Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.8.10.130 By Nicolas Coolman (2016/08/10)
~ Run by mourad (Administrator) (2016/08/10 18:42:41)
~ Web: https://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:
~ Mode: Scan
~ Report: C:\Users\mourad\Desktop\ZHPDiag.txt
~ Report: C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v52.0.2743.116
MFIE: Mozilla Firefox 48.0 (x64 en-US)
MSIE: Internet Explorer v8.0.7601.17514
---\\ Windows Product Information (4) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO
---\\ System protection software (2) - 11s
Avira Antivirus v15.0.18.354
Avira Launcher v1.1.67.18988
---\\ Surveillance software (1) - 15s
Adobe Flash Player 22 PPAPI
---\\ Sharing software PeerToPeer (1) - 16s
µTorrent v3.4.6.42094
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3005.624 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 2 GB () free of 83 GB =>Alerte espace disque inférieur à 20 Go
---\\ Connection to the system mode (3) - 0s
~ Computer Name: ANDRIOD-5437890
~ User Name: mourad
~ Logged in as Administrator
---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 2 GB free of 83 GB (System)
~ Drive D: has 0 GB free of 68 GB
~ Drive F: has 0 GB free of 1 GB
---\\ State of the Windows Security Center (11) - 1s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (25) - 2s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 20/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - 20/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 20/11/2010 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
[MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation
[MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 20/11/2010 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Windows®
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.1B6163C503398B23FF8B939C67747683] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (16) - 4s
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agr64svc.exe =>.LSI Corporation
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - AGS Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
O23 - Service: Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira Service Host.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
O23 - Service: Servicio de Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Hotspot Shield 5.4.6.) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc®
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: OpenDHCPServer (OpenDHCPServer) . (...) - C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.)
O23 - Service: Microsoft32 (Service1) . (...) - C:\Windows\syswow64\dwm Service.exe (.not file.)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe =>.Intel(R) Software Development Products®
---\\ Services not Microsoft (SR=Run, SS=Stop) (26) - 248s
SS - Demand [09/08/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [27/03/2009] [ 16896] Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe =>.LSI Corporation
SR - Auto [05/04/2016] [ 2021592] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
SS - Auto [28/07/2016] [ 989696] Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG®
SR - Auto [28/07/2016] [ 472112] Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG®
SR - Auto [28/07/2016] [ 472112] Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG®
SS - Auto [28/07/2016] [ 1453696] Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG®
SR - Auto [11/07/2016] [ 309384] Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG®
SS - Demand [14/12/2015] [ 432792] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe =>.Bluestack Systems, Inc.®
SS - Demand [14/12/2015] [ 412312] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe =>.Bluestack Systems, Inc.®
SS - Demand [14/12/2015] [ 854680] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe =>.Bluestack Systems, Inc.®
SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
SR - Auto [14/09/2015] [ 414360] Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
SS - Auto [22/11/2015] [ 144200] Servicio de Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [22/11/2015] [ 144200] Servicio de Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [19/07/2016] [ 2729592] Hotspot Shield Service (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc®
SS - Demand [19/07/2016] [ 103168] Hotspot Shield Tray Service (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE =>.AnchorFree Inc®
SS - Disabl [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SS - Auto [10/03/2016] [ 1136608] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [26/07/2016] [ 167880] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [08/01/2016] [ 754784] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
SS - Demand [19/02/2010] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated
SS - Auto [14/09/2015] [ 112792] Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe =>.Intel(R) Software Development Products®
SS - Demand [14/09/2015] [ 414360] User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
SS - Demand [28/01/2016] [ 115976] Wondershare Driver Install Service (WsDrvInst) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
---\\ Process running (26) - 8s
[MD5.BB3BAB4F1502328C4FB6CCA3C8114F39] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe [472112] [PID.1536] =>.Avira Operations GmbH & Co. KG®
[MD5.B65F8DBA54F251906BBE8611B5A0E7AB] - (.LSI Corporation - LSI Soft Modem Call Progress Service.) -- C:\Program Files\LSI SoftModem\agr64svc.exe [16896] [PID.1732] =>.LSI Corporation
[MD5.C17171E63E84F5711DF23B8F1E7A100E] - (.Adobe Systems, Incorporated - AGS Service.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592] [PID.1760] =>.Adobe Systems Incorporated®
[MD5.BB3BAB4F1502328C4FB6CCA3C8114F39] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe [472112] [PID.1804] =>.Avira Operations GmbH & Co. KG®
[MD5.379A8E0E11D3DECE5F64A0F58DCBBC25] - (.AnchorFree Inc. - Hotspot Shield 5.4.6.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2729592] [PID.1888] =>.AnchorFree Inc®
[MD5.79115ABD7B7B770BBE505D952442AA3E] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [365592] [PID.2308] =>.Intel Corporation®
[MD5.AE3B44E4973E1907A86AA5290C695E94] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.exe [510960] [PID.2344] =>.Intel Corporation - Software and Firmware Products®
[MD5.7DB9E612A2742ACEAB080B882E83141C] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784] [PID.2508] =>.Samsung Electronics CO., LTD.®
[MD5.A8F20318ECF54999E521CEB608027097] - (.TOSHIBA CORPORATION - BtMon4.) -- C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon2.exe [91464] [PID.2636] =>.TOSHIBA CORPORATION®
[MD5.07F7114C29FD873E17111249F771B4A0] - (.TOSHIBA CORPORATION - BtMon4.) -- C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon64.exe [107848] [PID.2704] =>.TOSHIBA CORPORATION®
[MD5.7444E0F4C9991AE3711F5FAB5DB257E1] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831064] [PID.2784] =>.Avira Operations GmbH & Co. KG®
[MD5.6A9838B3761D585B28206BBB51F34516] - (...) -- C:\Program Files (x86)\DFX\DFX.exe [1328632] [PID.2792]
[MD5.F719084EF96E26AAB0BE9E90BC49203E] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe [133624] [PID.3024] =>.Power Technology®
[MD5.66990EF40812633B84FA0964BCA5E954] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe [134648] [PID.3032] =>.Power Technology®
[MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [275512] [PID.2832] =>.Tonec Inc.®
[MD5.8256846E20B6F451A4A6B2EAD057FF25] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [1042232] [PID.3096] =>.Avira Operations GmbH & Co. KG®
[MD5.5F0C87F2FA11C991BB93B84BD02151B3] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384] [PID.3744] =>.Avira Operations GmbH & Co. KG®
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.2540] =>.WIBU-SYSTEMS AG®
[MD5.9BB8368CAAB57E0431ADBA1D13DC4ED5] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe [458904] [PID.4200] =>.Intel(R) Software Development Products®
[MD5.0E452B882FEEFCEFF3A8225B89393D1D] - (.Avira Operations GmbH & Co. KG - Avira Launcher.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [151776] [PID.1152] =>.Avira Operations GmbH & Co. KG®
[MD5.359818737539FFA646FD8EFB75378AAF] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360] [PID.1008] =>.Intel(R) Software Development Products®
[MD5.B91D667649661B64063D469B06723F42] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [399816] [PID.3688] =>.Mozilla Corporation®
[MD5.49B9E1A9142DB150A2F80DD46F93EA11] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3966064] [PID.5584] =>.Tonec Inc.®
[MD5.E4EBD7E36C71923B336F118C55150544] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe [2285568] [PID.5496] =>.Nicolas Coolman
[MD5.D49005D77A4F49F97CFD13808407A36C] - (.Microsoft Game Studios - Setup Launcher.) -- C:\Users\mourad\Desktop\AgeOfEmpire3Setupwww.download.ir\Age_Of_Empire_3_Setup_www.download.ir\AOE III DISC 1\setup.exe [311296] [PID.4960] =>.Microsoft Game Studios
[MD5.1D461686B0E32F2DECB587C895A05402] - (.Macrovision Corporation - InstallShield (R) 64-bit Setup Engine.) -- C:\Users\mourad\AppData\Local\Temp\{3D7E40C0-992C-4E72-A083-840D4DF4318A}\ISBEW64.exe [120240] [PID.3968] =>.Macrovision Corporation®
---\\ Google Chrome, Start,Search,Extensions (19) - 4s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://icm.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://api.mixpanel.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://download.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://offers.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://v2.auc.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com
G2 - GCE: Preference [User Data\Default] [ablpcikjmhamjanpibkccdmpoekjigja] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [cpegcopcfajiiibidlaelhjjblpefbjk] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [fdjdjkkjoiomafnihnobkinnfjnnlhdg] Советник Яндекс.Маркета
G2 - GCE: Preference [User Data\Default] [flliilndjeohchalpbbcdekjklbdgfkk] Avira Browser Safety
G2 - GCE: Preference [User Data\Default] [gdljkkmghdkckhaogaemgbgdfophkfco] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [gidgenkbbabolejbgbpnhbimgjbffefm] Vysor
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 13s
P2 - EXT FILE: (.Plebicom - Barre d'outils eBuyClub.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\ebctb@plebicom.xul.xpi
P2 - EXT FILE: (.Hotspot Shield Free VPN Proxy – Unblock Sites - Unblock any blocked website or content.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\hotspot-shield@anchorfree.com.xpi
P2 - EXT FILE: (.Text to Voice - .) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\text2voice@vik.josh.xpi
P2 - EXT FILE: (.Ikrg - RightToClick.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll =>.Adobe Systems Incorporated
---\\ Internet Explorer Extensions, Start, Search (8) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.babal.net/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\System32\Userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Hosts file redirection (1) - 2s
~ Le fichier hôte est sain (The hosts file is clean) (51)
---\\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Internet Explorer Toolbars (1) - 1s
O3 - Toolbar: 0x464CB804BB5A6B47A7D740435D9AE611 - [HKCU]{04B84C46-5ABB-476B-A7D7-40435D9AE611} . (...) -- (.not file.)
---\\ Auto loading programs from Registry and folders (17) - 2s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe =>.Intel Corporation - Software and Firmware Products®
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKCU\..\Run: [AdobeBridge] (Orphan)
O4 - HKCU\..\Run: [Jump Connect] C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\4.9.8.0\JumpConnect.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Avira SystrayStartTrigger] . (.Avira Operations GmbH & Co. KG - Avira Launcher.) -- C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe =>.Avira Operations GmbH & Co. KG®
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe =>.Avira Operations GmbH & Co. KG®
O4 - HKLM\..\Wow6432Node\Run: [Antamedia DBServer] C:\Antamedia\DBServer\ADBServer.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Antamedia DBServer AsService] (Orphan)
O4 - HKLM\..\Wow6432Node\Run: [DFX] . (...) -- C:\Program Files (x86)\DFX\DFX.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [AdobeBridge] (Orphan)
O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [Jump Connect] C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\4.9.8.0\JumpConnect.exe (.not file.)
---\\ Global shortcuts Startup (102) - 68s
O4 - GS\Desktop [Administrador]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd.
O4 - GS\Desktop [Administrador]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L.
O4 - GS\Desktop [Administrador]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Desktop [Administrador]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc®
O4 - GS\Desktop [Administrador]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe
O4 - GS\Desktop [Administrador]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Administrador]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team
O4 - GS\Desktop [Administrador]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Administrador]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrador]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O4 - GS\Quicklaunch [Administrador]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Administrador]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16}
O4 - GS\Quicklaunch [Administrador]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrador]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe
O4 - GS\Quicklaunch [Administrador]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O4 - GS\Quicklaunch [Administrador]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation
O4 - GS\Quicklaunch [Administrador]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrador]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrador]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrador]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.®
O4 - GS\Quicklaunch [Administrador]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O4 - GS\Quicklaunch [Administrador]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe
O4 - GS\sendTo [Administrador]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Administrador]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Administrador]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Administrador]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Administrador]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\TaskBar [Administrador]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [Invitado]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd.
O4 - GS\Desktop [Invitado]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L.
O4 - GS\Desktop [Invitado]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Desktop [Invitado]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc®
O4 - GS\Desktop [Invitado]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe
O4 - GS\Desktop [Invitado]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Invitado]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team
O4 - GS\Desktop [Invitado]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Invitado]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [Invitado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Invitado]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O4 - GS\Quicklaunch [Invitado]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Invitado]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16}
O4 - GS\Quicklaunch [Invitado]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Quicklaunch [Invitado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Invitado]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe
O4 - GS\Quicklaunch [Invitado]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O4 - GS\Quicklaunch [Invitado]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation
O4 - GS\Quicklaunch [Invitado]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Invitado]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Invitado]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Invitado]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.®
O4 - GS\Quicklaunch [Invitado]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O4 - GS\Quicklaunch [Invitado]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe
O4 - GS\sendTo [Invitado]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Invitado]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Invitado]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Invitado]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Invitado]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\TaskBar [Invitado]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [mourad]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd.
O4 - GS\Desktop [mourad]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L.
O4 - GS\Desktop [mourad]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Desktop [mourad]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc®
O4 - GS\Desktop [mourad]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe
O4 - GS\Desktop [mourad]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [mourad]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team
O4 - GS\Desktop [mourad]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [mourad]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [mourad]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [mourad]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O4 - GS\Quicklaunch [mourad]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [mourad]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16}
O4 - GS\Quicklaunch [mourad]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Quicklaunch [mourad]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [mourad]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe
O4 - GS\Quicklaunch [mourad]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O4 - GS\Quicklaunch [mourad]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation
O4 - GS\Quicklaunch [mourad]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [mourad]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [mourad]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [mourad]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.®
O4 - GS\Quicklaunch [mourad]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O4 - GS\Quicklaunch [mourad]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe
O4 - GS\sendTo [mourad]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [mourad]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [mourad]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [mourad]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [mourad]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\TaskBar [mourad]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Avira Launcher.lnk . (.Avira Operations GmbH & Co. KG - Avira Launcher.) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe =>.Avira Operations GmbH & Co. KG®
O4 - GS\CommonDesktop [Public]: Bighits4U Viewer 3.0.lnk . (.Copyright © 2015 - Bighits4U Viewer.) C:\Program Files (x86)\Bighits4U Viewer 3.0\Bighits4U Viewer.exe
O4 - GS\CommonDesktop [Public]: BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks App Player.) C:\ProgramData\BlueStacksGameManager\BlueStacks.exe =>.Bluestack Systems, Inc.®
O4 - GS\CommonDesktop [Public]: FastStone Capture.lnk . (.FastStone Soft - FastStone Capture.) C:\Program Files (x86)\FastStone Capture\FSCapture.exe =>.FastStone Soft
O4 - GS\CommonDesktop [Public]: Genymotion.lnk . (...) C:\Program Files (x86)\Genymobile\Genymotion\genymotion.exe
O4 - GS\CommonDesktop [Public]: Hotspot Shield.lnk . (.AnchorFree Inc. - Hotspot Shield 5.4.6.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe =>.AnchorFree Inc®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: WiFi HotSpot Creator.lnk . (.DanuSoft - WiFi HotSpot Creator.) C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe
O4 - GS\Startup [Public]: Bluetooth Monitor.lnk . (.TOSHIBA CORPORATION - BtMon4.) C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe =>.TOSHIBA CORPORATION®
O4 - GS\Programs [Public]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Programs [Public]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\favicon.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc
---\\ Lop.com/Domain Hijackers (3) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6022B23-CFA9-455A-A514-E928E65E7A09}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{08B1291A-1623-40D7-AC20-2EBA71FEC140}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE9E45B3-5A5F-41F6-BED6-1F6254ABE04C}: DhcpNameServer = 192.168.3.1 192.168.3.1
---\\ Extra protocols (22) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
---\\ Software installed (77) - 202s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: 7-Data Recovery Suite version 3.6.0 - (.SharpNight Co,Ltd.) [HKLM][64Bits] -- {02386A56-080B-485c-941D-AF96B29140DD}_is1 =>.SharpNight Co,Ltd
O42 - Logiciel: Adobe After Effects CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4817D846-700B-474E-A31B-80892B3E92E3} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 22 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 22 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 22 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CS6 patch by zaxo7 1.00 - (...) [HKLM][64Bits] -- Adobe Photoshop CS6 patch by zaxo7 1.00
O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player =>.Adobe Systems, Inc.
O42 - Logiciel: Avira Antivirus v15.0.18.354 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- Avira Antivirus =>.Avira Operations GmbH & Co. KG®
O42 - Logiciel: Avira Launcher v1.1.67.18988 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {92a7fd6b-31e5-472f-862e-79214c5032ef} =>.Avira Operations GmbH & Co. KG®
O42 - Logiciel: Avira Launcher v1.1.67.18988 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {A6634D1D-EA57-45DE-AF8F-0EDD35B912C3} =>.Avira Operations GmbH & Co. KG
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {EFA0FC40-7D96-4515-9715-7C0C5D872326} =>.BlueStack Systems, Inc.
O42 - Logiciel: Bluetooth Monitor 4 - (.TOSHIBA.) [HKLM][64Bits] -- {61539202-097E-487E-9237-B291AB56D54C} =>.Macrovision Corporation®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: CyberGhost 6 - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost 6_is1 {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O42 - Logiciel: DFX - (.Power Technology.) [HKLM][64Bits] -- DFX =>.Power Technology
O42 - Logiciel: FastStone Capture 7.4 - (.FastStone Soft.) [HKLM][64Bits] -- FastStone Capture =>.FastStone Soft
O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU][64Bits] -- GameRanger =>.GameRanger Technologies®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Earth Pro - (.Google.) [HKLM][64Bits] -- {35DAA04C-1720-4BE3-A920-A03731EC6A1D} =>.Google
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {F9B579C2-D854-300A-BE62-A09EB9D722E4} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM][64Bits] -- {31B12C11-AE4E-479F-8D6D-242DC265368D} =>.HitLeap Ltd.
O42 - Logiciel: Hotspot Shield 5.4.6 - (.AnchorFree Inc..) [HKLM][64Bits] -- HotspotShield =>.AnchorFree Inc®
O42 - Logiciel: Hotspot Shield 5.4.6 Embedded - (.Buildbot.) [HKLM][64Bits] -- {AF599C42-A2E5-4251-B7EE-4925A1670923} =>.Buildbot
O42 - Logiciel: IDMActivator-mrelhlawany25.12 25.12 - (.mrelhlawany.com.) [HKLM][64Bits] -- IDMActivator-mrelhlawany25.12 25.12
O42 - Logiciel: Intel(R) Driver Update Utility 2.2.0.5 - (.Intel.) [HKLM][64Bits] -- {C4FB3CF4-C845-4746-A9F5-476908266433} =>.Intel
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI =>.Intel Corporation®
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java 8 Update 65 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218065F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 65 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418065F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418066F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 65 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180650} =>.Oracle Corporation
O42 - Logiciel: Kat MP3 Recorder - (.GoodKatShare LLC.) [HKLM][64Bits] -- Kat MP3 Recorder
O42 - Logiciel: Lagarith lossless video codec (Remove Only) - (...) [HKLM][64Bits] -- LAGARITH
O42 - Logiciel: Mediatek RT2870 Wireless LAN Card - (.MediatekWiFi.) [HKLM][64Bits] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox 48.0 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 48.0 (x64 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} =>.NVIDIA Corporation
O42 - Logiciel: Oracle VM VirtualBox 5.0.4 - (.Oracle Corporation.) [HKLM][64Bits] -- {FC191F32-1A67-4231-91D0-0059A57C99A8} =>.Oracle Corporation
O42 - Logiciel: PCSX2 - Playstation 2 Emulator - (...) [HKLM][64Bits] -- pcsx2
O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} =>.Adobe Systems Incorporated
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} =>.SAMSUNG ELECTRONICS CO.,LTD.®
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: SliQ Submitter Plus - (.SliQTools.) [HKLM][64Bits] -- {37146DD2-013F-4344-82B6-F6D1F99C6F3E}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} =>.Adobe Systems, Inc
O42 - Logiciel: TAP-Windows 9.21.1 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer =>.Unity Technologies ApS
O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {C0E08D8D-6076-4117-B644-2AF34F35B757} =>.ClockworkMod
O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {D9C4202E-6D51-4B06-A8F1-22316E654BCA} =>.ClockworkMod
O42 - Logiciel: UnLock Root Pro 3.36 - (.Unlcokroot.) [HKLM][64Bits] -- UnLock Root Pro
O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU][64Bits] -- WhatsApp {046660C4A56E0FD7E8FAC0B7BA03A845}
O42 - Logiciel: WiFi HotSpot Creator - (.DanuSoft.) [HKLM][64Bits] -- {C37344E7-A9A9-4E1F-993C-73AEF17BFDC0}
O42 - Logiciel: WinDirStat 1.1.2 - (...) [HKCU][64Bits] -- WinDirStat
O42 - Logiciel: Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/2 - (.Google, Inc..) [HKLM][64Bits] -- 092555911492C6959D2596D612F52DCA71881CA2 =>.Google, Inc.
O42 - Logiciel: WinRAR 5.11 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinRAR 5.30 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: ZTE USB Driver - (.ZTE Corporation.) [HKLM][64Bits] -- ZTE USB Driver =>.ZTE Corporation
---\\ HKCU & HKLM Software Keys (234) - 202s
HKLM\SOFTWARE\Wow6432Node\Act-3D
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Akella Games
HKLM\SOFTWARE\Wow6432Node\Antamedia
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Ashampoo
HKLM\SOFTWARE\Wow6432Node\Atari
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\Avira
HKLM\SOFTWARE\Wow6432Node\AVS4YOU
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\BlueStacks
HKLM\SOFTWARE\Wow6432Node\BlueStacksGameManager
HKLM\SOFTWARE\Wow6432Node\Cygwin
HKLM\SOFTWARE\Wow6432Node\DanuSoft
HKLM\SOFTWARE\Wow6432Node\DC-Unlocker
HKLM\SOFTWARE\Wow6432Node\DFX
HKLM\SOFTWARE\Wow6432Node\EA Games
HKLM\SOFTWARE\Wow6432Node\EaseUS
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Forward Development
HKLM\SOFTWARE\Wow6432Node\fv
HKLM\SOFTWARE\Wow6432Node\fwc
HKLM\SOFTWARE\Wow6432Node\Garmin
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\honestech
HKLM\SOFTWARE\Wow6432Node\HotspotShield
HKLM\SOFTWARE\Wow6432Node\HotspotShield MSI
HKLM\SOFTWARE\Wow6432Node\Huawei technologies
HKLM\SOFTWARE\Wow6432Node\Icaros
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Kat MP3 Recorder
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\Lavasoft
HKLM\SOFTWARE\Wow6432Node\LeapWare
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MarkAny
HKLM\SOFTWARE\Wow6432Node\Mediatek
HKLM\SOFTWARE\Wow6432Node\MediatekWiFi
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Myfree Codec
HKLM\SOFTWARE\Wow6432Node\NCH Software
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenVPN
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PATHPILOT
HKLM\SOFTWARE\Wow6432Node\PCSX2
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\PowerTechnology
HKLM\SOFTWARE\Wow6432Node\Rocket Division Software
HKLM\SOFTWARE\Wow6432Node\RTWS2012
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft
HKLM\SOFTWARE\Wow6432Node\Sony Corporation
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\Steganos
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TechSmith
HKLM\SOFTWARE\Wow6432Node\ThinPrint
HKLM\SOFTWARE\Wow6432Node\TOSHIBA
HKLM\SOFTWARE\Wow6432Node\TrueSoftware
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Wow6432Node\VMware, Inc.
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\Vstep
HKLM\SOFTWARE\Wow6432Node\Web Solution Mart
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\WondershareSysMenuDATA
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\X-AVCSD
HKLM\SOFTWARE\Wow6432Node\Xilisoft
HKLM\SOFTWARE\Wow6432Node\Yahoo =>.Yahoo!
HKLM\SOFTWARE\Wow6432Node\ZTE Corporation
HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\8322898
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AI_RecycleBin
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\Antamedia
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Ashampoo
HKCU\SOFTWARE\astragon Software GmbH
HKCU\SOFTWARE\Avira
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\BVRP Software
HKCU\SOFTWARE\Camfrog
HKCU\SOFTWARE\CatDaddyGames
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\ClockworkMod
HKCU\SOFTWARE\csastats
HKCU\SOFTWARE\CyberGhost
HKCU\SOFTWARE\DFX
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\EaseUS
HKCU\SOFTWARE\EFD Software
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\EpmNewsInfo
HKCU\SOFTWARE\eSellerate
HKCU\SOFTWARE\FastStone
HKCU\SOFTWARE\FlashBoot
HKCU\SOFTWARE\Forward Development
HKCU\SOFTWARE\FreeAudioVideo
HKCU\SOFTWARE\fv
HKCU\SOFTWARE\fwc
HKCU\SOFTWARE\GameRanger
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\Genymobile
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hetman Software
HKCU\SOFTWARE\HitLeap
HKCU\SOFTWARE\HmelyoffLabs
HKCU\SOFTWARE\Hola
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Jingling
HKCU\SOFTWARE\join.me
HKCU\SOFTWARE\Jump Desktop
HKCU\SOFTWARE\JumpDesktop
HKCU\SOFTWARE\Kungsoft
HKCU\SOFTWARE\Lagarith
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Lightrock Entertainment
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Macrovision
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\Magicbit
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MediaChance
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mobileleader
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\MTK
HKCU\SOFTWARE\Myfree Codec
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\none
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Oracle
HKCU\SOFTWARE\PalTalk
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\pth264
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RootGenius
HKCU\SOFTWARE\RSUPPORT
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\SCS Software
HKCU\SOFTWARE\Seifert
HKCU\SOFTWARE\SharpNight
HKCU\SOFTWARE\SightSpeed Inc
HKCU\SOFTWARE\SimpleTV by SergeyVS#3
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\Sony Ericsson
HKCU\SOFTWARE\SplitmediaLabs
HKCU\SOFTWARE\Steganos
HKCU\SOFTWARE\TAdvCheckList
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Telestream
HKCU\SOFTWARE\thriXXX
HKCU\SOFTWARE\TrafficTravisv4
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\URSoft
HKCU\SOFTWARE\Valusoft
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Web Solution Mart
HKCU\SOFTWARE\Wi-Fi Hotspot
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinSoftMagic
HKCU\SOFTWARE\Wireshark
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\WsAudio_Device
HKCU\SOFTWARE\WSVCUPlugin
HKCU\SOFTWARE\Xenocode
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\XperiFirm
HKCU\SOFTWARE\Yahoo =>.Yahoo!
HKCU\SOFTWARE\Yandex
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Yandex
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\MarkAny
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint
HKCU\SOFTWARE\AppDataLow\Software\Unity
---\\ Contents of the Common Files folders (420) - 353s
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 26/11/2015 - [0] D -- C:\Program Files\Apoint2K
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Program Files\Archivos comunes
O43 - CFD: 05/10/2014 - [] D -- C:\Program Files\AuthenTec =>.AuthenTec, Inc.®
O43 - CFD: 22/07/2016 - [] D -- C:\Program Files\ByteFence =>.Superfluous.ByteFence
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\CodeMeter
O43 - CFD: 29/05/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 04/11/2015 - [] D -- C:\Program Files\CPUID
O43 - CFD: 05/08/2016 - [] D -- C:\Program Files\CyberGhost 6 {008A83DCBD56B8AF121E8A95157494BCFB}
O43 - CFD: 23/07/2016 - [] D -- C:\Program Files\DIFX
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 30/07/2016 - [] D -- C:\Program Files\EaseUS
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Farming Simulator 2009 Gold
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\FlashBoot
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Genymobile
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files\Intel =>.Intel(R) Software Development Products®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\LSI SoftModem
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 29/07/2016 - [] D -- C:\Program Files\MiniTool Partition Wizard Free 9.1 =>.MiniTool Solution Ltd®
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 10/04/2016 - [0] D -- C:\Program Files\MPC-HC
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 10/12/2015 - [] D -- C:\Program Files\NetPanel {411290C3B6985D1DD4202A51727A340B}
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\OBS
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Oracle =>.Oracle Corporation®
O43 - CFD: 07/11/2015 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics®
O43 - CFD: 27/03/2016 - [0] D -- C:\Program Files\Recuva
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 07/04/2016 - [] D -- C:\Program Files\Samsung =>.Samsung Electronics CO., LTD.®
O43 - CFD: 05/08/2016 - [] D -- C:\Program Files\SoftEther VPN Client Manager =>.SoftEther K.K.®
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files\TAP-Windows
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 17/07/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 08/12/2015 - [] D -- C:\Program Files\Windows Service
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files\Wireshark
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files (x86)\3G ALWA
O43 - CFD: 31/07/2016 - [] D -- C:\Program Files (x86)\7-Data Recovery Suite {658AA5BAA389249FEED00D4D30FA1167}
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Advanced JPEG Compressor
O43 - CFD: 08/08/2016 - [0] D -- C:\Program Files (x86)\Age of Empires II HD The Forgotten
O43 - CFD: 23/07/2016 - [0] D -- C:\Program Files (x86)\ALMzor-G
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Android Data Recovery
O43 - CFD: 15/01/2016 - [] D -- C:\Program Files (x86)\Ashampoo =>.Ashampoo GmbH & Co. KG®
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\AthTek
O43 - CFD: 14/10/2015 - [0] D -- C:\Program Files (x86)\AutoHideIP
O43 - CFD: 10/10/2015 - [] D -- C:\Program Files (x86)\Avira =>.Avira Operations GmbH & Co. KG®
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\AVS4YOU =>.Online Media Technologies Ltd.®
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files (x86)\awsd
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 04/05/2016 - [] D -- C:\Program Files (x86)\Bighits4U Viewer 3.0
O43 - CFD: 28/12/2015 - [] D -- C:\Program Files (x86)\BlueStacks
O43 - CFD: 03/01/2016 - [0] D -- C:\Program Files (x86)\BusCableCarSimulator
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\ClockworkMod
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG®
O43 - CFD: 29/05/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\DanuSoft
O43 - CFD: 22/01/2016 - [0] D -- C:\Program Files (x86)\Demolition Company Demo
O43 - CFD: 01/04/2016 - [] D -- C:\Program Files (x86)\Devolutions
O43 - CFD: 16/02/2016 - [] D -- C:\Program Files (x86)\DFX
O43 - CFD: 21/03/2016 - [] HD -- C:\Program Files (x86)\DrFoneAndroid_Temp
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\DriverPack Notifier {257BEAC53AA38B99FD1B541811F6EE8F}
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\EaseUS =>.CHENGDU YIWO Tech Development Co., Ltd.®
O43 - CFD: 12/05/2016 - [] D -- C:\Program Files (x86)\Euro Truck Simulator 2
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\EveryonePiano {5BBACF0F21A9FD49D7052465D8766E16}
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Fake Voice 7.0
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Fake Webcam 7.4 {08C9327273D02B7091C71CD09C8A7D1A}
O43 - CFD: 25/05/2016 - [] D -- C:\Program Files (x86)\Farming Simulator 2013 =>.GIANTS Software GmbH®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\FastStone Capture
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files (x86)\Flash Memory Toolkit
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files (x86)\Forward Development
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\GetData =>.GetData Pty Ltd®
O43 - CFD: 22/11/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files (x86)\GUM50E0.tmp =>.Google Inc®
O43 - CFD: 10/11/2015 - [] D -- C:\Program Files (x86)\HitLeap =>.HitLeap Ltd.®
O43 - CFD: 23/07/2016 - [] D -- C:\Program Files (x86)\honestech
O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Hotspot Shield =>.AnchorFree Inc®
O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\HSPA USB MODEM
O43 - CFD: 19/02/2016 - [] D -- C:\Program Files (x86)\IDMActivator-mrelhlawany25.12
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\Innovative Solutions
O43 - CFD: 09/08/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.SAMSUNG ELECTRONICS CO.,LTD.®
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility =>.Intel(R) Software Development Products®
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc.®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 16/11/2015 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.®
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 23/07/2016 - [] D -- C:\Program Files (x86)\Kat MP3 Recorder
O43 - CFD: 22/07/2016 - [0] D -- C:\Program Files (x86)\Kingo Android ROOT
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\LeapFTP 3.0 {7A8AE6A6E5FD53D9195B8B38590E5F41}
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Lightrock Entertainment
O43 - CFD: 01/05/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 10/12/2015 - [] D -- C:\Program Files (x86)\MarkAny
O43 - CFD: 16/03/2016 - [0] D -- C:\Program Files (x86)\mHotspot
O43 - CFD: 10/08/2016 - [] D -- C:\Program Files (x86)\Microsoft Games
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\Mobile Partner
O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\Money Robot {0098D4F9B401AA7FB70AE7DC9C056354A7}
O43 - CFD: 18/07/2016 - [] D -- C:\Program Files (x86)\Movistar Internet Movil =>.ZTE CORPORATION®
O43 - CFD: 09/08/2016 - [0] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 06/12/2015 - [0] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files (x86)\MyFree Codec
O43 - CFD: 16/03/2016 - [0] D -- C:\Program Files (x86)\MyPublicWiFi
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\NCH Software
O43 - CFD: 17/04/2016 - [] D -- C:\Program Files (x86)\Notepad++ =>.Notepad++®
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 09/04/2016 - [0] D -- C:\Program Files (x86)\OBS
O43 - CFD: 22/07/2016 - [] D -- C:\Program Files (x86)\One Click Root
O43 - CFD: 11/02/2016 - [] D -- C:\Program Files (x86)\PCSX2 1.4.0
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Portable
O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\PowerISO =>.Power Software Ltd®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/04/2016 - [0] D -- C:\Program Files (x86)\RSUPPORT
O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\Samsung =>.SAMSUNG ELECTRONICS CO.,LTD.®
O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\SliQTools {427848125931D57EC4B61C5D117A9E34}
O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Sony {25BB963B3E935A88A62D1DD09CF34997}
O43 - CFD: 29/10/2015 - [0] D -- C:\Program Files (x86)\Sony Mobile
O43 - CFD: 16/04/2016 - [] D -- C:\Program Files (x86)\SplitmediaLabs
O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files (x86)\Tanker Truck Simulator 2011
O43 - CFD: 20/04/2016 - [] D -- C:\Program Files (x86)\TechSmith
O43 - CFD: 22/07/2016 - [] D -- C:\Program Files (x86)\Thinix
O43 - CFD: 20/03/2016 - [] D -- C:\Program Files (x86)\thriXXX
O43 - CFD: 08/08/2016 - [] D -- C:\Program Files (x86)\Toshiba =>.TOSHIBA CORPORATION®
O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files (x86)\Trucks & Trailers
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Unlockroot Pro
O43 - CFD: 19/04/2016 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 29/05/2016 - [] D -- C:\Program Files (x86)\VMware
O43 - CFD: 11/01/2016 - [0] D -- C:\Program Files (x86)\Vstep
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Web Solution Mart
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\WiFi HotSpot Creator
O43 - CFD: 03/05/2016 - [] D -- C:\Program Files (x86)\WinDirStat
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 17/07/2016 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\WinPcap
O43 - CFD: 05/10/2014 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®
O43 - CFD: 02/06/2016 - [] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Xilisoft
O43 - CFD: 17/08/2015 - [] D -- C:\Program Files (x86)\Your Uninstaller! 7
O43 - CFD: 31/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Data Recovery Suite
O43 - CFD: 08/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 15/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 28/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 04/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bighits4U Viewer
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 05/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
O43 - CFD: 15/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driving Simulator 2012
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveryonePiano
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
O43 - CFD: 19/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 23/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kat MP3 Recorder
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
O43 - CFD: 03/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Money Robot
O43 - CFD: 18/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movistar Internet Movil
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nav-u tool
O43 - CFD: 17/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
O43 - CFD: 11/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 07/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 10/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio
O43 - CFD: 08/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voic Changer
O43 - CFD: 30/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiFi HotSpot Creator
O43 - CFD: 03/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
O43 - CFD: 06/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 17/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Apple
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 15/01/2016 - [] D -- C:\ProgramData\ashampoo
O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\AutoHideIP
O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 10/10/2015 - [] D -- C:\ProgramData\Avira
O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 06/04/2016 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon
O43 - CFD: 17/08/2015 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\BlueStacksGameManager
O43 - CFD: 25/07/2016 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\CodeMeter
O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Database Server
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Datos de programa
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Escritorio
O43 - CFD: 16/04/2016 - [] D -- C:\ProgramData\eSellerate
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 07/01/2016 - [0] D -- C:\ProgramData\Garmin
O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Hotspot Shield
O43 - CFD: 05/10/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 23/07/2016 - [] D -- C:\ProgramData\InstallShield
O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 16/11/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\LGMOBILEAX
O43 - CFD: 13/04/2016 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 18/07/2016 - [] D -- C:\ProgramData\Mediatek Driver
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Menú Inicio
O43 - CFD: 06/12/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 11/01/2016 - [] D -- C:\ProgramData\Microsoft Games
O43 - CFD: 03/04/2016 - [0] D -- C:\ProgramData\Money Robot Submitter
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\NCH Software
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\NFS Underground
O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 26/07/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 01/04/2016 - [] D -- C:\ProgramData\Phase Five Systems
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Plantillas
O43 - CFD: 31/07/2016 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 13/04/2016 - [] D -- C:\ProgramData\SplitMediaLabs
O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\SP_FT_Logs
O43 - CFD: 20/12/2015 - [] D -- C:\ProgramData\SP_MDT_Logs
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\Sun
O43 - CFD: 26/05/2016 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 16/04/2016 - [0] D -- C:\ProgramData\Telestream
O43 - CFD: 09/08/2016 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 09/01/2013 - [] D -- C:\ProgramData\Test Drive Unlimited
O43 - CFD: 22/07/2016 - [] D -- C:\ProgramData\Thinix
O43 - CFD: 20/03/2016 - [] D -- C:\ProgramData\thriXXX
O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\VMware
O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate
O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Xilisoft
O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\Z-Software
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 20/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 16/02/2016 - [] D -- C:\Program Files (x86)\Common Files\DFX
O43 - CFD: 16/04/2016 - [0] D -- C:\Program Files (x86)\Common Files\eSellerate
O43 - CFD: 08/08/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 27/09/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Common Files\Steganos
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Web Solution Mart
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 07/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Adobe
O43 - CFD: 22/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Affilorama
O43 - CFD: 15/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Ashampoo
O43 - CFD: 10/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Avira
O43 - CFD: 27/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\AVS4YOU
O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\DMCache
O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\DRPSu
O43 - CFD: 10/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Eusing
O43 - CFD: 14/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\FastStone
O43 - CFD: 04/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\FileZilla
O43 - CFD: 05/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\GameRanger
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Google
O43 - CFD: 21/03/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\HMYGSetting
O43 - CFD: 14/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Hotspot Shield
O43 - CFD: 04/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Identities
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\IDM
O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Innovative Solutions
O43 - CFD: 23/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\InstallShield
O43 - CFD: 31/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\IObit
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\mourad\AppData\Roaming\Media Center Programs
O43 - CFD: 08/01/2016 - [] SD -- C:\Users\mourad\AppData\Roaming\Microsoft
O43 - CFD: 11/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft Games
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Mozilla
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\MPC-HC
O43 - CFD: 10/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\NCH Software
O43 - CFD: 17/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Notepad++
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\One Click Root
O43 - CFD: 20/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\PDAppFlex
O43 - CFD: 10/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\PowerISO
O43 - CFD: 08/04/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Rsupport
O43 - CFD: 07/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Samsung
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Shuame
O43 - CFD: 04/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Spiritsoft
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\SplitmediaLabs
O43 - CFD: 04/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 10/02/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Steganos
O43 - CFD: 13/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Sun
O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\TechSmith
O43 - CFD: 25/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Thinstall
O43 - CFD: 22/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Traffic Travis v4
O43 - CFD: 19/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Unity
O43 - CFD: 17/08/2015 - [] D -- C:\Users\mourad\AppData\Roaming\URSoft
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\uTorrent
O43 - CFD: 16/04/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Vara Software
O43 - CFD: 29/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\VMware
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\WhatsApp
O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\WinBatch
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\WinRAR
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Wirecast Play
O43 - CFD: 13/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Wireshark
O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Wondershare
O43 - CFD: 13/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Wondershare Video Converter Ultimate
O43 - CFD: 15/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Xilisoft
O43 - CFD: 27/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Yandex
O43 - CFD: 27/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Z-Software
O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\ZHP
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\ZJMedia
O43 - CFD: 13/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 16/03/2016 - [] D -- C:\Users\mourad\AppData\Local\1BN_Software_&_IT_Solutio
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Local\Adobe
O43 - CFD: 19/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Apple
O43 - CFD: 19/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Apple Computer
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Archivos temporales de Internet
O43 - CFD: 07/10/2014 - [] D -- C:\Users\mourad\AppData\Local\ashampoo
O43 - CFD: 09/04/2016 - [] D -- C:\Users\mourad\AppData\Local\assembly
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\AWSToolkit
O43 - CFD: 06/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Babylon =>PUP.Optional.Babylon
O43 - CFD: 28/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Bluestacks
O43 - CFD: 06/11/2015 - [] D -- C:\Users\mourad\AppData\Local\BusCableCarSimulator
O43 - CFD: 13/04/2016 - [] D -- C:\Users\mourad\AppData\Local\CEF
O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Chromium
O43 - CFD: 09/08/2016 - [0] D -- C:\Users\mourad\AppData\Local\CrashDumps
O43 - CFD: 14/10/2015 - [] D -- C:\Users\mourad\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 11/09/2015 - [] D -- C:\Users\mourad\AppData\Local\DanuSoft
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Datos de programa
O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Devolutions
O43 - CFD: 16/02/2016 - [] D -- C:\Users\mourad\AppData\Local\DFX
O43 - CFD: 16/08/2015 - [0] D -- C:\Users\mourad\AppData\Local\Diagnostics
O43 - CFD: 03/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Downloaded Installations
O43 - CFD: 01/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Eclipse
O43 - CFD: 08/08/2016 - [] D -- C:\Users\mourad\AppData\Local\ElevatedDiagnostics
O43 - CFD: 09/12/2015 - [] D -- C:\Users\mourad\AppData\Local\FastStone
O43 - CFD: 09/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Garmin_Ltd._or_its_subsid
O43 - CFD: 05/05/2016 - [] D -- C:\Users\mourad\AppData\Local\Genymobile
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Google
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Historial
O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Local\Innovative Solutions
O43 - CFD: 20/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Intel
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\IsolatedStorage
O43 - CFD: 09/04/2016 - [] D -- C:\Users\mourad\AppData\Local\join.me
O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Jump Desktop
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Local\Macromedia
O43 - CFD: 05/12/2015 - [] D -- C:\Users\mourad\AppData\Local\MetaGeek,_LLC
O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Microsoft
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Local\Mozilla
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\oneClickRoot
O43 - CFD: 30/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Opera Software
O43 - CFD: 27/11/2015 - [0] D -- C:\Users\mourad\AppData\Local\Package Cache
O43 - CFD: 08/09/2015 - [] D -- C:\Users\mourad\AppData\Local\Programs
O43 - CFD: 11/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Quadriga Games
O43 - CFD: 05/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Samsung
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\SplitMediaLabs
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Local\SquirrelTemp
O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Local\TechSmith
O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Local\Temp
O43 - CFD: 25/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Thinstall
O43 - CFD: 19/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Unity
O43 - CFD: 04/10/2014 - [0] D -- C:\Users\mourad\AppData\Local\VirtualStore
O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\VMware
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Local\WhatsApp
O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Wondershare
O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Yandex
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\ZJMedia
O43 - CFD: 08/09/2015 - [0] D -- C:\Users\mourad\AppData\Local\Programs\Common
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/07/2016 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 27/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 28/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
O43 - CFD: 08/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup
O43 - CFD: 19/02/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
O43 - CFD: 27/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
O43 - CFD: 03/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SliQTools
O43 - CFD: 28/10/2015 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
O43 - CFD: 08/08/2016 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 20/03/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
O43 - CFD: 03/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
O43 - CFD: 06/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 01/04/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashDumps
O43 - CFD: 17/08/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft
---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ System Drivers List (122) - 239s
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/06/10 21:01:06 A . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\System32\drivers\agrsm64.sys [1146880] =>.LSI Corp
O58 - SDL:2009/07/14 01:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:32:46 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:32:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2015/11/19 23:51:14 A . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\System32\drivers\AmUStor.sys [84480] =>.Alcor Micro, Corp.
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2012/10/18 11:12:06 A . (.AuthenTec, Inc. - AuthenTec Fingerprint Sensor WBF Driver.) -- C:\Windows\System32\drivers\ATSwpWDF.sys [1111856] =>.AuthenTec, Inc.®
O58 - SDL:2016/07/28 15:21:01 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [171752] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/07/28 15:21:01 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [145984] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2015/09/01 17:09:54 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [28600] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/06/05 19:42:47 A . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\drivers\avnetflt.sys [79696] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2009/06/10 20:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2016/07/17 03:09:53 A . (.Connectify - Connectify NDISRD helper driver.) -- C:\Windows\System32\drivers\cfywlan1.sys [36736] =>.Connectify (Connectify, Inc.)®
O58 - SDL:2009/07/14 01:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2016/07/17 03:09:52 A . (.Connectify - CNNCTFY helper driver.) -- C:\Windows\System32\drivers\cnnctfy3.sys [43872] =>.Connectify (Connectify, Inc.)®
O58 - SDL:2015/08/31 18:25:56 A . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx11_1x64.sys [28008] =>.Power Technology®
O58 - SDL:2015/11/12 17:27:12 A . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx12x64.sys [29688] =>.Power Technology®
O58 - SDL:2009/06/10 20:35:02 A . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6.) -- C:\Windows\System32\drivers\e1y60x64.sys [281088] =>.Intel Corporation
O58 - SDL:2011/10/20 11:24:16 A . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6.) -- C:\Windows\System32\drivers\e1y62x64.sys [302296] =>.Intel Corporation®
O58 - SDL:2009/07/14 01:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 20:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2015/10/28 14:28:26 A . (.Sony Mobile Communications - SOMC USB Flash Driver Filter.) -- C:\Windows\System32\drivers\ggflt.sys [16088] =>.Sony Mobile Communications AB®
O58 - SDL:2015/10/28 14:28:27 A . (.Sony Mobile Communications - SOMC USB Flash Driver.) -- C:\Windows\System32\drivers\ggsomc.sys [30424] =>.Sony Mobile Communications AB®
O58 - SDL:2009/06/10 20:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/11/20 13:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2015/02/04 02:01:10 A . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\drivers\hssdrv6.sys [44744] =>.AnchorFree Inc®
O58 - SDL:2010/11/20 13:33:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2016/08/05 13:04:22 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [217256] =>.Tonec Inc.®
O58 - SDL:2008/07/31 11:32:24 A . (.Infineon Technologies AG - Infineon Trusted Platform Module.) -- C:\Windows\System32\drivers\ifxtpm.sys [58880]
O58 - SDL:2013/02/20 00:44:08 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12312928] =>.Intel Corporation
O58 - SDL:2009/07/14 01:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/09/04 11:41:24 A . (.ZTE Incorporated - ZTE CDROM Filter.) -- C:\Windows\System32\drivers\massfilter.sys [11776] =>.ZTE Incorporated
O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation®
O58 - SDL:2016/05/09 18:06:48 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:06 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64896] =>.Malwarebytes Corporation®
O58 - SDL:2012/12/07 10:28:06 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\Windows\System32\drivers\ndiskhaz.sys [30536] =>.Khalil Azzouzi®
O58 - SDL:2015/11/19 16:06:22 A . (.MediaTek Inc. - MediaTek 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28ux.sys [2246488] =>.MEDIATEK INC.®
O58 - SDL:2010/01/13 16:37:18 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETw5s64.sys [7675392] =>.Intel Corporation
O58 - SDL:2009/06/10 20:35:28 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\netw5v64.sys [5434368] =>.Intel Corporation
O58 - SDL:2012/01/23 14:44:12 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwNs64.sys [8616960] =>.Intel Corporation
O58 - SDL:2009/07/14 01:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2011/06/08 17:22:34 A . (. - OEM Driver.) -- C:\Windows\System32\drivers\OEMDrv.sys [268416]
O58 - SDL:2010/08/27 16:04:20 A . (.TCT International Mobile Ltd - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\qcusbser.sys [118016] =>.TCT International Mobile Ltd
O58 - SDL:2009/07/14 01:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2009/09/03 10:37:02 A . (.REDC - RICOH MMC Driver.) -- C:\Windows\System32\drivers\rimmpx64.sys [67072] =>.REDC
O58 - SDL:2009/09/03 10:59:28 A . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\drivers\rimspx64.sys [54784] =>.REDC
O58 - SDL:2009/09/24 17:31:14 A . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\drivers\risdsn64.sys [76288] =>.REDC
O58 - SDL:2009/09/03 11:14:30 A . (.REDC - RICOH xD SM Driver.) -- C:\Windows\System32\drivers\rixdpx64.sys [57856] =>.REDC
O58 - SDL:2012/04/24 19:48:04 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4028520] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/12/14 15:41:32 RA . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187.sys [448512] =>.Realtek Semiconductor Corporation
O58 - SDL:2012/12/09 09:51:20 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [126944] =>.Power Software Ltd®
O58 - SDL:2009/06/10 20:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2015/06/04 13:33:50 A . (...) -- C:\Windows\System32\drivers\semav6msr64.sys [21984] =>.Intel(R) Code Signing External®
O58 - SDL:2009/07/14 01:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Device II 1.0 Driver.) -- C:\Windows\System32\drivers\ssm_bus.sys [136192] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_cm.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_cmnt.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Filter Driv.) -- C:\Windows\System32\drivers\ssm_mdfl.sys [18944] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Driver.) -- C:\Windows\System32\drivers\ssm_mdm.sys [172032] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_wh.sys [15872] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_whnt.sys [15872] =>.MCCI Corporation®
O58 - SDL:2016/01/08 08:51:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [120416] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/01/08 08:51:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [213088] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\System32\drivers\ss_bus.sys [127488] =>.MCCI Corporation®
O58 - SDL:2015/05/21 06:02:50 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_cm.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_cmnt.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\System32\drivers\ss_mdfl.sys [18944] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\System32\drivers\ss_mdm.sys [161280] =>.MCCI Corporation®
O58 - SDL:2015/05/21 06:02:50 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_wh.sys [15872] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_whnt.sys [15872] =>.MCCI Corporation®
O58 - SDL:2009/07/14 01:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2014/11/05 13:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2015/10/12 20:51:26 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42088] =>.AnchorFree Inc®
O58 - SDL:2012/07/20 13:40:52 A . (.Hajo Krabbenhöft - Personal Voice Changer Driver.) -- C:\Windows\System32\drivers\tenCapture.sys [23736] {0E701C8C223C339FA3C0FCB1AEF5E4A7}
O58 - SDL:2010/06/14 09:32:54 A . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\drivers\TFsExDisk.sys [16448] =>.Teruten, Inc.®
O58 - SDL:2009/06/29 15:16:20 A . (.TOSHIBA Corporation - TOSHIBA HDD Protection - Shock Sensor Drive.) -- C:\Windows\System32\drivers\Thpevm.sys [14784] =>.TOSHIBA CORPORATION®
O58 - SDL:2015/11/19 23:50:22 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\drivers\tosrfec.sys [53624] =>.TOSHIBA CORPORATION®
O58 - SDL:2009/07/14 11:25:14 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ.SYS [26840] =>.TOSHIBA CORPORATION®
O58 - SDL:2013/01/25 21:48:14 A . (.Scott - usbdriver.) -- C:\Windows\System32\drivers\USBDrv_AMD64.sys [18392] =>.Allwinner Technology Co.,Ltd.®
O58 - SDL:2015/09/08 11:48:10 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [964392] =>.Oracle Corporation®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\Windows\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\Windows\System32\drivers\VBoxNetLwf.sys [146072] =>.Oracle Corporation®
O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox USB Driver.) -- C:\Windows\System32\drivers\VBoxUSB.sys [125520] =>.Oracle Corporation®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [138904] =>.Oracle Corporation®
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
O58 - SDL:2012/04/15 21:32:14 A . (.Windows (R) Win 7 DDK provider - WebcamMax Capture.) -- C:\Windows\System32\drivers\wcmvcam64.sys [1071032] {6E0A5E2C7C789BDA175F577FFD554961} =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/05/25 23:29:04 A . (.SplitmediaLabs Limited - XSplit Stream Audio.) -- C:\Windows\System32\drivers\xspltspk.sys [26200] =>.Splitmedialabs Limited®
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/08/21 16:44:00 A . (.ZTE Corporation - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ZTEusbnet.sys [135168] =>.ZTE Corporation
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmeaext.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmeaext2.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbvoice.sys [119680] =>.ZTE Incorporated
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\Windows\System32\epmntdrv.sys [18528] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\Windows\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2013/09/30 15:26:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [19152] =>.MiniTool Solution Ltd®
O58 - SDL:2013/09/30 15:26:48 N . (...) -- C:\Windows\System32\pwdspio.sys [12504] =>.MiniTool Solution Ltd®
---\\ Last modified or created user files (2) - 155s
O61 - LFC: 2016/08/10 11:49:36 A . (..) -- C:\Users\mourad\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [297839]
O61 - LFC: 2016/08/09 20:17:33 A . (..) -- C:\Users\mourad\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [128]
---\\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
---\\ Start Menu Internet (12) - 2s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.)
---\\ Search Browser Infection (4) - 94s
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark._edMembers_.lastActivePing", "1466883948937"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.hp.enabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "myradioaccess@mindspark.com"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.lastInstalled", "myradioaccess@mindspark.com"); =>PUP.Optional.Bandoo
---\\ Search Svchost Services (33) - 4s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation
---\\ Firewall Active Exception List (30) - 23s
O87 - FAEL: "{82485849-57C2-4684-8578-EBD6AB3C94AD}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O87 - FAEL: "{786C5D5E-7A90-4913-B4AF-54545BB3EBF1}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O87 - FAEL: "{587C939D-CF4A-4257-9A5A-8C49781BDDA3}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe (.not file.)
O87 - FAEL: "{BE01F55C-2206-452A-AA15-8DD1EFA906EF}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe (.not file.)
O87 - FAEL: "{60AFFE9E-29AD-48F4-8CD6-0B7A33631F69}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe (.not file.)
O87 - FAEL: "{146802C4-F29F-4CD8-BFAC-2C9158B93F59}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe (.not file.)
O87 - FAEL: "{10100E84-10C2-491F-9E85-DBD2F362A089}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (.not file.)
O87 - FAEL: "TCP Query User{13D808EB-D301-4F0E-A2C3-3F7F607C0A9D}C:\program files (x86)\city car driving\bin\win32\starter.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\city car driving\bin\win32\starter.exe (.not file.)
O87 - FAEL: "UDP Query User{09049424-252A-4F13-9DC8-09F533CEA362}C:\program files (x86)\city car driving\bin\win32\starter.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\city car driving\bin\win32\starter.exe (.not file.)
O87 - FAEL: "TCP Query User{14513514-DB67-47F1-A9FB-14CB2EB06E9B}C:\program files (x86)\leapftp 3.0\leapftp.exe" [In-None-P6-TRUE] .(.LeapWare - Secure File Transfer Client.) -- C:\program files (x86)\leapftp 3.0\leapftp.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O87 - FAEL: "UDP Query User{67DF69CF-E8F0-41A9-9C1A-22A956FD04CF}C:\program files (x86)\leapftp 3.0\leapftp.exe" [In-None-P17-TRUE] .(.LeapWare - Secure File Transfer Client.) -- C:\program files (x86)\leapftp 3.0\leapftp.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O87 - FAEL: "{BEA8AECD-7FD4-4CC0-9AFE-E67E572E7A60}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.555\ipts.exe (.not file.)
O87 - FAEL: "{82F4EB97-71AD-446A-B4F4-48EC282BE9D0}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.555\ipts.exe (.not file.)
O87 - FAEL: "{3F60AAE4-E5C2-49A4-91B4-CD614BB76ACC}" [In-None-P17-TRUE] .(.YANDEX LLC - Yandex.) -- C:\Users\Default\AppData\Local\Yandex\YandexBrowser\Application\browser.exe {3667E158B524C8FFBFE538172786F1E2}
O87 - FAEL: "TCP Query User{163CA4E7-CCB1-4B14-A54C-AA193CCE1231}D:\test drive unlimited gold\testdriveunlimited.exe" [In-None-P6-TRUE] .(...) -- D:\test drive unlimited gold\testdriveunlimited.exe (.not file.)
O87 - FAEL: "UDP Query User{498FDB65-2602-4E82-8B2A-AE665FA6EFF6}D:\test drive unlimited gold\testdriveunlimited.exe" [In-None-P17-TRUE] .(...) -- D:\test drive unlimited gold\testdriveunlimited.exe (.not file.)
O87 - FAEL: "{A3762890-D383-4737-B4FC-F6E6587A7F55}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.867\jingling.exe (.not file.)
O87 - FAEL: "{B042F640-8665-4EE4-BDB7-E78CCD060F2D}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.867\jingling.exe (.not file.)
O87 - FAEL: "{D4283125-70D8-4197-947A-99E909FD4ACB}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\Desktop\jingling.exe (.not file.)
O87 - FAEL: "{60259E04-DC48-48E3-B747-9DFFCCB3FD83}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\Desktop\jingling.exe (.not file.)
O87 - FAEL: "{88599324-46FE-48F8-8C5B-AAA4193F56B7}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\HotSpot\AHotSpot.exe (.not file.)
O87 - FAEL: "{B7826208-663A-4E05-A74C-A6F029A42EFE}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\HotSpot\AHotSpot.exe (.not file.)
O87 - FAEL: "{76BFB912-7A72-4CF7-A1E4-8A194012BA21}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.)
O87 - FAEL: "{6E0A4835-2AD6-43C0-BE2A-253ADB6AACEB}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.)
O87 - FAEL: "{8D3EBF78-2EAA-4B17-BF75-93771E34DFAE}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\CLICK\HotSpotClick.exe (.not file.)
O87 - FAEL: "{C5EE1E88-CC7D-4507-A521-4EB00BA515A3}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\CLICK\HotSpotClick.exe (.not file.)
O87 - FAEL: "{FEE79D8D-D17A-4430-B49D-330FB98FBF1D}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\CLICK\CustomerPortal.exe (.not file.)
O87 - FAEL: "{61AE076D-CB22-4234-82FD-9DA52FABF77A}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\CLICK\CustomerPortal.exe (.not file.)
O87 - FAEL: "{7FC9C91A-FF15-484A-9770-BBBBD9EF0068}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\DBServer\ADBServer.exe (.not file.)
O87 - FAEL: "{6C2FB606-5B4E-4101-AC2E-8360E687634D}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\DBServer\ADBServer.exe (.not file.)
---\\ Additional Scan (O88) (8) - 0s
HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\Program Files\ByteFence =>.Superfluous.ByteFence
C:\ProgramData\Babylon =>PUP.Optional.Babylon
C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
C:\Users\mourad\AppData\Local\Babylon =>PUP.Optional.Babylon
C:\Users\mourad\AppData\Local\CrashRpt =>.Superfluous.CrashReports
---\\ Summary of the elements found (7) - 0s
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Solvusoft
https://www.nicolascoolman.com/fr/adware-trymedia/ =>PUP.Optional.Trymedia
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Downloader
https://www.anti-malware.top/2016/04/29/superfluous-bytefence/ =>.Superfluous.ByteFence
https://www.nicolascoolman.com/fr/pup-babylon/ =>PUP.Optional.Babylon
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.CrashReports
https://www.nicolascoolman.com/fr/adware-bandoo/ =>PUP.Optional.Bandoo
~ End of the scan, 32416 items in 00h29mn21s (1367)
~ Run by mourad (Administrator) (2016/08/10 18:42:41)
~ Web: https://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:
~ Mode: Scan
~ Report: C:\Users\mourad\Desktop\ZHPDiag.txt
~ Report: C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v52.0.2743.116
MFIE: Mozilla Firefox 48.0 (x64 en-US)
MSIE: Internet Explorer v8.0.7601.17514
---\\ Windows Product Information (4) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO
---\\ System protection software (2) - 11s
Avira Antivirus v15.0.18.354
Avira Launcher v1.1.67.18988
---\\ Surveillance software (1) - 15s
Adobe Flash Player 22 PPAPI
---\\ Sharing software PeerToPeer (1) - 16s
µTorrent v3.4.6.42094
---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3005.624 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 2 GB () free of 83 GB =>Alerte espace disque inférieur à 20 Go
---\\ Connection to the system mode (3) - 0s
~ Computer Name: ANDRIOD-5437890
~ User Name: mourad
~ Logged in as Administrator
---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 2 GB free of 83 GB (System)
~ Drive D: has 0 GB free of 68 GB
~ Drive F: has 0 GB free of 1 GB
---\\ State of the Windows Security Center (11) - 1s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
---\\ Search Generic System Files (25) - 2s
[MD5.AC4C51EB24AA95B77F705AB159189E24] - 20/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation
[MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation
[MD5.F6C5302E1F4813D552F41A0AC82455E5] - 20/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 20/11/2010 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation
[MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation
[MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation
[MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows®
[MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation
[MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation
[MD5.FAF015B07E3A2874A790A39B7D2C579F] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation
[MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation
[MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 20/11/2010 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Windows®
[MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation
[MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation
[MD5.1B6163C503398B23FF8B939C67747683] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows®
---\\ Non Microsoft non disabled Windows Services (16) - 4s
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agr64svc.exe =>.LSI Corporation
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - AGS Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
O23 - Service: Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira Service Host.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG®
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
O23 - Service: Servicio de Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Hotspot Shield 5.4.6.) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc®
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: OpenDHCPServer (OpenDHCPServer) . (...) - C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.)
O23 - Service: Microsoft32 (Service1) . (...) - C:\Windows\syswow64\dwm Service.exe (.not file.)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe =>.Intel(R) Software Development Products®
---\\ Services not Microsoft (SR=Run, SS=Stop) (26) - 248s
SS - Demand [09/08/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [27/03/2009] [ 16896] Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe =>.LSI Corporation
SR - Auto [05/04/2016] [ 2021592] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated®
SS - Auto [28/07/2016] [ 989696] Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG®
SR - Auto [28/07/2016] [ 472112] Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG®
SR - Auto [28/07/2016] [ 472112] Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG®
SS - Auto [28/07/2016] [ 1453696] Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG®
SR - Auto [11/07/2016] [ 309384] Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG®
SS - Demand [14/12/2015] [ 432792] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe =>.Bluestack Systems, Inc.®
SS - Demand [14/12/2015] [ 412312] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe =>.Bluestack Systems, Inc.®
SS - Demand [14/12/2015] [ 854680] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe =>.Bluestack Systems, Inc.®
SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG®
SR - Auto [14/09/2015] [ 414360] Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
SS - Auto [22/11/2015] [ 144200] Servicio de Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [22/11/2015] [ 144200] Servicio de Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc®
SR - Auto [19/07/2016] [ 2729592] Hotspot Shield Service (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc®
SS - Demand [19/07/2016] [ 103168] Hotspot Shield Tray Service (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE =>.AnchorFree Inc®
SS - Disabl [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SS - Auto [10/03/2016] [ 1136608] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [26/07/2016] [ 167880] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SR - Auto [08/01/2016] [ 754784] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.®
SS - Demand [19/02/2010] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated
SS - Auto [14/09/2015] [ 112792] Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe =>.Intel(R) Software Development Products®
SS - Demand [14/09/2015] [ 414360] User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products®
SS - Demand [28/01/2016] [ 115976] Wondershare Driver Install Service (WsDrvInst) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
---\\ Process running (26) - 8s
[MD5.BB3BAB4F1502328C4FB6CCA3C8114F39] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe [472112] [PID.1536] =>.Avira Operations GmbH & Co. KG®
[MD5.B65F8DBA54F251906BBE8611B5A0E7AB] - (.LSI Corporation - LSI Soft Modem Call Progress Service.) -- C:\Program Files\LSI SoftModem\agr64svc.exe [16896] [PID.1732] =>.LSI Corporation
[MD5.C17171E63E84F5711DF23B8F1E7A100E] - (.Adobe Systems, Incorporated - AGS Service.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592] [PID.1760] =>.Adobe Systems Incorporated®
[MD5.BB3BAB4F1502328C4FB6CCA3C8114F39] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe [472112] [PID.1804] =>.Avira Operations GmbH & Co. KG®
[MD5.379A8E0E11D3DECE5F64A0F58DCBBC25] - (.AnchorFree Inc. - Hotspot Shield 5.4.6.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2729592] [PID.1888] =>.AnchorFree Inc®
[MD5.79115ABD7B7B770BBE505D952442AA3E] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [365592] [PID.2308] =>.Intel Corporation®
[MD5.AE3B44E4973E1907A86AA5290C695E94] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.exe [510960] [PID.2344] =>.Intel Corporation - Software and Firmware Products®
[MD5.7DB9E612A2742ACEAB080B882E83141C] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784] [PID.2508] =>.Samsung Electronics CO., LTD.®
[MD5.A8F20318ECF54999E521CEB608027097] - (.TOSHIBA CORPORATION - BtMon4.) -- C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon2.exe [91464] [PID.2636] =>.TOSHIBA CORPORATION®
[MD5.07F7114C29FD873E17111249F771B4A0] - (.TOSHIBA CORPORATION - BtMon4.) -- C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon64.exe [107848] [PID.2704] =>.TOSHIBA CORPORATION®
[MD5.7444E0F4C9991AE3711F5FAB5DB257E1] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831064] [PID.2784] =>.Avira Operations GmbH & Co. KG®
[MD5.6A9838B3761D585B28206BBB51F34516] - (...) -- C:\Program Files (x86)\DFX\DFX.exe [1328632] [PID.2792]
[MD5.F719084EF96E26AAB0BE9E90BC49203E] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe [133624] [PID.3024] =>.Power Technology®
[MD5.66990EF40812633B84FA0964BCA5E954] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe [134648] [PID.3032] =>.Power Technology®
[MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [275512] [PID.2832] =>.Tonec Inc.®
[MD5.8256846E20B6F451A4A6B2EAD057FF25] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [1042232] [PID.3096] =>.Avira Operations GmbH & Co. KG®
[MD5.5F0C87F2FA11C991BB93B84BD02151B3] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384] [PID.3744] =>.Avira Operations GmbH & Co. KG®
[MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.2540] =>.WIBU-SYSTEMS AG®
[MD5.9BB8368CAAB57E0431ADBA1D13DC4ED5] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe [458904] [PID.4200] =>.Intel(R) Software Development Products®
[MD5.0E452B882FEEFCEFF3A8225B89393D1D] - (.Avira Operations GmbH & Co. KG - Avira Launcher.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [151776] [PID.1152] =>.Avira Operations GmbH & Co. KG®
[MD5.359818737539FFA646FD8EFB75378AAF] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360] [PID.1008] =>.Intel(R) Software Development Products®
[MD5.B91D667649661B64063D469B06723F42] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [399816] [PID.3688] =>.Mozilla Corporation®
[MD5.49B9E1A9142DB150A2F80DD46F93EA11] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3966064] [PID.5584] =>.Tonec Inc.®
[MD5.E4EBD7E36C71923B336F118C55150544] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe [2285568] [PID.5496] =>.Nicolas Coolman
[MD5.D49005D77A4F49F97CFD13808407A36C] - (.Microsoft Game Studios - Setup Launcher.) -- C:\Users\mourad\Desktop\AgeOfEmpire3Setupwww.download.ir\Age_Of_Empire_3_Setup_www.download.ir\AOE III DISC 1\setup.exe [311296] [PID.4960] =>.Microsoft Game Studios
[MD5.1D461686B0E32F2DECB587C895A05402] - (.Macrovision Corporation - InstallShield (R) 64-bit Setup Engine.) -- C:\Users\mourad\AppData\Local\Temp\{3D7E40C0-992C-4E72-A083-840D4DF4318A}\ISBEW64.exe [120240] [PID.3968] =>.Macrovision Corporation®
---\\ Google Chrome, Start,Search,Extensions (19) - 4s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://icm.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://api.mixpanel.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://download.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://offers.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://v2.auc.avira.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com
G2 - GCE: Preference [User Data\Default] [ablpcikjmhamjanpibkccdmpoekjigja] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [cpegcopcfajiiibidlaelhjjblpefbjk] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [fdjdjkkjoiomafnihnobkinnfjnnlhdg] Советник Яндекс.Маркета
G2 - GCE: Preference [User Data\Default] [flliilndjeohchalpbbcdekjklbdgfkk] Avira Browser Safety
G2 - GCE: Preference [User Data\Default] [gdljkkmghdkckhaogaemgbgdfophkfco] __MSG_extName__
G2 - GCE: Preference [User Data\Default] [gidgenkbbabolejbgbpnhbimgjbffefm] Vysor
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 13s
P2 - EXT FILE: (.Plebicom - Barre d'outils eBuyClub.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\ebctb@plebicom.xul.xpi
P2 - EXT FILE: (.Hotspot Shield Free VPN Proxy – Unblock Sites - Unblock any blocked website or content.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\hotspot-shield@anchorfree.com.xpi
P2 - EXT FILE: (.Text to Voice - .) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\text2voice@vik.josh.xpi
P2 - EXT FILE: (.Ikrg - RightToClick.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll =>.Adobe Systems Incorporated
---\\ Internet Explorer Extensions, Start, Search (8) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.babal.net/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\System32\Userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation
---\\ Hosts file redirection (1) - 2s
~ Le fichier hôte est sain (The hosts file is clean) (51)
---\\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Internet Explorer Toolbars (1) - 1s
O3 - Toolbar: 0x464CB804BB5A6B47A7D740435D9AE611 - [HKCU]{04B84C46-5ABB-476B-A7D7-40435D9AE611} . (...) -- (.not file.)
---\\ Auto loading programs from Registry and folders (17) - 2s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe =>.Intel Corporation - Software and Firmware Products®
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation®
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKCU\..\Run: [AdobeBridge] (Orphan)
O4 - HKCU\..\Run: [Jump Connect] C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\4.9.8.0\JumpConnect.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Avira SystrayStartTrigger] . (.Avira Operations GmbH & Co. KG - Avira Launcher.) -- C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe =>.Avira Operations GmbH & Co. KG®
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe =>.Avira Operations GmbH & Co. KG®
O4 - HKLM\..\Wow6432Node\Run: [Antamedia DBServer] C:\Antamedia\DBServer\ADBServer.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Antamedia DBServer AsService] (Orphan)
O4 - HKLM\..\Wow6432Node\Run: [DFX] . (...) -- C:\Program Files (x86)\DFX\DFX.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [AdobeBridge] (Orphan)
O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [Jump Connect] C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\4.9.8.0\JumpConnect.exe (.not file.)
---\\ Global shortcuts Startup (102) - 68s
O4 - GS\Desktop [Administrador]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd.
O4 - GS\Desktop [Administrador]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L.
O4 - GS\Desktop [Administrador]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Desktop [Administrador]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc®
O4 - GS\Desktop [Administrador]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe
O4 - GS\Desktop [Administrador]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Administrador]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team
O4 - GS\Desktop [Administrador]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Administrador]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrador]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O4 - GS\Quicklaunch [Administrador]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Administrador]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16}
O4 - GS\Quicklaunch [Administrador]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrador]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe
O4 - GS\Quicklaunch [Administrador]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O4 - GS\Quicklaunch [Administrador]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation
O4 - GS\Quicklaunch [Administrador]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrador]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrador]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Administrador]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.®
O4 - GS\Quicklaunch [Administrador]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O4 - GS\Quicklaunch [Administrador]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe
O4 - GS\sendTo [Administrador]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Administrador]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Administrador]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Administrador]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Administrador]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\TaskBar [Administrador]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [Invitado]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd.
O4 - GS\Desktop [Invitado]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L.
O4 - GS\Desktop [Invitado]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Desktop [Invitado]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc®
O4 - GS\Desktop [Invitado]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe
O4 - GS\Desktop [Invitado]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [Invitado]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team
O4 - GS\Desktop [Invitado]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [Invitado]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [Invitado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Invitado]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O4 - GS\Quicklaunch [Invitado]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [Invitado]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16}
O4 - GS\Quicklaunch [Invitado]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Quicklaunch [Invitado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Invitado]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe
O4 - GS\Quicklaunch [Invitado]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O4 - GS\Quicklaunch [Invitado]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation
O4 - GS\Quicklaunch [Invitado]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Invitado]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Invitado]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [Invitado]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.®
O4 - GS\Quicklaunch [Invitado]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O4 - GS\Quicklaunch [Invitado]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe
O4 - GS\sendTo [Invitado]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Invitado]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [Invitado]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Invitado]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [Invitado]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\TaskBar [Invitado]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [mourad]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd.
O4 - GS\Desktop [mourad]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L.
O4 - GS\Desktop [mourad]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Desktop [mourad]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc®
O4 - GS\Desktop [mourad]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe
O4 - GS\Desktop [mourad]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.®
O4 - GS\Desktop [mourad]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team
O4 - GS\Desktop [mourad]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845}
O4 - GS\Desktop [mourad]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [mourad]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [mourad]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O4 - GS\Quicklaunch [mourad]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.®
O4 - GS\Quicklaunch [mourad]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16}
O4 - GS\Quicklaunch [mourad]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Quicklaunch [mourad]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [mourad]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe
O4 - GS\Quicklaunch [mourad]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O4 - GS\Quicklaunch [mourad]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation
O4 - GS\Quicklaunch [mourad]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [mourad]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [mourad]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.®
O4 - GS\Quicklaunch [mourad]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.®
O4 - GS\Quicklaunch [mourad]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.®
O4 - GS\Quicklaunch [mourad]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe
O4 - GS\sendTo [mourad]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [mourad]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe
O4 - GS\sendTo [mourad]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [mourad]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.®
O4 - GS\sendTo [mourad]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.®
O4 - GS\TaskBar [mourad]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: Avira Launcher.lnk . (.Avira Operations GmbH & Co. KG - Avira Launcher.) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe =>.Avira Operations GmbH & Co. KG®
O4 - GS\CommonDesktop [Public]: Bighits4U Viewer 3.0.lnk . (.Copyright © 2015 - Bighits4U Viewer.) C:\Program Files (x86)\Bighits4U Viewer 3.0\Bighits4U Viewer.exe
O4 - GS\CommonDesktop [Public]: BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks App Player.) C:\ProgramData\BlueStacksGameManager\BlueStacks.exe =>.Bluestack Systems, Inc.®
O4 - GS\CommonDesktop [Public]: FastStone Capture.lnk . (.FastStone Soft - FastStone Capture.) C:\Program Files (x86)\FastStone Capture\FSCapture.exe =>.FastStone Soft
O4 - GS\CommonDesktop [Public]: Genymotion.lnk . (...) C:\Program Files (x86)\Genymobile\Genymotion\genymotion.exe
O4 - GS\CommonDesktop [Public]: Hotspot Shield.lnk . (.AnchorFree Inc. - Hotspot Shield 5.4.6.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe =>.AnchorFree Inc®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: WiFi HotSpot Creator.lnk . (.DanuSoft - WiFi HotSpot Creator.) C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe
O4 - GS\Startup [Public]: Bluetooth Monitor.lnk . (.TOSHIBA CORPORATION - BtMon4.) C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe =>.TOSHIBA CORPORATION®
O4 - GS\Programs [Public]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies®
O4 - GS\Programs [Public]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\favicon.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc
---\\ Lop.com/Domain Hijackers (3) - 1s
O17 - HKLM\System\CCS\Services\Tcpip\..\{F6022B23-CFA9-455A-A514-E928E65E7A09}: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{08B1291A-1623-40D7-AC20-2EBA71FEC140}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE9E45B3-5A5F-41F6-BED6-1F6254ABE04C}: DhcpNameServer = 192.168.3.1 192.168.3.1
---\\ Extra protocols (22) - 1s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation
---\\ Software installed (77) - 202s
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc®
O42 - Logiciel: 7-Data Recovery Suite version 3.6.0 - (.SharpNight Co,Ltd.) [HKLM][64Bits] -- {02386A56-080B-485c-941D-AF96B29140DD}_is1 =>.SharpNight Co,Ltd
O42 - Logiciel: Adobe After Effects CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4817D846-700B-474E-A31B-80892B3E92E3} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 22 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 22 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 22 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Photoshop CS6 patch by zaxo7 1.00 - (...) [HKLM][64Bits] -- Adobe Photoshop CS6 patch by zaxo7 1.00
O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player =>.Adobe Systems, Inc.
O42 - Logiciel: Avira Antivirus v15.0.18.354 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- Avira Antivirus =>.Avira Operations GmbH & Co. KG®
O42 - Logiciel: Avira Launcher v1.1.67.18988 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {92a7fd6b-31e5-472f-862e-79214c5032ef} =>.Avira Operations GmbH & Co. KG®
O42 - Logiciel: Avira Launcher v1.1.67.18988 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {A6634D1D-EA57-45DE-AF8F-0EDD35B912C3} =>.Avira Operations GmbH & Co. KG
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {EFA0FC40-7D96-4515-9715-7C0C5D872326} =>.BlueStack Systems, Inc.
O42 - Logiciel: Bluetooth Monitor 4 - (.TOSHIBA.) [HKLM][64Bits] -- {61539202-097E-487E-9237-B291AB56D54C} =>.Macrovision Corporation®
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: CyberGhost 6 - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost 6_is1 {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L.
O42 - Logiciel: DFX - (.Power Technology.) [HKLM][64Bits] -- DFX =>.Power Technology
O42 - Logiciel: FastStone Capture 7.4 - (.FastStone Soft.) [HKLM][64Bits] -- FastStone Capture =>.FastStone Soft
O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU][64Bits] -- GameRanger =>.GameRanger Technologies®
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Earth Pro - (.Google.) [HKLM][64Bits] -- {35DAA04C-1720-4BE3-A920-A03731EC6A1D} =>.Google
O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {F9B579C2-D854-300A-BE62-A09EB9D722E4} =>.Google
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM][64Bits] -- {31B12C11-AE4E-479F-8D6D-242DC265368D} =>.HitLeap Ltd.
O42 - Logiciel: Hotspot Shield 5.4.6 - (.AnchorFree Inc..) [HKLM][64Bits] -- HotspotShield =>.AnchorFree Inc®
O42 - Logiciel: Hotspot Shield 5.4.6 Embedded - (.Buildbot.) [HKLM][64Bits] -- {AF599C42-A2E5-4251-B7EE-4925A1670923} =>.Buildbot
O42 - Logiciel: IDMActivator-mrelhlawany25.12 25.12 - (.mrelhlawany.com.) [HKLM][64Bits] -- IDMActivator-mrelhlawany25.12 25.12
O42 - Logiciel: Intel(R) Driver Update Utility 2.2.0.5 - (.Intel.) [HKLM][64Bits] -- {C4FB3CF4-C845-4746-A9F5-476908266433} =>.Intel
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI =>.Intel Corporation®
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Java 8 Update 65 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218065F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 65 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418065F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation
O42 - Logiciel: Java 8 Update 66 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418066F0} =>.Oracle Corporation
O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation
O42 - Logiciel: Java SE Development Kit 8 Update 65 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180650} =>.Oracle Corporation
O42 - Logiciel: Kat MP3 Recorder - (.GoodKatShare LLC.) [HKLM][64Bits] -- Kat MP3 Recorder
O42 - Logiciel: Lagarith lossless video codec (Remove Only) - (...) [HKLM][64Bits] -- LAGARITH
O42 - Logiciel: Mediatek RT2870 Wireless LAN Card - (.MediatekWiFi.) [HKLM][64Bits] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation
O42 - Logiciel: Mozilla Firefox 48.0 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 48.0 (x64 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} =>.NVIDIA Corporation
O42 - Logiciel: Oracle VM VirtualBox 5.0.4 - (.Oracle Corporation.) [HKLM][64Bits] -- {FC191F32-1A67-4231-91D0-0059A57C99A8} =>.Oracle Corporation
O42 - Logiciel: PCSX2 - Playstation 2 Emulator - (...) [HKLM][64Bits] -- pcsx2
O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} =>.Adobe Systems Incorporated
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO =>.Power Software Ltd
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp®
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A} =>.Samsung Electronics Co., Ltd.
O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} =>.SAMSUNG ELECTRONICS CO.,LTD.®
O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.®
O42 - Logiciel: SliQ Submitter Plus - (.SliQTools.) [HKLM][64Bits] -- {37146DD2-013F-4344-82B6-F6D1F99C6F3E}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} =>.Adobe Systems, Inc
O42 - Logiciel: TAP-Windows 9.21.1 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer =>.Unity Technologies ApS
O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {C0E08D8D-6076-4117-B644-2AF34F35B757} =>.ClockworkMod
O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {D9C4202E-6D51-4B06-A8F1-22316E654BCA} =>.ClockworkMod
O42 - Logiciel: UnLock Root Pro 3.36 - (.Unlcokroot.) [HKLM][64Bits] -- UnLock Root Pro
O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU][64Bits] -- WhatsApp {046660C4A56E0FD7E8FAC0B7BA03A845}
O42 - Logiciel: WiFi HotSpot Creator - (.DanuSoft.) [HKLM][64Bits] -- {C37344E7-A9A9-4E1F-993C-73AEF17BFDC0}
O42 - Logiciel: WinDirStat 1.1.2 - (...) [HKCU][64Bits] -- WinDirStat
O42 - Logiciel: Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/2 - (.Google, Inc..) [HKLM][64Bits] -- 092555911492C6959D2596D612F52DCA71881CA2 =>.Google, Inc.
O42 - Logiciel: WinRAR 5.11 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: WinRAR 5.30 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: ZTE USB Driver - (.ZTE Corporation.) [HKLM][64Bits] -- ZTE USB Driver =>.ZTE Corporation
---\\ HKCU & HKLM Software Keys (234) - 202s
HKLM\SOFTWARE\Wow6432Node\Act-3D
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\Akella Games
HKLM\SOFTWARE\Wow6432Node\Antamedia
HKLM\SOFTWARE\Wow6432Node\AppDataLow
HKLM\SOFTWARE\Wow6432Node\Apple Inc.
HKLM\SOFTWARE\Wow6432Node\Ashampoo
HKLM\SOFTWARE\Wow6432Node\Atari
HKLM\SOFTWARE\Wow6432Node\AVAST Software
HKLM\SOFTWARE\Wow6432Node\Avira
HKLM\SOFTWARE\Wow6432Node\AVS4YOU
HKLM\SOFTWARE\Wow6432Node\Baidu
HKLM\SOFTWARE\Wow6432Node\BlueStacks
HKLM\SOFTWARE\Wow6432Node\BlueStacksGameManager
HKLM\SOFTWARE\Wow6432Node\Cygwin
HKLM\SOFTWARE\Wow6432Node\DanuSoft
HKLM\SOFTWARE\Wow6432Node\DC-Unlocker
HKLM\SOFTWARE\Wow6432Node\DFX
HKLM\SOFTWARE\Wow6432Node\EA Games
HKLM\SOFTWARE\Wow6432Node\EaseUS
HKLM\SOFTWARE\Wow6432Node\Electronic Arts
HKLM\SOFTWARE\Wow6432Node\Forward Development
HKLM\SOFTWARE\Wow6432Node\fv
HKLM\SOFTWARE\Wow6432Node\fwc
HKLM\SOFTWARE\Wow6432Node\Garmin
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\honestech
HKLM\SOFTWARE\Wow6432Node\HotspotShield
HKLM\SOFTWARE\Wow6432Node\HotspotShield MSI
HKLM\SOFTWARE\Wow6432Node\Huawei technologies
HKLM\SOFTWARE\Wow6432Node\Icaros
HKLM\SOFTWARE\Wow6432Node\Innovative Solutions
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\IObit
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Kat MP3 Recorder
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\Lavasoft
HKLM\SOFTWARE\Wow6432Node\LeapWare
HKLM\SOFTWARE\Wow6432Node\LG Electronics
HKLM\SOFTWARE\Wow6432Node\Licenses
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MarkAny
HKLM\SOFTWARE\Wow6432Node\Mediatek
HKLM\SOFTWARE\Wow6432Node\MediatekWiFi
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Myfree Codec
HKLM\SOFTWARE\Wow6432Node\NCH Software
HKLM\SOFTWARE\Wow6432Node\Notepad++
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenVPN
HKLM\SOFTWARE\Wow6432Node\Opera Software
HKLM\SOFTWARE\Wow6432Node\PATHPILOT
HKLM\SOFTWARE\Wow6432Node\PCSX2
HKLM\SOFTWARE\Wow6432Node\PowerISO
HKLM\SOFTWARE\Wow6432Node\PowerTechnology
HKLM\SOFTWARE\Wow6432Node\Rocket Division Software
HKLM\SOFTWARE\Wow6432Node\RTWS2012
HKLM\SOFTWARE\Wow6432Node\Samsung
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\SoftEther Project
HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft
HKLM\SOFTWARE\Wow6432Node\Sony Corporation
HKLM\SOFTWARE\Wow6432Node\SRS Labs
HKLM\SOFTWARE\Wow6432Node\Steganos
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\TeamViewer
HKLM\SOFTWARE\Wow6432Node\TechSmith
HKLM\SOFTWARE\Wow6432Node\ThinPrint
HKLM\SOFTWARE\Wow6432Node\TOSHIBA
HKLM\SOFTWARE\Wow6432Node\TrueSoftware
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKLM\SOFTWARE\Wow6432Node\VMware, Inc.
HKLM\SOFTWARE\Wow6432Node\Volatile
HKLM\SOFTWARE\Wow6432Node\Vstep
HKLM\SOFTWARE\Wow6432Node\Web Solution Mart
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\WinRAR
HKLM\SOFTWARE\Wow6432Node\Wondershare
HKLM\SOFTWARE\Wow6432Node\WondershareSysMenuDATA
HKLM\SOFTWARE\Wow6432Node\Wow6432Node
HKLM\SOFTWARE\Wow6432Node\X-AVCSD
HKLM\SOFTWARE\Wow6432Node\Xilisoft
HKLM\SOFTWARE\Wow6432Node\Yahoo =>.Yahoo!
HKLM\SOFTWARE\Wow6432Node\ZTE Corporation
HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\8322898
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AI_RecycleBin
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\Antamedia
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Ashampoo
HKCU\SOFTWARE\astragon Software GmbH
HKCU\SOFTWARE\Avira
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\BVRP Software
HKCU\SOFTWARE\Camfrog
HKCU\SOFTWARE\CatDaddyGames
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\ClockworkMod
HKCU\SOFTWARE\csastats
HKCU\SOFTWARE\CyberGhost
HKCU\SOFTWARE\DFX
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\EaseUS
HKCU\SOFTWARE\EFD Software
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\EpmNewsInfo
HKCU\SOFTWARE\eSellerate
HKCU\SOFTWARE\FastStone
HKCU\SOFTWARE\FlashBoot
HKCU\SOFTWARE\Forward Development
HKCU\SOFTWARE\FreeAudioVideo
HKCU\SOFTWARE\fv
HKCU\SOFTWARE\fwc
HKCU\SOFTWARE\GameRanger
HKCU\SOFTWARE\GameSpy
HKCU\SOFTWARE\Genymobile
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hetman Software
HKCU\SOFTWARE\HitLeap
HKCU\SOFTWARE\HmelyoffLabs
HKCU\SOFTWARE\Hola
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IGA
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Jingling
HKCU\SOFTWARE\join.me
HKCU\SOFTWARE\Jump Desktop
HKCU\SOFTWARE\JumpDesktop
HKCU\SOFTWARE\Kungsoft
HKCU\SOFTWARE\Lagarith
HKCU\SOFTWARE\LG Electronics
HKCU\SOFTWARE\Lightrock Entertainment
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\LowRegistry
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Macrovision
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\Magicbit
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MediaChance
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\Mobileleader
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\MTK
HKCU\SOFTWARE\Myfree Codec
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\none
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Oracle
HKCU\SOFTWARE\PalTalk
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\pth264
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\RootGenius
HKCU\SOFTWARE\RSUPPORT
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\SCS Software
HKCU\SOFTWARE\Seifert
HKCU\SOFTWARE\SharpNight
HKCU\SOFTWARE\SightSpeed Inc
HKCU\SOFTWARE\SimpleTV by SergeyVS#3
HKCU\SOFTWARE\SoftEther Project
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\Sony Ericsson
HKCU\SOFTWARE\SplitmediaLabs
HKCU\SOFTWARE\Steganos
HKCU\SOFTWARE\TAdvCheckList
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Telestream
HKCU\SOFTWARE\thriXXX
HKCU\SOFTWARE\TrafficTravisv4
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\URSoft
HKCU\SOFTWARE\Valusoft
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Web Solution Mart
HKCU\SOFTWARE\Wi-Fi Hotspot
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\WinSoftMagic
HKCU\SOFTWARE\Wireshark
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\WsAudio_Device
HKCU\SOFTWARE\WSVCUPlugin
HKCU\SOFTWARE\Xenocode
HKCU\SOFTWARE\Xilisoft
HKCU\SOFTWARE\XperiFirm
HKCU\SOFTWARE\Yahoo =>.Yahoo!
HKCU\SOFTWARE\Yandex
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Yandex
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\MarkAny
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint
HKCU\SOFTWARE\AppDataLow\Software\Unity
---\\ Contents of the Common Files folders (420) - 353s
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 26/11/2015 - [0] D -- C:\Program Files\Apoint2K
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Program Files\Archivos comunes
O43 - CFD: 05/10/2014 - [] D -- C:\Program Files\AuthenTec =>.AuthenTec, Inc.®
O43 - CFD: 22/07/2016 - [] D -- C:\Program Files\ByteFence =>.Superfluous.ByteFence
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\CodeMeter
O43 - CFD: 29/05/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 04/11/2015 - [] D -- C:\Program Files\CPUID
O43 - CFD: 05/08/2016 - [] D -- C:\Program Files\CyberGhost 6 {008A83DCBD56B8AF121E8A95157494BCFB}
O43 - CFD: 23/07/2016 - [] D -- C:\Program Files\DIFX
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 30/07/2016 - [] D -- C:\Program Files\EaseUS
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Farming Simulator 2009 Gold
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\FlashBoot
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Genymobile
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files\Intel =>.Intel(R) Software Development Products®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\LSI SoftModem
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 29/07/2016 - [] D -- C:\Program Files\MiniTool Partition Wizard Free 9.1 =>.MiniTool Solution Ltd®
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 10/04/2016 - [0] D -- C:\Program Files\MPC-HC
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 10/12/2015 - [] D -- C:\Program Files\NetPanel {411290C3B6985D1DD4202A51727A340B}
O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\OBS
O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Oracle =>.Oracle Corporation®
O43 - CFD: 07/11/2015 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics®
O43 - CFD: 27/03/2016 - [0] D -- C:\Program Files\Recuva
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 07/04/2016 - [] D -- C:\Program Files\Samsung =>.Samsung Electronics CO., LTD.®
O43 - CFD: 05/08/2016 - [] D -- C:\Program Files\SoftEther VPN Client Manager =>.SoftEther K.K.®
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files\TAP-Windows
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 17/07/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 08/12/2015 - [] D -- C:\Program Files\Windows Service
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files\Wireshark
O43 - CFD: 28/02/2016 - [] D -- C:\Program Files (x86)\3G ALWA
O43 - CFD: 31/07/2016 - [] D -- C:\Program Files (x86)\7-Data Recovery Suite {658AA5BAA389249FEED00D4D30FA1167}
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated®
O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Adobe Media Player
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Advanced JPEG Compressor
O43 - CFD: 08/08/2016 - [0] D -- C:\Program Files (x86)\Age of Empires II HD The Forgotten
O43 - CFD: 23/07/2016 - [0] D -- C:\Program Files (x86)\ALMzor-G
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Android Data Recovery
O43 - CFD: 15/01/2016 - [] D -- C:\Program Files (x86)\Ashampoo =>.Ashampoo GmbH & Co. KG®
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\AthTek
O43 - CFD: 14/10/2015 - [0] D -- C:\Program Files (x86)\AutoHideIP
O43 - CFD: 10/10/2015 - [] D -- C:\Program Files (x86)\Avira =>.Avira Operations GmbH & Co. KG®
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\AVS4YOU =>.Online Media Technologies Ltd.®
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files (x86)\awsd
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\baidu
O43 - CFD: 04/05/2016 - [] D -- C:\Program Files (x86)\Bighits4U Viewer 3.0
O43 - CFD: 28/12/2015 - [] D -- C:\Program Files (x86)\BlueStacks
O43 - CFD: 03/01/2016 - [0] D -- C:\Program Files (x86)\BusCableCarSimulator
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\ClockworkMod
O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG®
O43 - CFD: 29/05/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\DanuSoft
O43 - CFD: 22/01/2016 - [0] D -- C:\Program Files (x86)\Demolition Company Demo
O43 - CFD: 01/04/2016 - [] D -- C:\Program Files (x86)\Devolutions
O43 - CFD: 16/02/2016 - [] D -- C:\Program Files (x86)\DFX
O43 - CFD: 21/03/2016 - [] HD -- C:\Program Files (x86)\DrFoneAndroid_Temp
O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\DriverPack Notifier {257BEAC53AA38B99FD1B541811F6EE8F}
O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\EaseUS =>.CHENGDU YIWO Tech Development Co., Ltd.®
O43 - CFD: 12/05/2016 - [] D -- C:\Program Files (x86)\Euro Truck Simulator 2
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\EveryonePiano {5BBACF0F21A9FD49D7052465D8766E16}
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Fake Voice 7.0
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Fake Webcam 7.4 {08C9327273D02B7091C71CD09C8A7D1A}
O43 - CFD: 25/05/2016 - [] D -- C:\Program Files (x86)\Farming Simulator 2013 =>.GIANTS Software GmbH®
O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\FastStone Capture
O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files (x86)\Flash Memory Toolkit
O43 - CFD: 15/10/2015 - [] D -- C:\Program Files (x86)\Forward Development
O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\GetData =>.GetData Pty Ltd®
O43 - CFD: 22/11/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc®
O43 - CFD: 18/09/2015 - [] D -- C:\Program Files (x86)\GUM50E0.tmp =>.Google Inc®
O43 - CFD: 10/11/2015 - [] D -- C:\Program Files (x86)\HitLeap =>.HitLeap Ltd.®
O43 - CFD: 23/07/2016 - [] D -- C:\Program Files (x86)\honestech
O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Hotspot Shield =>.AnchorFree Inc®
O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\HSPA USB MODEM
O43 - CFD: 19/02/2016 - [] D -- C:\Program Files (x86)\IDMActivator-mrelhlawany25.12
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\Innovative Solutions
O43 - CFD: 09/08/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.SAMSUNG ELECTRONICS CO.,LTD.®
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility =>.Intel(R) Software Development Products®
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc.®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 16/11/2015 - [] D -- C:\Program Files (x86)\IObit
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.®
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 23/07/2016 - [] D -- C:\Program Files (x86)\Kat MP3 Recorder
O43 - CFD: 22/07/2016 - [0] D -- C:\Program Files (x86)\Kingo Android ROOT
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\LeapFTP 3.0 {7A8AE6A6E5FD53D9195B8B38590E5F41}
O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\LG Electronics
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Lightrock Entertainment
O43 - CFD: 01/05/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 10/12/2015 - [] D -- C:\Program Files (x86)\MarkAny
O43 - CFD: 16/03/2016 - [0] D -- C:\Program Files (x86)\mHotspot
O43 - CFD: 10/08/2016 - [] D -- C:\Program Files (x86)\Microsoft Games
O43 - CFD: 25/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation®
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\Mobile Partner
O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\Money Robot {0098D4F9B401AA7FB70AE7DC9C056354A7}
O43 - CFD: 18/07/2016 - [] D -- C:\Program Files (x86)\Movistar Internet Movil =>.ZTE CORPORATION®
O43 - CFD: 09/08/2016 - [0] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 06/12/2015 - [0] D -- C:\Program Files (x86)\MSXML 4.0
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files (x86)\MyFree Codec
O43 - CFD: 16/03/2016 - [0] D -- C:\Program Files (x86)\MyPublicWiFi
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\NCH Software
O43 - CFD: 17/04/2016 - [] D -- C:\Program Files (x86)\Notepad++ =>.Notepad++®
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 09/04/2016 - [0] D -- C:\Program Files (x86)\OBS
O43 - CFD: 22/07/2016 - [] D -- C:\Program Files (x86)\One Click Root
O43 - CFD: 11/02/2016 - [] D -- C:\Program Files (x86)\PCSX2 1.4.0
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Portable
O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\PowerISO =>.Power Software Ltd®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 08/04/2016 - [0] D -- C:\Program Files (x86)\RSUPPORT
O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\Samsung =>.SAMSUNG ELECTRONICS CO.,LTD.®
O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\SliQTools {427848125931D57EC4B61C5D117A9E34}
O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Sony {25BB963B3E935A88A62D1DD09CF34997}
O43 - CFD: 29/10/2015 - [0] D -- C:\Program Files (x86)\Sony Mobile
O43 - CFD: 16/04/2016 - [] D -- C:\Program Files (x86)\SplitmediaLabs
O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files (x86)\Tanker Truck Simulator 2011
O43 - CFD: 20/04/2016 - [] D -- C:\Program Files (x86)\TechSmith
O43 - CFD: 22/07/2016 - [] D -- C:\Program Files (x86)\Thinix
O43 - CFD: 20/03/2016 - [] D -- C:\Program Files (x86)\thriXXX
O43 - CFD: 08/08/2016 - [] D -- C:\Program Files (x86)\Toshiba =>.TOSHIBA CORPORATION®
O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files (x86)\Trucks & Trailers
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Unlockroot Pro
O43 - CFD: 19/04/2016 - [] D -- C:\Program Files (x86)\VideoLAN
O43 - CFD: 29/05/2016 - [] D -- C:\Program Files (x86)\VMware
O43 - CFD: 11/01/2016 - [0] D -- C:\Program Files (x86)\Vstep
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Web Solution Mart
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\WiFi HotSpot Creator
O43 - CFD: 03/05/2016 - [] D -- C:\Program Files (x86)\WinDirStat
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 17/07/2016 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation®
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\WinPcap
O43 - CFD: 05/10/2014 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH®
O43 - CFD: 02/06/2016 - [] D -- C:\Program Files (x86)\Wondershare
O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Xilisoft
O43 - CFD: 17/08/2015 - [] D -- C:\Program Files (x86)\Your Uninstaller! 7
O43 - CFD: 31/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Data Recovery Suite
O43 - CFD: 08/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
O43 - CFD: 15/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 28/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 04/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bighits4U Viewer
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 05/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6
O43 - CFD: 15/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driving Simulator 2012
O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveryonePiano
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion
O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
O43 - CFD: 19/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 23/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kat MP3 Recorder
O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1
O43 - CFD: 03/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Money Robot
O43 - CFD: 18/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movistar Internet Movil
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nav-u tool
O43 - CFD: 17/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
O43 - CFD: 11/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
O43 - CFD: 07/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
O43 - CFD: 10/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio
O43 - CFD: 08/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voic Changer
O43 - CFD: 30/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiFi HotSpot Creator
O43 - CFD: 03/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
O43 - CFD: 06/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
O43 - CFD: 17/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Apple
O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 15/01/2016 - [] D -- C:\ProgramData\ashampoo
O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\AutoHideIP
O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 10/10/2015 - [] D -- C:\ProgramData\Avira
O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 06/04/2016 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon
O43 - CFD: 17/08/2015 - [] D -- C:\ProgramData\Baidu
O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\BlueStacksGameManager
O43 - CFD: 25/07/2016 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\CodeMeter
O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Database Server
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Datos de programa
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Escritorio
O43 - CFD: 16/04/2016 - [] D -- C:\ProgramData\eSellerate
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Favoritos
O43 - CFD: 07/01/2016 - [0] D -- C:\ProgramData\Garmin
O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Hotspot Shield
O43 - CFD: 05/10/2014 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 23/07/2016 - [] D -- C:\ProgramData\InstallShield
O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Intel
O43 - CFD: 16/11/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\LGMOBILEAX
O43 - CFD: 13/04/2016 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 18/07/2016 - [] D -- C:\ProgramData\Mediatek Driver
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Menú Inicio
O43 - CFD: 06/12/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 11/01/2016 - [] D -- C:\ProgramData\Microsoft Games
O43 - CFD: 03/04/2016 - [0] D -- C:\ProgramData\Money Robot Submitter
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\NCH Software
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\NFS Underground
O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 26/07/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 01/04/2016 - [] D -- C:\ProgramData\Phase Five Systems
O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Plantillas
O43 - CFD: 31/07/2016 - [] D -- C:\ProgramData\ProductData
O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Samsung
O43 - CFD: 13/04/2016 - [] D -- C:\ProgramData\SplitMediaLabs
O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\SP_FT_Logs
O43 - CFD: 20/12/2015 - [] D -- C:\ProgramData\SP_MDT_Logs
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\Sun
O43 - CFD: 26/05/2016 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 16/04/2016 - [0] D -- C:\ProgramData\Telestream
O43 - CFD: 09/08/2016 - [0] AD -- C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 09/01/2013 - [] D -- C:\ProgramData\Test Drive Unlimited
O43 - CFD: 22/07/2016 - [] D -- C:\ProgramData\Thinix
O43 - CFD: 20/03/2016 - [] D -- C:\ProgramData\thriXXX
O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\VMware
O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Wondershare
O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate
O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Xilisoft
O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\Z-Software
O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 20/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 16/02/2016 - [] D -- C:\Program Files (x86)\Common Files\DFX
O43 - CFD: 16/04/2016 - [0] D -- C:\Program Files (x86)\Common Files\eSellerate
O43 - CFD: 08/08/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 27/09/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Common Files\Steganos
O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Web Solution Mart
O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Wondershare
O43 - CFD: 07/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Adobe
O43 - CFD: 22/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Affilorama
O43 - CFD: 15/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Ashampoo
O43 - CFD: 10/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Avira
O43 - CFD: 27/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\AVS4YOU
O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\DMCache
O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\DRPSu
O43 - CFD: 10/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Eusing
O43 - CFD: 14/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\FastStone
O43 - CFD: 04/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\FileZilla
O43 - CFD: 05/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\GameRanger
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Google
O43 - CFD: 21/03/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\HMYGSetting
O43 - CFD: 14/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Hotspot Shield
O43 - CFD: 04/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Identities
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\IDM
O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Innovative Solutions
O43 - CFD: 23/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\InstallShield
O43 - CFD: 31/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\IObit
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Macromedia
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\mourad\AppData\Roaming\Media Center Programs
O43 - CFD: 08/01/2016 - [] SD -- C:\Users\mourad\AppData\Roaming\Microsoft
O43 - CFD: 11/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft Games
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Mozilla
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\MPC-HC
O43 - CFD: 10/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\NCH Software
O43 - CFD: 17/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Notepad++
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\One Click Root
O43 - CFD: 20/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\PDAppFlex
O43 - CFD: 10/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\PowerISO
O43 - CFD: 08/04/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Rsupport
O43 - CFD: 07/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Samsung
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Shuame
O43 - CFD: 04/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Spiritsoft
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\SplitmediaLabs
O43 - CFD: 04/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 10/02/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Steganos
O43 - CFD: 13/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Sun
O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\TechSmith
O43 - CFD: 25/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Thinstall
O43 - CFD: 22/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Traffic Travis v4
O43 - CFD: 19/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Unity
O43 - CFD: 17/08/2015 - [] D -- C:\Users\mourad\AppData\Roaming\URSoft
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\uTorrent
O43 - CFD: 16/04/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Vara Software
O43 - CFD: 29/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\VMware
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\WhatsApp
O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\WinBatch
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\WinRAR
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Wirecast Play
O43 - CFD: 13/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Wireshark
O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Wondershare
O43 - CFD: 13/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Wondershare Video Converter Ultimate
O43 - CFD: 15/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Xilisoft
O43 - CFD: 27/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Yandex
O43 - CFD: 27/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Z-Software
O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\ZHP
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\ZJMedia
O43 - CFD: 13/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
O43 - CFD: 16/03/2016 - [] D -- C:\Users\mourad\AppData\Local\1BN_Software_&_IT_Solutio
O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Local\Adobe
O43 - CFD: 19/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Apple
O43 - CFD: 19/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Apple Computer
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Archivos temporales de Internet
O43 - CFD: 07/10/2014 - [] D -- C:\Users\mourad\AppData\Local\ashampoo
O43 - CFD: 09/04/2016 - [] D -- C:\Users\mourad\AppData\Local\assembly
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\AWSToolkit
O43 - CFD: 06/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Babylon =>PUP.Optional.Babylon
O43 - CFD: 28/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Bluestacks
O43 - CFD: 06/11/2015 - [] D -- C:\Users\mourad\AppData\Local\BusCableCarSimulator
O43 - CFD: 13/04/2016 - [] D -- C:\Users\mourad\AppData\Local\CEF
O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Chromium
O43 - CFD: 09/08/2016 - [0] D -- C:\Users\mourad\AppData\Local\CrashDumps
O43 - CFD: 14/10/2015 - [] D -- C:\Users\mourad\AppData\Local\CrashRpt =>.Superfluous.CrashReports
O43 - CFD: 11/09/2015 - [] D -- C:\Users\mourad\AppData\Local\DanuSoft
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Datos de programa
O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Devolutions
O43 - CFD: 16/02/2016 - [] D -- C:\Users\mourad\AppData\Local\DFX
O43 - CFD: 16/08/2015 - [0] D -- C:\Users\mourad\AppData\Local\Diagnostics
O43 - CFD: 03/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Downloaded Installations
O43 - CFD: 01/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Eclipse
O43 - CFD: 08/08/2016 - [] D -- C:\Users\mourad\AppData\Local\ElevatedDiagnostics
O43 - CFD: 09/12/2015 - [] D -- C:\Users\mourad\AppData\Local\FastStone
O43 - CFD: 09/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Garmin_Ltd._or_its_subsid
O43 - CFD: 05/05/2016 - [] D -- C:\Users\mourad\AppData\Local\Genymobile
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Google
O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Historial
O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Local\Innovative Solutions
O43 - CFD: 20/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Intel
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\IsolatedStorage
O43 - CFD: 09/04/2016 - [] D -- C:\Users\mourad\AppData\Local\join.me
O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Jump Desktop
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Local\Macromedia
O43 - CFD: 05/12/2015 - [] D -- C:\Users\mourad\AppData\Local\MetaGeek,_LLC
O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Microsoft
O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Local\Mozilla
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\oneClickRoot
O43 - CFD: 30/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Opera Software
O43 - CFD: 27/11/2015 - [0] D -- C:\Users\mourad\AppData\Local\Package Cache
O43 - CFD: 08/09/2015 - [] D -- C:\Users\mourad\AppData\Local\Programs
O43 - CFD: 11/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Quadriga Games
O43 - CFD: 05/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Samsung
O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\SplitMediaLabs
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Local\SquirrelTemp
O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Local\TechSmith
O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Local\Temp
O43 - CFD: 25/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Thinstall
O43 - CFD: 19/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Unity
O43 - CFD: 04/10/2014 - [0] D -- C:\Users\mourad\AppData\Local\VirtualStore
O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\VMware
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Local\WhatsApp
O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Wondershare
O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Yandex
O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\ZJMedia
O43 - CFD: 08/09/2015 - [0] D -- C:\Users\mourad\AppData\Local\Programs\Common
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/07/2016 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 27/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 28/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
O43 - CFD: 08/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup
O43 - CFD: 19/02/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 14/07/2009 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
O43 - CFD: 27/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
O43 - CFD: 03/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SliQTools
O43 - CFD: 28/10/2015 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile
O43 - CFD: 08/08/2016 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 20/03/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro
O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
O43 - CFD: 03/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat
O43 - CFD: 06/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 01/04/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashDumps
O43 - CFD: 17/08/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft
---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 1s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation
---\\ System Drivers List (122) - 239s
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows®
O58 - SDL:2009/06/10 21:01:06 A . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\System32\drivers\agrsm64.sys [1146880] =>.LSI Corp
O58 - SDL:2009/07/14 01:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:32:46 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:32:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows®
O58 - SDL:2015/11/19 23:51:14 A . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\System32\drivers\AmUStor.sys [84480] =>.Alcor Micro, Corp.
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows®
O58 - SDL:2012/10/18 11:12:06 A . (.AuthenTec, Inc. - AuthenTec Fingerprint Sensor WBF Driver.) -- C:\Windows\System32\drivers\ATSwpWDF.sys [1111856] =>.AuthenTec, Inc.®
O58 - SDL:2016/07/28 15:21:01 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [171752] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/07/28 15:21:01 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [145984] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2015/09/01 17:09:54 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [28600] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2016/06/05 19:42:47 A . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\drivers\avnetflt.sys [79696] =>.Avira Operations GmbH & Co. KG®
O58 - SDL:2009/06/10 20:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd.
O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 01:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd.
O58 - SDL:2009/06/10 20:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation
O58 - SDL:2016/07/17 03:09:53 A . (.Connectify - Connectify NDISRD helper driver.) -- C:\Windows\System32\drivers\cfywlan1.sys [36736] =>.Connectify (Connectify, Inc.)®
O58 - SDL:2009/07/14 01:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2016/07/17 03:09:52 A . (.Connectify - CNNCTFY helper driver.) -- C:\Windows\System32\drivers\cnnctfy3.sys [43872] =>.Connectify (Connectify, Inc.)®
O58 - SDL:2015/08/31 18:25:56 A . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx11_1x64.sys [28008] =>.Power Technology®
O58 - SDL:2015/11/12 17:27:12 A . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx12x64.sys [29688] =>.Power Technology®
O58 - SDL:2009/06/10 20:35:02 A . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6.) -- C:\Windows\System32\drivers\e1y60x64.sys [281088] =>.Intel Corporation
O58 - SDL:2011/10/20 11:24:16 A . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6.) -- C:\Windows\System32\drivers\e1y62x64.sys [302296] =>.Intel Corporation®
O58 - SDL:2009/07/14 01:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows®
O58 - SDL:2009/06/10 20:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation
O58 - SDL:2015/10/28 14:28:26 A . (.Sony Mobile Communications - SOMC USB Flash Driver Filter.) -- C:\Windows\System32\drivers\ggflt.sys [16088] =>.Sony Mobile Communications AB®
O58 - SDL:2015/10/28 14:28:27 A . (.Sony Mobile Communications - SOMC USB Flash Driver.) -- C:\Windows\System32\drivers\ggsomc.sys [30424] =>.Sony Mobile Communications AB®
O58 - SDL:2009/06/10 20:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc.
O58 - SDL:2010/11/20 13:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows®
O58 - SDL:2015/02/04 02:01:10 A . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\drivers\hssdrv6.sys [44744] =>.AnchorFree Inc®
O58 - SDL:2010/11/20 13:33:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows®
O58 - SDL:2016/08/05 13:04:22 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [217256] =>.Tonec Inc.®
O58 - SDL:2008/07/31 11:32:24 A . (.Infineon Technologies AG - Infineon Trusted Platform Module.) -- C:\Windows\System32\drivers\ifxtpm.sys [58880]
O58 - SDL:2013/02/20 00:44:08 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12312928] =>.Intel Corporation
O58 - SDL:2009/07/14 01:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows®
O58 - SDL:2009/09/04 11:41:24 A . (.ZTE Incorporated - ZTE CDROM Filter.) -- C:\Windows\System32\drivers\massfilter.sys [11776] =>.ZTE Incorporated
O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation®
O58 - SDL:2016/05/09 18:06:48 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:09:06 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64896] =>.Malwarebytes Corporation®
O58 - SDL:2012/12/07 10:28:06 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\Windows\System32\drivers\ndiskhaz.sys [30536] =>.Khalil Azzouzi®
O58 - SDL:2015/11/19 16:06:22 A . (.MediaTek Inc. - MediaTek 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28ux.sys [2246488] =>.MEDIATEK INC.®
O58 - SDL:2010/01/13 16:37:18 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETw5s64.sys [7675392] =>.Intel Corporation
O58 - SDL:2009/06/10 20:35:28 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\netw5v64.sys [5434368] =>.Intel Corporation
O58 - SDL:2012/01/23 14:44:12 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwNs64.sys [8616960] =>.Intel Corporation
O58 - SDL:2009/07/14 01:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows®
O58 - SDL:2010/11/20 13:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows®
O58 - SDL:2011/06/08 17:22:34 A . (. - OEM Driver.) -- C:\Windows\System32\drivers\OEMDrv.sys [268416]
O58 - SDL:2010/08/27 16:04:20 A . (.TCT International Mobile Ltd - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\qcusbser.sys [118016] =>.TCT International Mobile Ltd
O58 - SDL:2009/07/14 01:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows®
O58 - SDL:2009/09/03 10:37:02 A . (.REDC - RICOH MMC Driver.) -- C:\Windows\System32\drivers\rimmpx64.sys [67072] =>.REDC
O58 - SDL:2009/09/03 10:59:28 A . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\drivers\rimspx64.sys [54784] =>.REDC
O58 - SDL:2009/09/24 17:31:14 A . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\drivers\risdsn64.sys [76288] =>.REDC
O58 - SDL:2009/09/03 11:14:30 A . (.REDC - RICOH xD SM Driver.) -- C:\Windows\System32\drivers\rixdpx64.sys [57856] =>.REDC
O58 - SDL:2012/04/24 19:48:04 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4028520] =>.Realtek Semiconductor Corp®
O58 - SDL:2010/12/14 15:41:32 RA . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187.sys [448512] =>.Realtek Semiconductor Corporation
O58 - SDL:2012/12/09 09:51:20 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [126944] =>.Power Software Ltd®
O58 - SDL:2009/06/10 20:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2015/06/04 13:33:50 A . (...) -- C:\Windows\System32\drivers\semav6msr64.sys [21984] =>.Intel(R) Code Signing External®
O58 - SDL:2009/07/14 01:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Device II 1.0 Driver.) -- C:\Windows\System32\drivers\ssm_bus.sys [136192] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_cm.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_cmnt.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Filter Driv.) -- C:\Windows\System32\drivers\ssm_mdfl.sys [18944] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Driver.) -- C:\Windows\System32\drivers\ssm_mdm.sys [172032] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_wh.sys [15872] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_whnt.sys [15872] =>.MCCI Corporation®
O58 - SDL:2016/01/08 08:51:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [120416] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2016/01/08 08:51:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [213088] =>.Samsung Electronics CO., LTD.®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\System32\drivers\ss_bus.sys [127488] =>.MCCI Corporation®
O58 - SDL:2015/05/21 06:02:50 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_cm.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_cmnt.sys [15360] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\System32\drivers\ss_mdfl.sys [18944] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\System32\drivers\ss_mdm.sys [161280] =>.MCCI Corporation®
O58 - SDL:2015/05/21 06:02:50 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_wh.sys [15872] =>.MCCI Corporation®
O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_whnt.sys [15872] =>.MCCI Corporation®
O58 - SDL:2009/07/14 01:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows®
O58 - SDL:2014/11/05 13:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project
O58 - SDL:2015/10/12 20:51:26 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42088] =>.AnchorFree Inc®
O58 - SDL:2012/07/20 13:40:52 A . (.Hajo Krabbenhöft - Personal Voice Changer Driver.) -- C:\Windows\System32\drivers\tenCapture.sys [23736] {0E701C8C223C339FA3C0FCB1AEF5E4A7}
O58 - SDL:2010/06/14 09:32:54 A . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\drivers\TFsExDisk.sys [16448] =>.Teruten, Inc.®
O58 - SDL:2009/06/29 15:16:20 A . (.TOSHIBA Corporation - TOSHIBA HDD Protection - Shock Sensor Drive.) -- C:\Windows\System32\drivers\Thpevm.sys [14784] =>.TOSHIBA CORPORATION®
O58 - SDL:2015/11/19 23:50:22 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\drivers\tosrfec.sys [53624] =>.TOSHIBA CORPORATION®
O58 - SDL:2009/07/14 11:25:14 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ.SYS [26840] =>.TOSHIBA CORPORATION®
O58 - SDL:2013/01/25 21:48:14 A . (.Scott - usbdriver.) -- C:\Windows\System32\drivers\USBDrv_AMD64.sys [18392] =>.Allwinner Technology Co.,Ltd.®
O58 - SDL:2015/09/08 11:48:10 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [964392] =>.Oracle Corporation®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\Windows\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\Windows\System32\drivers\VBoxNetLwf.sys [146072] =>.Oracle Corporation®
O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox USB Driver.) -- C:\Windows\System32\drivers\VBoxUSB.sys [125520] =>.Oracle Corporation®
O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [138904] =>.Oracle Corporation®
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows®
O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows®
O58 - SDL:2012/04/15 21:32:14 A . (.Windows (R) Win 7 DDK provider - WebcamMax Capture.) -- C:\Windows\System32\drivers\wcmvcam64.sys [1071032] {6E0A5E2C7C789BDA175F577FFD554961} =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/05/25 23:29:04 A . (.SplitmediaLabs Limited - XSplit Stream Audio.) -- C:\Windows\System32\drivers\xspltspk.sys [26200] =>.Splitmedialabs Limited®
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/08/21 16:44:00 A . (.ZTE Corporation - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ZTEusbnet.sys [135168] =>.ZTE Corporation
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmeaext.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmeaext2.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [119680] =>.ZTE Incorporated
O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbvoice.sys [119680] =>.ZTE Incorporated
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\Windows\System32\epmntdrv.sys [18528] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\Windows\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.®
O58 - SDL:2013/09/30 15:26:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [19152] =>.MiniTool Solution Ltd®
O58 - SDL:2013/09/30 15:26:48 N . (...) -- C:\Windows\System32\pwdspio.sys [12504] =>.MiniTool Solution Ltd®
---\\ Last modified or created user files (2) - 155s
O61 - LFC: 2016/08/10 11:49:36 A . (..) -- C:\Users\mourad\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [297839]
O61 - LFC: 2016/08/09 20:17:33 A . (..) -- C:\Users\mourad\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [128]
---\\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
O67 - Shell Spawning: <.html>
---\\ Start Menu Internet (12) - 2s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (4) - 94s
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark._edMembers_.lastActivePing", "1466883948937"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.hp.enabled", true); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "myradioaccess@mindspark.com"); =>PUP.Optional.Bandoo
O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.lastInstalled", "myradioaccess@mindspark.com"); =>PUP.Optional.Bandoo
---\\ Search Svchost Services (33) - 4s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation
---\\ Firewall Active Exception List (30) - 23s
O87 - FAEL: "{82485849-57C2-4684-8578-EBD6AB3C94AD}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O87 - FAEL: "{786C5D5E-7A90-4913-B4AF-54545BB3EBF1}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.)
O87 - FAEL: "{587C939D-CF4A-4257-9A5A-8C49781BDDA3}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe (.not file.)
O87 - FAEL: "{BE01F55C-2206-452A-AA15-8DD1EFA906EF}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe (.not file.)
O87 - FAEL: "{60AFFE9E-29AD-48F4-8CD6-0B7A33631F69}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe (.not file.)
O87 - FAEL: "{146802C4-F29F-4CD8-BFAC-2C9158B93F59}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe (.not file.)
O87 - FAEL: "{10100E84-10C2-491F-9E85-DBD2F362A089}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (.not file.)
O87 - FAEL: "TCP Query User{13D808EB-D301-4F0E-A2C3-3F7F607C0A9D}C:\program files (x86)\city car driving\bin\win32\starter.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\city car driving\bin\win32\starter.exe (.not file.)
O87 - FAEL: "UDP Query User{09049424-252A-4F13-9DC8-09F533CEA362}C:\program files (x86)\city car driving\bin\win32\starter.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\city car driving\bin\win32\starter.exe (.not file.)
O87 - FAEL: "TCP Query User{14513514-DB67-47F1-A9FB-14CB2EB06E9B}C:\program files (x86)\leapftp 3.0\leapftp.exe" [In-None-P6-TRUE] .(.LeapWare - Secure File Transfer Client.) -- C:\program files (x86)\leapftp 3.0\leapftp.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O87 - FAEL: "UDP Query User{67DF69CF-E8F0-41A9-9C1A-22A956FD04CF}C:\program files (x86)\leapftp 3.0\leapftp.exe" [In-None-P17-TRUE] .(.LeapWare - Secure File Transfer Client.) -- C:\program files (x86)\leapftp 3.0\leapftp.exe {7A8AE6A6E5FD53D9195B8B38590E5F41}
O87 - FAEL: "{BEA8AECD-7FD4-4CC0-9AFE-E67E572E7A60}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.555\ipts.exe (.not file.)
O87 - FAEL: "{82F4EB97-71AD-446A-B4F4-48EC282BE9D0}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.555\ipts.exe (.not file.)
O87 - FAEL: "{3F60AAE4-E5C2-49A4-91B4-CD614BB76ACC}" [In-None-P17-TRUE] .(.YANDEX LLC - Yandex.) -- C:\Users\Default\AppData\Local\Yandex\YandexBrowser\Application\browser.exe {3667E158B524C8FFBFE538172786F1E2}
O87 - FAEL: "TCP Query User{163CA4E7-CCB1-4B14-A54C-AA193CCE1231}D:\test drive unlimited gold\testdriveunlimited.exe" [In-None-P6-TRUE] .(...) -- D:\test drive unlimited gold\testdriveunlimited.exe (.not file.)
O87 - FAEL: "UDP Query User{498FDB65-2602-4E82-8B2A-AE665FA6EFF6}D:\test drive unlimited gold\testdriveunlimited.exe" [In-None-P17-TRUE] .(...) -- D:\test drive unlimited gold\testdriveunlimited.exe (.not file.)
O87 - FAEL: "{A3762890-D383-4737-B4FC-F6E6587A7F55}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.867\jingling.exe (.not file.)
O87 - FAEL: "{B042F640-8665-4EE4-BDB7-E78CCD060F2D}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.867\jingling.exe (.not file.)
O87 - FAEL: "{D4283125-70D8-4197-947A-99E909FD4ACB}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\Desktop\jingling.exe (.not file.)
O87 - FAEL: "{60259E04-DC48-48E3-B747-9DFFCCB3FD83}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\Desktop\jingling.exe (.not file.)
O87 - FAEL: "{88599324-46FE-48F8-8C5B-AAA4193F56B7}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\HotSpot\AHotSpot.exe (.not file.)
O87 - FAEL: "{B7826208-663A-4E05-A74C-A6F029A42EFE}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\HotSpot\AHotSpot.exe (.not file.)
O87 - FAEL: "{76BFB912-7A72-4CF7-A1E4-8A194012BA21}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.)
O87 - FAEL: "{6E0A4835-2AD6-43C0-BE2A-253ADB6AACEB}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.)
O87 - FAEL: "{8D3EBF78-2EAA-4B17-BF75-93771E34DFAE}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\CLICK\HotSpotClick.exe (.not file.)
O87 - FAEL: "{C5EE1E88-CC7D-4507-A521-4EB00BA515A3}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\CLICK\HotSpotClick.exe (.not file.)
O87 - FAEL: "{FEE79D8D-D17A-4430-B49D-330FB98FBF1D}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\CLICK\CustomerPortal.exe (.not file.)
O87 - FAEL: "{61AE076D-CB22-4234-82FD-9DA52FABF77A}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\CLICK\CustomerPortal.exe (.not file.)
O87 - FAEL: "{7FC9C91A-FF15-484A-9770-BBBBD9EF0068}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\DBServer\ADBServer.exe (.not file.)
O87 - FAEL: "{6C2FB606-5B4E-4101-AC2E-8360E687634D}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\DBServer\ADBServer.exe (.not file.)
---\\ Additional Scan (O88) (8) - 0s
HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft
HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia
HKCU\SOFTWARE\undefined =>.Superfluous.Downloader
C:\Program Files\ByteFence =>.Superfluous.ByteFence
C:\ProgramData\Babylon =>PUP.Optional.Babylon
C:\ProgramData\Trymedia =>PUP.Optional.Trymedia
C:\Users\mourad\AppData\Local\Babylon =>PUP.Optional.Babylon
C:\Users\mourad\AppData\Local\CrashRpt =>.Superfluous.CrashReports
---\\ Summary of the elements found (7) - 0s
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Solvusoft
https://www.nicolascoolman.com/fr/adware-trymedia/ =>PUP.Optional.Trymedia
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Downloader
https://www.anti-malware.top/2016/04/29/superfluous-bytefence/ =>.Superfluous.ByteFence
https://www.nicolascoolman.com/fr/pup-babylon/ =>PUP.Optional.Babylon
https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.CrashReports
https://www.nicolascoolman.com/fr/adware-bandoo/ =>PUP.Optional.Bandoo
~ End of the scan, 32416 items in 00h29mn21s (1367)