TopazLabs HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Valve HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wintertree HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\XUS PC Lock HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software ---\\ Contents of the Common Files folders (144) - 17s O43 - CFD: 23/01/2016 - [] D -- C:\Program Files\Activision O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Ashampoo =>.ashampoo GmbH & Co. KG® O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\baidu =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\Brother O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\Browny02 O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\ControlCenter4 O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Cracklock O43 - CFD: 07/02/2011 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 09/01/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.® O43 - CFD: 20/02/2016 - [0] D -- C:\Program Files\euro O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\FastStone Capture O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Foxit Software =>.Foxit Software Incorporated® O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\Free Download Manager O43 - CFD: 26/03/2016 - [] D -- C:\Program Files\FreeTime O43 - CFD: 09/01/2016 - [] HD -- C:\Program Files\InstallShield Installation Information =>.Macrovision Corporation® O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 20/11/2010 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Microsoft Visual Studio O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Microsoft Works O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 26/03/2016 - [] D -- C:\Program Files\MiniTool Partition Wizard Free 9.1 O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\MSBuild O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\MSECache O43 - CFD: 20/02/2016 - [] D -- C:\Program Files\New folder O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\PowerISO O43 - CFD: 13/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Rosetta Stone O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\Sony =>.Sony Creative Software Inc® O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\Tencent =>.Superfluous.Tencent O43 - CFD: 25/03/2016 - [] D -- C:\Program Files\Topaz Labs O43 - CFD: 13/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 13/07/2009 - [] D -- C:\Program Files\Windows NT O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 20/11/2010 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\WinRAR O43 - CFD: 09/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo O43 - CFD: 03/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Baidu Browser O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cracklock O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager O43 - CFD: 02/01/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 24/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO O43 - CFD: 06/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 13/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 20/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 06/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\ashampoo O43 - CFD: 03/01/2016 - [] D -- C:\ProgramData\Baidu O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\Brother O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\ControlCenter4 O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\ESET O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\FastStone O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 06/01/2016 - [0] D -- C:\ProgramData\FLEXnet O43 - CFD: 02/01/2016 - [] D -- C:\ProgramData\FreeDownloadManager.ORG O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\KingSoft O43 - CFD: 09/02/2016 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 24/02/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 19/03/2016 - [] D -- C:\ProgramData\Rosetta Stone O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\Sony O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 13/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 04/01/2016 - [] D -- C:\ProgramData\Tencent =>.Superfluous.Tencent O43 - CFD: 04/01/2016 - [0] D -- C:\ProgramData\TXQMPC O43 - CFD: 23/03/2016 - [] HDC -- C:\ProgramData\{7E8842F4-ECF1-457B-9B22-AA8299B810D9} O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Common Files\DESIGNER O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Common Files\microsoft shared O43 - CFD: 13/07/2009 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 13/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 05/01/2016 - [] D -- C:\Program Files\Common Files\Tencent =>.Superfluous.Tencent O43 - CFD: 25/03/2016 - [] D -- C:\Program Files\Common Files\Topaz Labs O43 - CFD: 23/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Adobe O43 - CFD: 22/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Ashampoo O43 - CFD: 03/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Baidu O43 - CFD: 29/01/2016 - [] RD -- C:\Users\ASSIL-TECH\AppData\Roaming\Brother O43 - CFD: 09/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\ControlCenter4 O43 - CFD: 05/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\FastStone O43 - CFD: 01/02/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Foxit Software O43 - CFD: 06/04/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Free Download Manager O43 - CFD: 02/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Identities O43 - CFD: 09/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\InstallShield O43 - CFD: 04/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Macromedia O43 - CFD: 20/11/2010 - [0] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Media Center Programs O43 - CFD: 18/03/2016 - [] SD -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft O43 - CFD: 04/01/2016 - [0] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Publish Providers O43 - CFD: 04/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Sony O43 - CFD: 04/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Sony Creative Software Inc O43 - CFD: 05/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Tencent =>.Superfluous.Tencent O43 - CFD: 06/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\XUSSoft O43 - CFD: 06/04/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\ZHP O43 - CFD: 05/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Adobe O43 - CFD: 02/01/2016 - [0] SHD -- C:\Users\ASSIL-TECH\AppData\Local\Application Data O43 - CFD: 22/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\ashampoo O43 - CFD: 12/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Diagnostics O43 - CFD: 30/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\ElevatedDiagnostics O43 - CFD: 11/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\ESET O43 - CFD: 05/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\FastStone O43 - CFD: 19/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Foxit Reader O43 - CFD: 02/01/2016 - [0] SHD -- C:\Users\ASSIL-TECH\AppData\Local\History O43 - CFD: 20/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Microsoft O43 - CFD: 20/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Microsoft Games O43 - CFD: 09/02/2016 - [0] D -- C:\Users\ASSIL-TECH\AppData\Local\Microsoft Help O43 - CFD: 03/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\MiniService O43 - CFD: 23/03/2016 - [0] D -- C:\Users\ASSIL-TECH\AppData\Local\PackageAware =>PUP.Optional.BearShare O43 - CFD: 06/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Programs O43 - CFD: 04/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Sony O43 - CFD: 06/04/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\Temp O43 - CFD: 02/01/2016 - [0] SHD -- C:\Users\ASSIL-TECH\AppData\Local\Temporary Internet Files O43 - CFD: 15/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Local\VirtualStore O43 - CFD: 06/01/2016 - [0] D -- C:\Users\ASSIL-TECH\AppData\Local\Programs\Common O43 - CFD: 13/07/2009 - [] RD -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 02/01/2016 - [] RD -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 26/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 26/03/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 13/07/2009 - [] RD -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 06/04/2016 - [] RD -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 04/01/2016 - [0] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 06/01/2016 - [] D -- C:\Users\ASSIL-TECH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 ---\\ Latest files created in Prefetcher (1) - 8s O45 - LFCP:[MD5.72D034F922D57B45A395D0B7DB4D025E] 06/04/2016 A -- C:\Windows\Prefetch\TENCENTDL.EXE-CBD983F1.pf =>.Superfluous.Tencent ---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ ShareTools MSconfig StartupReg (1) - 0s O53 - SMSR:HKLM\...\startupreg\AdobeCEPServiceManager [Key] . (.Adobe Systems Incorporated - Adobe CEP Service Manager.) -- C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe =>.Adobe Systems Incorporated ---\\ System Drivers List (68) - 6s O58 - SDL:2009/07/13 18:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] =>.Microsoft Windows® O58 - SDL:2010/11/20 14:29:03 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] =>.Microsoft Windows® O58 - SDL:2010/11/20 14:29:03 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] =>.Microsoft Windows® O58 - SDL:2009/07/13 15:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] =>.Broadcom Corporation O58 - SDL:2009/07/13 15:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 15:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] =>.Brother Industries, Ltd. O58 - SDL:2009/07/13 17:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 15:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 15:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 15:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 15:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] =>.Broadcom Corporation O58 - SDL:2009/07/13 18:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] =>.Microsoft Windows® O58 - SDL:2015/11/06 12:33:20 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.® O58 - SDL:2015/11/06 12:33:20 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [145512] =>.ESET, spol. s r.o.® O58 - SDL:2009/07/13 18:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] =>.Microsoft Windows® O58 - SDL:2015/11/06 12:33:20 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfpr.sys [131640] =>.ESET, spol. s r.o.® O58 - SDL:2009/07/13 15:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] =>.Broadcom Corporation O58 - SDL:2009/07/13 15:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] =>.Hauppauge Computer Works, Inc. O58 - SDL:2009/07/13 18:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] =>.Microsoft Windows® O58 - SDL:2010/11/20 14:29:03 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160] =>.Microsoft Windows® O58 - SDL:2009/06/10 14:19:30 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4756480] =>.Intel Corporation O58 - SDL:2009/07/13 18:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] =>.Microsoft Windows® O58 - SDL:2010/11/20 14:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120] =>.Microsoft Windows® O58 - SDL:2010/11/20 14:29:03 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] =>.Microsoft Windows® O58 - SDL:2009/07/13 15:02:52 A . (.Realtek Semiconductor Corporation - Realtek 10/100 NDIS 5.1 Driver.) -- C:\Windows\System32\drivers\Rtnicxp.sys [43008] =>.Realtek Semiconductor Corporation O58 - SDL:2010/04/12 01:44:34 A . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [59388] =>.PowerISO Computing, Inc. O58 - SDL:2009/07/13 13:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/13 16:45:33 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [83456] =>.Brother Industries Ltd. O58 - SDL:2009/07/13 18:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] =>.Microsoft Windows® O58 - SDL:2016/01/06 04:29:40 A . (.Tencent - Tencent TS888 (电脑管家主动防御模块).) -- C:\Windows\System32\drivers\TS888.sys [30392] =>.Superfluous.Tencent O58 - SDL:2009/07/13 18:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] =>.Microsoft Windows® O58 - SDL:2009/07/13 18:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] =>.Microsoft Windows® O58 - SDL:2009/07/13 14:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:2009/07/13 14:40:44 A . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:2009/07/13 14:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:2009/07/13 14:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:2009/07/13 14:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:2009/07/13 14:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:2009/07/13 14:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:2009/07/13 14:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:2009/07/13 14:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:2009/07/13 14:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:2009/07/13 14:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:2009/07/13 14:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:2009/07/13 14:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:2009/07/13 14:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:2009/07/13 14:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672] O58 - SDL:2015/03/05 11:15:36 N . (...) -- C:\Windows\System32\pwdrvio.sys [17160] =>.MiniTool Solution Ltd® O58 - SDL:2015/03/05 11:15:10 N . (...) -- C:\Windows\System32\pwdspio.sys [13064] =>.MiniTool Solution Ltd® O58 - SDL:2016/01/04 10:58:35 A . (.电脑管家 - 电脑管家-TSSK Driver.) -- C:\Windows\System32\TSSK.sys [67896] =>.Superfluous.Tencent ---\\ File Associations Shell Spawning (11) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® ---\\ Start Menu Internet (8) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\Spark.exe =>.Baidu Online Network Technology (Beijing) Co.,Ltd.® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Copyright (C) 2011 - spark.) -- C:\Program Files\baidu\Baidu Browser\spark.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Search Browser Infection (3) - 0s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} [DefaultScope] - (百度搜索) - http://www.baidu.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Search Svchost Services (32) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [593408] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [674304] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [473600] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [286208] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [242176] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [521216] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1914368] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [585728] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [499712] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [21504] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [47104] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [114688] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [49664] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [61440] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [750592] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [113664] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [102400] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [37376] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [76800] =>.Microsoft Corporation ---\\ Firewall Active Exception List (10) - 2s O87 - FAEL: "{81FBE4CA-3982-4EE3-BA0F-519EF65F5770}" [In-None-P6-TRUE] .(...) -- C:\Users\ASSIL-TECH\AppData\Local\Temp\nsz4A41.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{7160A998-8CDA-497D-86CC-B8A5EEC53D3A}" [In-None-P17-TRUE] .(...) -- C:\Users\ASSIL-TECH\AppData\Local\Temp\nsz4A41.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{1FB8D4B1-9DE8-486C-9C14-01462EF989E6}" [In-None-P6-TRUE] .(.版权所有 (C) 2008 Tencent - QQDeskUpdate.) -- C:\Program Files\Tencent\QQPlayer\QQDeskUpdate.exe {7FC80871A66FE6B07D8CFCA5AF93014D} =>.Superfluous.Tencent O87 - FAEL: "{6907077E-A7D6-4C72-BFE9-D63B3DEB1B6B}" [In-None-P17-TRUE] .(.版权所有 (C) 2008 Tencent - QQDeskUpdate.) -- C:\Program Files\Tencent\QQPlayer\QQDeskUpdate.exe {7FC80871A66FE6B07D8CFCA5AF93014D} =>.Superfluous.Tencent O87 - FAEL: "{103DCE15-9A7A-4B3D-A3CF-516AE54910F7}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Common Files\Tencent\QQDownload\118\Tencentdl.exe (.not file.) =>.Superfluous.Tencent O87 - FAEL: "{51DAE087-0968-47C0-A386-D2DC5A28A44E}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Common Files\Tencent\QQDownload\118\Tencentdl.exe (.not file.) =>.Superfluous.Tencent O87 - FAEL: "{2E1B8D5E-A9C9-402C-A494-8C71632724C3}" [In-None-P6-TRUE] .(...) -- C:\Users\ASSIL-TECH\AppData\Local\Temp\nsiC1FA.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{8CBB4721-A4D9-4072-A854-CB1A2DEC54B6}" [In-None-P17-TRUE] .(...) -- C:\Users\ASSIL-TECH\AppData\Local\Temp\nsiC1FA.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{933BF737-9C53-438E-9B9D-C6F1774A1D30}" [In-None-P6-TRUE] .(...) -- C:\Users\ASSIL-TECH\AppData\Local\Temp\nsj123B.tmp\QQPCDetector.exe (.not file.) O87 - FAEL: "{E9243188-BEAD-4879-A9AE-CED9F1C46AD3}" [In-None-P17-TRUE] .(...) -- C:\Users\ASSIL-TECH\AppData\Local\Temp\nsj123B.tmp\QQPCDetector.exe (.not file.) ---\\ Search Tracing Registry Key (4) - 2s HKLM\SOFTWARE\Microsoft\Tracing\QQLiveDownloader_RASAPI32 =>PUP.Optional.SoftwareEngine HKLM\SOFTWARE\Microsoft\Tracing\QQLiveDownloader_RASMANCS =>PUP.Optional.SoftwareEngine HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASAPI32 =>.Superfluous.Tencent HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASMANCS =>.Superfluous.Tencent ---\\ Additional Scan (O88) (13) - 0s C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll =>.Superfluous.Tencent HKLM\SOFTWARE\Tencent =>.Superfluous.Tencent HKCU\SOFTWARE\Tencent =>.Superfluous.Tencent C:\ProgramData\Tencent =>.Superfluous.Tencent C:\Program Files\Common Files\Tencent =>.Superfluous.Tencent C:\Users\ASSIL-TECH\AppData\Roaming\Tencent =>.Superfluous.Tencent C:\Users\ASSIL-TECH\AppData\Local\PackageAware =>PUP.Optional.BearShare C:\Windows\Prefetch\TENCENTDL.EXE-CBD983F1.pf =>.Superfluous.Tencent C:\Program Files\Tencent\QQPlayer\QQDeskUpdate.exe =>.Superfluous.Tencent HKLM\SOFTWARE\Microsoft\Tracing\QQLiveDownloader_RASAPI32 =>PUP.Optional.SoftwareEngine HKLM\SOFTWARE\Microsoft\Tracing\QQLiveDownloader_RASMANCS =>PUP.Optional.SoftwareEngine HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASAPI32 =>.Superfluous.Tencent HKLM\SOFTWARE\Microsoft\Tracing\tencentdl_RASMANCS =>.Superfluous.Tencent ---\\ Summary of the elements found (3) - 0s http://www.nicolascoolman.fr/?p=368 =>.Superfluous.Tencent http://www.nicolascoolman.fr/?p=343 =>PUP.Optional.BearShare http://www.nicolascoolman.fr/?p=1040 =>PUP.Optional.SoftwareEngine ~ End of the scan, 13349 items in 00h03mn04s (645)(0)