~ ZHPDiag v2015.8.9.114 By Nicolas Coolman (2015/08/8)
~ Run by Dr.M.Abou Shaar (Administrator)  (2015/08/16 09:39:32)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:  No network file
~ Mode: Scan
~ Report: C:\Users\Dr.M.Abou Shaar\Desktop\ZHPDiag.txt
~ Report: C:\Users\Dr.M.Abou Shaar\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)

---\\ Internet Browsers (2) - 0s
MFIE: Mozilla Firefox 36.0.4 (x86 en-US) v36.0.4
MSIE: Internet Explorer v11.0.9600.17691

---\\ Windows Product Information (5) - 6s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Key Management Service client information : KO
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ System protection software (1) - 1s
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ System optimization software (1) - 2s
CCleaner v5.00

---\\ Surveillance software (2) - 2s
Adobe Flash Player 15 ActiveX & Plugin
Adobe Reader X - Arabic

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System:  32-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 2570.096 MB (53% free)
~ System Restore: Activé (Enable)
~ System drive C: has 21 GB free of 102 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: DRMABOUSHAAR-PC
~ User Name: Dr.M.Abou Shaar
~ Logged in as Administrator

---\\ Enumeration of the disk units (4) - 0s
~ Drive C: has 21 GB free of 102 GB  (System)
~ Drive D: has 2 GB free of 122 GB
~ Drive E: has 13 GB free of 122 GB
~ Drive F: has 109 GB free of 128 GB

---\\ State of the Windows Security Center (13) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (24) - 1s
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - مستكشف Windows.) () -- C:\Windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - عملية مضيف Windows (Rundll32)‎.) () -- C:\Windows\System32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) () -- C:\Windows\System32\Wininit.exe [96256]
[MD5.EA6EA6912F27F05C61D8D747517EB47E] - (.Microsoft Corporation - ملحقات الإنترنت لـ Win32.) () -- C:\Windows\System32\wininet.dll [1888256]
[MD5.52449FD429D6053B78AE564DEF303870] - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) () -- C:\Windows\System32\Winlogon.exe [304128]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - مكتبة تراخيص البرامج.) () -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]
[MD5.D0B388DA1D111A34366E04EB4A5DD156] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) () -- C:\Windows\System32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [187904]
[MD5.C8DFF8D07755A66C7A4A738930F0FEAC] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [1212352]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) () -- C:\Windows\System32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) () -- C:\Windows\System32\drivers\smb.sys [71168]
[MD5.7FE680A3DFA421C4A8E4879AE4C5AAB0] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوح.) () -- C:\Windows\System32\drivers\volsnap.sys [245632]

---\\ Process running (18) - 1s
[MD5.90EC928E9542B166583D865F99F85BE8] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [208896] [PID.916]
[MD5.1F22CE3D07C3B7874547363E79520211] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [491520] [PID.1408]
[MD5.2870CE9BFD6BA66FB0FFC6D11C9E41A7] - (.Arcai.com - Arp Intelligent Protection Service.) -- C:\Program Files\netcut\services\aips.exe [262144] [PID.1452]
[MD5.B937831896A32FE264B26DD97A3E432D] - (.Kingsoft Corporation - Clean Master.) -- c:\program files\cmcm\Clean Master\cmcore.exe [315208] [PID.1776]
[MD5.FB6F64FA0C5A2EF8179AEC0C13FA1E3F] - (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) -- C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe [29912] [PID.312]
[MD5.133F82B6391F3390BECFA429C23FB2BE] - (.CrypKey (Canada) Ltd. - CrypKey License Service.) -- C:\Windows\System32\Crypserv.exe [122880] [PID.484]
[MD5.E3566F4FD0B1FC99C6ED09E318155D67] - (.Kingsoft Corporation - Clean Master.) -- c:\program files\cmcm\Clean Master\cmtray.exe [771912] [PID.1340]
[MD5.F1DB56A7C59278DC68DE7DBFE9F6C73B] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1343408] [PID.2092]
[MD5.388144E78383D57744398C07A5C007F1] - (.HP - HP Smart-Install Service.) -- C:\Windows\System32\HPSIsvc.exe [99896] [PID.2112]
[MD5.5EF3427AE503B5C03A48F7C9FF458B69] - (.Copyright (C) 2008 - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService.exe [271712] [PID.2224]
[MD5.349AB4F70E2AC44970894E7F03E1576E] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [236384] [PID.2292]
[MD5.808B45DC0F1246E43F11E69ABD52D793] - (.SeriousBit - SeriousBit.NetBalancer.Service.) -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [129288] [PID.2364]
[MD5.0F01BAC5042F046553D2EC0EE5E52B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5075104] [PID.3000]
[MD5.625C98D60AD5AB1FCCBD0E2C0AC0D905] - (...) -- C:\ProgramData\SURF\OnlineUpdate\ouc.exe [655712] [PID.3172]
[MD5.CF4DA06BDC8F11FCF3DDB2DE1B53FA10] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\MisterKen-Studios\Internet Download Manager\IDMan.exe [3437976] [PID.3856]
[MD5.65888A233EA5095AD0604199BF857942] - (.SeriousBit - SeriousBit.NetBalancer.Tray.) -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1801992] [PID.3924]
[MD5.360959BBD4F451E1AB811F4304232766] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120] [PID.1108]
[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\MisterKen-Studios\Internet Download Manager\IEMonitor.exe [263600] [PID.3028]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (1) - 0s
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Chrome In-App Payments service

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (34) - 7s
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\captiondownloader@hiephm.com.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\client@anonymox.net.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\extension@hidemyass.com.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\jid1-cwbvBTE216jjpg@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\tool@fastun.com.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\{3e9a3920-1b27-11da-8cd6-0800200c9a66}.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\searchplugins\Ask.xml
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\searchplugins\askcom.xml
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\searchplugins\avira-safesearch.xml
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\searchplugins\bing.xml
P2 - EXT FILE: (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\searchplugins\Google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml  =>PUP.Optional.BDYahoo
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - EXT: (.Avira - Segurança do navegador Avira.) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\abs@avira.com
P2 - EXT: (.Avira - Avira SafeSearch.) -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\extensions\safesearch@avira.com
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS.) -- C:\Users\Dr.M.Abou Shaar\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_15_0_0_152.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf] - (.Foxit Corporation.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf] - (.Foxit Corporation.) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
P2 - FPN: [HKLM] [@tongbu.com/tongbu,version=0.1] - (.同步网络平台.) -- C:\Program Files\Tongbu\Addin\npTongbuAddin.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (14) - 0s
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean  =>.Microsoft Internet Explorer
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

---\\ Internet Explorer, Proxy Management (R5) (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (31)

---\\ Browser Helper Object (BHO) (O2) (2) - 1s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\MisterKen-Studios\Internet Download Manager\IDMIECC.dll
O2 - BHO: ح¬²½ز»¼ü°²×°ض§³ض - {F72C8153-7140-4FEE-8F69-CA4579D71195} . (.同步网络平台 - 同步助手一键安装控件.) -- C:\Program Files\Tongbu\Addin\tbIEAddin.dll

---\\ Auto loading programs from Registry and folders (O4) (20) - 1s
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
O4 - HKLM\..\Run: [cmsc] . (.Kingsoft Corporation - Clean Master.) -- c:\program files\cmcm\Clean Master\cmtray.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\MisterKen-Studios\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [NetBalancer] . (.SeriousBit - SeriousBit.NetBalancer.Tray.) -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\spreview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - ‎‎MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - ‎‎MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1935820700-733707283-127377599-1000\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe
O4 - HKUS\S-1-5-21-1935820700-733707283-127377599-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\MisterKen-Studios\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1935820700-733707283-127377599-1000\..\Run: [NetBalancer] . (.SeriousBit - SeriousBit.NetBalancer.Tray.) -- C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe

---\\ Lop.com/Domain Hijackers (O17) (9) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 94.252.181.132 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4  =>.Google Public DNS
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 94.252.181.132 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4  =>.Google Public DNS
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 94.252.181.132 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.4.4  =>.Google Public DNS
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 172.20.10.1

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (18) - 1s
O23 - Service: Arp Intelligent Protection Service (AIPS) . (.Arcai.com - Arp Intelligent Protection Service.) - C:\Program Files\netcut\services\aips.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) . (.AOMEI Tech Co., Ltd. - AOMEI Backupper Schedule task service.) - C:\Program Files\AOMEI Backupper Standard Edition 2.0.2\ABService.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Clean Master Core Service (cmcore) . (.Kingsoft Corporation - Clean Master.) - c:\program files\cmcm\Clean Master\cmcore.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\Windows\System32\HPSIsvc.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - SolutionsFrameworkService.) - C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2008 - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: KMService (KMService) . (...) - C:\Windows\System32\srvany.exe  =>PUP.Optional.Office
O23 - Service:  (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service:  (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NetBalancerService (NetBalancerService) . (.SeriousBit - SeriousBit.NetBalancer.Service.) - C:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @C:\Windows\system32\stlang.dll,-10126 (STacSV) . (.IDT, Inc. - IDT PC Audio.) - C:\Program Files\IDT\WDM\stacsv.exe
O23 - Service: SURF. OUC (SURF. RunOuc) . (...) - C:\Program Files\SURF\UpdateDog\ouc.exe

---\\ Task Planned Automatically (O39) (35) - 5s
[MD5.2E4EE47FBD9BB663A5220DBC38579986] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [5282584]
[MD5.F4F482CA1B1564ECE50AEE53FF593E2B] [APT] [Hybrid] (...) -- C:\IORRT\IORRT.bat    [820]
[MD5.F4F482CA1B1564ECE50AEE53FF593E2B] [APT] [IORRT] (...) -- C:\IORRT\IORRT.bat    [820]
[MD5.F7AD0BD4A944A97C13B196215981346C] [APT] [Java Update Scheduler] (.Oracle Corporation.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [224128]
[MD5.00000000000000000000000000000000] [APT] [KsafeDelay] (...) -- C:\Program Files\Kingsoft\PCDoctor\KSafeTray.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{4A6DCF0C-6CF4-4EB0-9626-6577B6E82593}] (...) -- F:\sm3\Game.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{62B14ACD-F1B8-451B-A977-AE9229F9DE22}] (...) -- C:\Program Files\THQ\Nick Games\SpongeBob SquarePants\The Movie\sb4.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{7C7A6CA6-62C4-4EA0-A91B-EA46A0959F8A}] (...) -- C:\Program Files\THQ\Nick Games\SpongeBob SquarePants\The Movie\sb4.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{9B55FCE8-D652-4048-B570-DF52CA03993D}] (...) -- C:\Users\Dr.M.Abou Shaar\Desktop\sonic\éم ، «يëïè\sonic.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C3D3F6CF-5899-43EE-8226-141BDC8FCEBE}] (...) -- C:\Program Files\THQ\Nick Games\SpongeBob SquarePants\The Movie\sb4.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C7092D42-E25A-4E83-9491-F4C5633D193A}] (...) -- C:\Users\Dr.M.Abou Shaar\Desktop\sonic\éم ، «يëïè\sonic.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C8A4AEFA-6F12-44A6-91DD-F97615DBA71B}] (...) -- C:\Program Files\THQ\Nick Games\SpongeBob SquarePants\The Movie\sb4.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{C9048435-6132-4B51-9DA2-102E9A3DDC83}] (...) -- C:\Program Files\THQ\Nick Games\SpongeBob SquarePants\The Movie\sb4.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{CC652F33-7C2A-4BD7-AC58-492FF22F6763}] (...) -- F:\ben 10\pcsx2.exe (.not file.)   [0]
[MD5.ACAD0683F183CA0FCD0621D7659E161C] [APT] [{DD414850-8A77-4CEE-BA82-69BF9396EEDB}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe   [376944]
[MD5.00000000000000000000000000000000] [APT] [{EE58C577-8FA3-43B5-A376-019C5DD9CE78}] (...) -- C:\Program Files\THQ\Nick Games\SpongeBob SquarePants\The Movie\sb4.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{FEAE1F49-E1A7-4FDB-8D04-9A955C6E3945}] (...) -- F:\sm3\Game.exe (.not file.)   [0]
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC   [2792]  =>.Piriform Ltd
O39 - APT: Hybrid - (...) -- C:\Windows\System32\Tasks\Hybrid   [3072]
O39 - APT: IORRT - (...) -- C:\Windows\System32\Tasks\IORRT   [3244]
O39 - APT: Java Update Scheduler - (.Oracle Corporation.) -- C:\Windows\System32\Tasks\Java Update Scheduler   [3680]  =>.Oracle Corporation
O39 - APT: KsafeDelay - (...) -- C:\Windows\System32\Tasks\KsafeDelay   [3188]
O39 - APT: {4A6DCF0C-6CF4-4EB0-9626-6577B6E82593} - (...) -- C:\Windows\System32\Tasks\{4A6DCF0C-6CF4-4EB0-9626-6577B6E82593}   [2930]
O39 - APT: {62B14ACD-F1B8-451B-A977-AE9229F9DE22} - (...) -- C:\Windows\System32\Tasks\{62B14ACD-F1B8-451B-A977-AE9229F9DE22}   [3042]
O39 - APT: {7C7A6CA6-62C4-4EA0-A91B-EA46A0959F8A} - (...) -- C:\Windows\System32\Tasks\{7C7A6CA6-62C4-4EA0-A91B-EA46A0959F8A}   [3042]
O39 - APT: {9B55FCE8-D652-4048-B570-DF52CA03993D} - (...) -- C:\Windows\System32\Tasks\{9B55FCE8-D652-4048-B570-DF52CA03993D}   [3018]
O39 - APT: Orphean - (...) -- C:\Windows\System32\Tasks\{BA437514-E0AF-41D8-A83D-E00331D7D0A0}   [3242]
O39 - APT: {C3D3F6CF-5899-43EE-8226-141BDC8FCEBE} - (...) -- C:\Windows\System32\Tasks\{C3D3F6CF-5899-43EE-8226-141BDC8FCEBE}   [3042]
O39 - APT: {C7092D42-E25A-4E83-9491-F4C5633D193A} - (...) -- C:\Windows\System32\Tasks\{C7092D42-E25A-4E83-9491-F4C5633D193A}   [3018]
O39 - APT: {C8A4AEFA-6F12-44A6-91DD-F97615DBA71B} - (...) -- C:\Windows\System32\Tasks\{C8A4AEFA-6F12-44A6-91DD-F97615DBA71B}   [3042]
O39 - APT: {C9048435-6132-4B51-9DA2-102E9A3DDC83} - (...) -- C:\Windows\System32\Tasks\{C9048435-6132-4B51-9DA2-102E9A3DDC83}   [3042]
O39 - APT: {CC652F33-7C2A-4BD7-AC58-492FF22F6763} - (...) -- C:\Windows\System32\Tasks\{CC652F33-7C2A-4BD7-AC58-492FF22F6763}   [2938]
O39 - APT: {DD414850-8A77-4CEE-BA82-69BF9396EEDB} - (.Mozilla Corporation.) -- C:\Windows\System32\Tasks\{DD414850-8A77-4CEE-BA82-69BF9396EEDB}   [3134]  =>.Mozilla Corporation
O39 - APT: {EE58C577-8FA3-43B5-A376-019C5DD9CE78} - (...) -- C:\Windows\System32\Tasks\{EE58C577-8FA3-43B5-A376-019C5DD9CE78}   [3042]
O39 - APT: {FEAE1F49-E1A7-4FDB-8D04-9A955C6E3945} - (...) -- C:\Windows\System32\Tasks\{FEAE1F49-E1A7-4FDB-8D04-9A955C6E3945}   [2930]

---\\ Software installed (O42) (65) - 10s
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 15 ActiveX & Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Shockwave Player 12.1 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Clean Master - (.Cheetah Mobile.) [HKLM] -- Clean Master
O42 - Logiciel: Dragon Warrior 3 - (...) [HKLM] -- Dragon Warrior 3
O42 - Logiciel: Foxit Reader - (.Foxit Corporation.) [HKLM] -- Foxit Reader_is1
O42 - Logiciel: FreeCommander 2009.02b - (.Marek Jasinski.) [HKLM] -- FreeCommander_is1
O42 - Logiciel: Gardenscapes - Mansion Makeover Collectors Edition - (.www.ad4cd.com.) [HKLM] -- Gardenscapes - Mansion Makeover Collectors Edition_is1
O42 - Logiciel: HP LaserJet Professional P1100-P1560-P1600 Series - (...) [HKLM] -- HP LaserJet Professional P1100-P1560-P1600 Series
O42 - Logiciel: iFunbox (v2.8.2414.748), iFunbox DevTeam - (...) [HKLM] -- iFunbox_is1
O42 - Logiciel: Internet Download Manager 6.09.14 - (.MisterKen-Studios.) [HKLM] -- Internet Download Manager_is1
O42 - Logiciel: K-Lite Codec Pack 10.6.0 Full - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: Malwarebytes Anti-Malware version 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mozilla Firefox 36.0.4 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 36.0.4 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (...) [HKLM] -- MSTTS
O42 - Logiciel: NetBalancer - (.SeriousBit.) [HKLM] -- NetBalancer_is1
O42 - Logiciel: OpenAL - (...) [HKLM] -- OpenAL
O42 - Logiciel: POD-Bot 2.0 - (...) [HKLM] -- POD-Bot 2.0
O42 - Logiciel: POD-Bot 2.5 - (...) [HKLM] -- POD-Bot 2.5
O42 - Logiciel: PPضْتض2.0 Win°و 2.0.0.3636 - (.¹مضفجْبثحّآç؟ئ¼¼سذدق¹«ث¾.) [HKLM] -- PPضْتض2.0 Win°و
O42 - Logiciel: R for Windows 3.1.1 - (.R Core Team.) [HKLM] -- R for Windows 3.1.1_is1
O42 - Logiciel: Khirshyat 1.0 (All in One) - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: Steam - (...) [HKLM] -- Steam
O42 - Logiciel: SURF - (.Huawei Technologies Co.,Ltd.) [HKLM] -- SURF
O42 - Logiciel: TOEFL Official Guide 4.0 - (.McGraw-Hill.) [HKLM] -- TOEFL Official Guide
O42 - Logiciel: Tomb Raider - The Last Revelation - (...) [HKLM] -- Tomb Raider - The Last Revelation
O42 - Logiciel: Tongbu Assistant 2.0.9.0 - (.Xiamen Tongbu Network Ltd..) [HKLM] -- Tongbu2
O42 - Logiciel: UltraISO Premium V9.61 - (...) [HKLM] -- UltraISO_is1
O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive
O42 - Logiciel: VLC media player 2.1.2 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: VobSub v2.23 (Remove Only) - (...) [HKLM] -- VobSub
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM] -- WinPcapInst
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Inter-Tel Collaboration Client 2.0 - (.Inter-Tel (Delaware), Inc..) [HKLM] -- {04f6ffea-6702-11dc-8314-0800200c9a66}
O42 - Logiciel: Inter-Tel Collaboration Client 2.0 - (.Inter-Tel (Delaware), Inc..) [HKLM] -- {0dff3440-a901-11dc-8314-0800200c9a66}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {235EBB33-3DA1-46DF-AADE-9955123409CB}
O42 - Logiciel: Java(TM) 6 Update 13 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}
O42 - Logiciel: Java 7 Update 51 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Java 8 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218000F0}
O42 - Logiciel: Java 8 Update 5 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218005FF}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {2E660A2A-A55F-43CD-9F73-CAD7382EEB78}
O42 - Logiciel: PhoneClean 3.5.2 - (.iMobie Inc..) [HKLM] -- {2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1
O42 - Logiciel: Rosetta Stone TOTALe - (.Rosetta Stone, Ltd.) [HKLM] -- {4010ADCB-1347-D570-FCF1-3002CABEBD2F}
O42 - Logiciel: Camtasia Studio 8 - (.TechSmith Corporation.) [HKLM] -- {45F34E54-DAD9-405B-A4F6-B12B0A46B984}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}
O42 - Logiciel: Skype™ 6.11 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
O42 - Logiciel: FIFA 07 - (...) [HKLM] -- {5A438E06-0BB3-4C5F-0085-B14F1F4077E6}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: دعم تطبيق Apple - (.Apple Inc..) [HKLM] -- {83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Rosetta Stone TOTALe - (.Rosetta Stone, Ltd.) [HKLM] -- {8A1FEA5E-8DB8-AD80-5C14-AEF33D16EF5A}
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM] -- {96D12EC9-720B-45FB-904C-36D6307A1C76}
O42 - Logiciel: AOMEI Backupper Standard Edition 2.0.2 - (.AOMEI Technology Co., Ltd..) [HKLM] -- {A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1
O42 - Logiciel: TSP_CODEC - (.Bytescribe.) [HKLM] -- {A90C03D6-08E1-4C59-B93B-6919A6C0AC19}
O42 - Logiciel: Adobe Reader X - Arabic - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1025-7B44-AA0000000001}
O42 - Logiciel: IDT Audio - (.IDT.) [HKLM] -- {E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {F112F66E-25CA-42DD-983C-6118EB38F606}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent

---\\ HKCU & HKLM Software Keys (230) - 10s
HKLM\SOFTWARE\Activision
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdsFix
HKLM\SOFTWARE\AMD
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\Arcai
HKLM\SOFTWARE\ATI
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\AVS4YOU
HKLM\SOFTWARE\Big Fish Games
HKLM\SOFTWARE\cmcm
HKLM\SOFTWARE\Codemasters
HKLM\SOFTWARE\Core Design
HKLM\SOFTWARE\Croteam
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\Disney Interactive
HKLM\SOFTWARE\DivX
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\EA SPORTS
HKLM\SOFTWARE\EasyBoot Systems
HKLM\SOFTWARE\Eidos Interactive
HKLM\SOFTWARE\Elaborate Bytes
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Foxit Software
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Gentee
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Gold Miner Vegas
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GT Interactive
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\HewlettPackard
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\Icaros
HKLM\SOFTWARE\IDT
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\Infogrames Interactive
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\IO Interactive
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\KONAMI
HKLM\SOFTWARE\Lake
HKLM\SOFTWARE\LAV
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Macrovision
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Marvell
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\NCH Software
HKLM\SOFTWARE\ND
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\PIP  =>Toolbar.Ask
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Protexis
HKLM\SOFTWARE\R-core
HKLM\SOFTWARE\ReflexiveArcade
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Ritual
HKLM\SOFTWARE\Ritual Entertainment
HKLM\SOFTWARE\SEGA
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Softick
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SOSVirus
HKLM\SOFTWARE\SRS Labs
HKLM\SOFTWARE\Stellar information Systems ltd.
HKLM\SOFTWARE\SuppHelpDir
HKLM\SOFTWARE\Sysinternals
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\TrueSoftware
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\TypingMaster Inc
HKLM\SOFTWARE\Ubisoft
HKLM\SOFTWARE\Valve
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Vivendi Universal Games
HKLM\SOFTWARE\VobSub
HKLM\SOFTWARE\Voice
HKLM\SOFTWARE\WIBU-SYSTEMS
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\YRTD
HKCU\SOFTWARE\7Wonders
HKCU\SOFTWARE\ACD Systems
HKCU\SOFTWARE\Activision
HKCU\SOFTWARE\Ada99
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AdsFix
HKCU\SOFTWARE\Andrew Zhezherun
HKCU\SOFTWARE\Andy
HKCU\SOFTWARE\AOMEI
HKCU\SOFTWARE\APN PIP  =>PUP.Optional.Conduit
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Apprentice
HKCU\SOFTWARE\Arcai.com
HKCU\SOFTWARE\Atheros
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\Battlefield Vietnam
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\CCCP
HKCU\SOFTWARE\Cineform
HKCU\SOFTWARE\cmcm
HKCU\SOFTWARE\ComodoGroup
HKCU\SOFTWARE\Conduit  =>PUP.Optional.Conduit
HKCU\SOFTWARE\Core Design
HKCU\SOFTWARE\Corel
HKCU\SOFTWARE\Criterion
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DigiDNA
HKCU\SOFTWARE\Digital Illusions
HKCU\SOFTWARE\Disney Interactive
HKCU\SOFTWARE\DivX
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\EasyBoot Systems
HKCU\SOFTWARE\ej-technologies
HKCU\SOFTWARE\Elaborate Bytes
HKCU\SOFTWARE\Emulators
HKCU\SOFTWARE\Epic MegaGames
HKCU\SOFTWARE\epsxe
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\eSupport.com  =>PUP.Optional.eSupport
HKCU\SOFTWARE\Farm Mania
HKCU\SOFTWARE\Foxit Corporation
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\Freeverse
HKCU\SOFTWARE\Fugazo
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Game Maker
HKCU\SOFTWARE\GameHouse
HKCU\SOFTWARE\Garfield
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Gold Miner Vegas
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Gunman
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\i-FunBox.com
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\ihelper
HKCU\SOFTWARE\ilivid  =>PUP.Optional.Bandoo
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Imobie
HKCU\SOFTWARE\ImTOO
HKCU\SOFTWARE\Infogrames
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Inter-Tel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\KMPlayer
HKCU\SOFTWARE\Kungsoft
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Macrovision
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\Marvell
HKCU\SOFTWARE\MediaChance
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-BE
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\OXXOgames
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PopCap
HKCU\SOFTWARE\PS2Eplugin
HKCU\SOFTWARE\Psiphon3
HKCU\SOFTWARE\redsn0w
HKCU\SOFTWARE\ReflexiveArcade
HKCU\SOFTWARE\Regsk
HKCU\SOFTWARE\RocketDock
HKCU\SOFTWARE\SamLab.ws
HKCU\SOFTWARE\SereneScreen  =>PUP.Optional.MarineAquarium
HKCU\SOFTWARE\SeriousBit
HKCU\SOFTWARE\SharpNight
HKCU\SOFTWARE\SimonTatham
HKCU\SOFTWARE\Skunkstudios
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SwiftLauncher
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Teiron
HKCU\SOFTWARE\The Crazy Hacker
HKCU\SOFTWARE\TikGames
HKCU\SOFTWARE\ToyBox
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\TuneUp
HKCU\SOFTWARE\Twilight
HKCU\SOFTWARE\U.S. Robotics
HKCU\SOFTWARE\Unity
HKCU\SOFTWARE\UsbFix
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\Vision Thing
HKCU\SOFTWARE\Voice
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\YRTD
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\ilividmoviestoolbarha  =>PUP.Optional.Bandoo
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\Unity
HKCU\SOFTWARE\AppDataLow\Software\WinToFlash Suggestor  =>PUP.Optional.WinToFlash

---\\ Contents of the Common Files folders (O43) (360) - 30s
O43 - CFD: 2015/07/30 14:29:24 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2014/12/06 10:58:36 - [] D -- C:\Program Files\AMD
O43 - CFD: 2014/12/06 11:28:13 - [] D -- C:\Program Files\AOMEI Backupper Standard Edition 2.0.2
O43 - CFD: 2014/06/01 22:32:06 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2015/02/26 11:31:29 - [0] D -- C:\Program Files\AVAST Software
O43 - CFD: 2015/03/04 21:53:44 - [] D -- C:\Program Files\BFG
O43 - CFD: 2014/06/01 22:31:22 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2014/04/08 07:18:10 - [] D -- C:\Program Files\Bytescribe
O43 - CFD: 2015/08/07 00:43:40 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2014/10/09 11:56:29 - [] D -- C:\Program Files\cmcm
O43 - CFD: 2015/08/06 11:13:20 - [] D -- C:\Program Files\CodeMeter
O43 - CFD: 2015/06/30 00:37:35 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/07/28 08:14:53 - [] D -- C:\Program Files\Core Design
O43 - CFD: 2014/10/24 13:57:19 - [0] D -- C:\Program Files\CoreCodec
O43 - CFD: 2015/06/21 14:25:03 - [] D -- C:\Program Files\directx
O43 - CFD: 2014/06/06 15:41:08 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 2015/06/28 04:25:08 - [] D -- C:\Program Files\EA SPORTS
O43 - CFD: 2015/08/01 15:31:27 - [] D -- C:\Program Files\Eidos Interactive
O43 - CFD: 2015/02/04 14:19:49 - [] D -- C:\Program Files\Elaborate Bytes
O43 - CFD: 2015/02/26 11:38:00 - [] D -- C:\Program Files\ESET
O43 - CFD: 2014/04/18 14:57:57 - [] D -- C:\Program Files\Foxit Software
O43 - CFD: 2013/10/27 11:22:28 - [] D -- C:\Program Files\FreeCommander
O43 - CFD: 2013/10/18 06:38:44 - [] D -- C:\Program Files\Gabest
O43 - CFD: 2015/06/22 17:18:09 - [] D -- C:\Program Files\Gardenscapes - Mansion Makeover Collectors Edition
O43 - CFD: 2015/02/21 11:36:15 - [] D -- C:\Program Files\Genie Soft
O43 - CFD: 2015/03/04 21:53:57 - [] D -- C:\Program Files\Gold Miner Vegas
O43 - CFD: 2015/02/08 13:33:23 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/08/13 22:42:45 - [] D -- C:\Program Files\GTA San Andreas Multiplayer
O43 - CFD: 2015/08/13 22:32:45 - [] D -- C:\Program Files\GTA San Andreas Multiplayer 2
O43 - CFD: 2015/01/30 16:18:30 - [] D -- C:\Program Files\Hewlett-Packard
O43 - CFD: 2015/01/30 16:18:30 - [] D -- C:\Program Files\HP
O43 - CFD: 2015/07/04 12:35:58 - [] D -- C:\Program Files\i-Funbox DevTeam
O43 - CFD: 2015/06/20 09:58:02 - [] D -- C:\Program Files\IDT
O43 - CFD: 2015/01/16 11:31:00 - [] D -- C:\Program Files\iMobie
O43 - CFD: 2015/08/01 15:35:50 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2014/12/06 11:03:02 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/03/13 20:18:27 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/01/21 20:33:06 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2015/05/09 14:02:00 - [] D -- C:\Program Files\Java
O43 - CFD: 2015/02/12 22:24:29 - [] D -- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 2015/02/09 13:39:31 - [] D -- C:\Program Files\Khirshyat
O43 - CFD: 2015/06/19 12:08:15 - [0] D -- C:\Program Files\Kingsoft
O43 - CFD: 2015/03/16 10:58:47 - [] D -- C:\Program Files\KMPlayer
O43 - CFD: 2015/01/16 14:10:08 - [] D -- C:\Program Files\kuaiyong
O43 - CFD: 2015/08/13 18:21:52 - [] D -- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 2014/11/14 15:58:58 - [] D -- C:\Program Files\McGraw-Hill
O43 - CFD: 2015/06/30 00:34:35 - [] D -- C:\Program Files\Microsoft Analysis Services
O43 - CFD: 2009/07/14 11:27:02 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 2013/10/15 12:24:21 - [] D -- C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 2015/06/30 17:29:59 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2014/11/14 11:16:05 - [] D -- C:\Program Files\Microsoft SDKs
O43 - CFD: 2014/09/18 23:19:01 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2015/06/30 00:37:10 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 2015/06/30 17:29:52 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 2015/06/30 00:37:37 - [] D -- C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 2015/06/30 17:24:50 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2014/11/14 11:16:30 - [] D -- C:\Program Files\Microsoft Visual Studio 9.0
O43 - CFD: 2013/10/15 14:15:15 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2013/10/16 03:33:44 - [] D -- C:\Program Files\MisterKen-Studios
O43 - CFD: 2015/03/23 21:44:40 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/03/24 10:16:51 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2015/06/30 17:30:55 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2014/05/13 21:14:40 - [] D -- C:\Program Files\MSECache
O43 - CFD: 2015/08/05 09:36:35 - [] D -- C:\Program Files\MTN Speed
O43 - CFD: 2014/03/31 10:03:51 - [] D -- C:\Program Files\Mustek 1200 UB Plus
O43 - CFD: 2015/08/14 14:13:46 - [] D -- C:\Program Files\NetBalancer
O43 - CFD: 2015/02/08 13:31:40 - [] D -- C:\Program Files\netcut
O43 - CFD: 2015/01/18 13:41:53 - [] D -- C:\Program Files\NSIS Uninstall Information
O43 - CFD: 2015/06/20 05:52:59 - [] D -- C:\Program Files\OpenAL
O43 - CFD: 2015/02/08 13:32:20 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/03/16 11:00:39 - [] D -- C:\Program Files\PhotoScape
O43 - CFD: 2014/07/10 12:29:54 - [] D -- C:\Program Files\PPضْتض2.0
O43 - CFD: 2014/07/09 12:29:16 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 2014/08/19 10:29:16 - [] D -- C:\Program Files\R
O43 - CFD: 2014/10/24 14:02:30 - [0] D -- C:\Program Files\Recuva
O43 - CFD: 2009/07/14 07:52:30 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/02/12 22:16:26 - [] D -- C:\Program Files\SAM CoDeC Pack
O43 - CFD: 2014/03/10 02:09:17 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2015/07/31 09:58:09 - [] D -- C:\Program Files\Sniper The ManHunter
O43 - CFD: 2013/10/17 12:22:12 - [] D -- C:\Program Files\Softick
O43 - CFD: 2015/06/22 17:37:57 - [] D -- C:\Program Files\SpongeBob SquarePants Obstacle Odyssey 2
O43 - CFD: 2015/08/13 10:08:35 - [] D -- C:\Program Files\Steam
O43 - CFD: 2015/08/06 11:49:19 - [] D -- C:\Program Files\Stellar Phoenix Windows Data Recovery
O43 - CFD: 2015/07/28 03:06:50 - [0] D -- C:\Program Files\Subway Surfers
O43 - CFD: 2015/03/16 11:00:56 - [] D -- C:\Program Files\SumatraPDF
O43 - CFD: 2015/08/15 16:28:13 - [] D -- C:\Program Files\SURF
O43 - CFD: 2015/07/31 09:58:09 - [] D -- C:\Program Files\Team17
O43 - CFD: 2014/07/09 12:28:44 - [] D -- C:\Program Files\TechSmith
O43 - CFD: 2014/10/24 13:59:46 - [] D -- C:\Program Files\The KMPlayer
O43 - CFD: 2015/06/22 17:23:38 - [] D -- C:\Program Files\THQ
O43 - CFD: 2015/02/27 16:13:20 - [] D -- C:\Program Files\Tongbu
O43 - CFD: 2015/02/14 09:29:03 - [] D -- C:\Program Files\UltraISO
O43 - CFD: 2009/07/14 07:53:23 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2015/06/30 21:18:01 - [] D -- C:\Program Files\Unlocker
O43 - CFD: 2014/02/13 09:30:20 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2014/09/20 12:07:53 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 2014/09/20 15:33:38 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 2014/06/06 15:41:09 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 2015/03/13 20:18:24 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2009/07/14 07:52:30 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2014/06/06 15:41:06 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2014/06/06 15:41:07 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 2014/06/06 15:41:08 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2014/05/01 08:28:21 - [] D -- C:\Program Files\WinPcap
O43 - CFD: 2014/10/22 07:51:53 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2013/10/16 01:28:25 - [] D -- C:\Program Files\ZenOK
O43 - CFD: 2015/02/13 10:38:03 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter
O43 - CFD: 2014/12/06 10:41:37 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2013/10/15 12:49:18 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2014/12/06 11:05:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper Standard Edition 2.0.2
O43 - CFD: 2015/02/08 09:01:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2014/10/09 11:56:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Master
O43 - CFD: 2015/07/28 08:14:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Design
O43 - CFD: 2015/07/15 08:37:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon Warrior 3
O43 - CFD: 2015/06/28 04:33:44 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
O43 - CFD: 2015/08/01 15:31:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos Interactive
O43 - CFD: 2015/02/04 14:19:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 2015/02/26 11:38:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 2015/06/16 02:57:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeCommander
O43 - CFD: 2015/05/31 12:45:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2015/08/05 21:44:15 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Golden Al-Wafi Translator
O43 - CFD: 2015/02/08 13:38:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 2014/01/19 08:17:16 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
O43 - CFD: 2015/07/04 12:35:58 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
O43 - CFD: 2015/01/16 11:31:06 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
O43 - CFD: 2015/01/21 20:33:11 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 2014/04/08 07:32:35 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2015/02/12 22:24:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2015/06/21 17:01:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KAPITALSIN
O43 - CFD: 2009/07/14 07:42:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/13 18:21:52 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
O43 - CFD: 2014/11/14 15:59:01 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McGraw-Hill
O43 - CFD: 2013/10/15 12:24:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows - LIVE
O43 - CFD: 2015/08/15 17:50:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2014/09/17 23:44:43 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/08/14 14:12:34 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBalancer
O43 - CFD: 2015/07/15 08:37:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POD-Bot 2.0
O43 - CFD: 2015/07/15 08:37:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POD-Bot 2.5
O43 - CFD: 2014/07/10 12:29:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PPضْتض2.0
O43 - CFD: 2015/08/01 15:26:42 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution 2015
O43 - CFD: 2014/08/19 10:29:56 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
O43 - CFD: 2015/02/04 14:50:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
O43 - CFD: 2015/08/15 17:50:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 2015/06/10 02:20:15 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/08/01 15:26:42 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smurfs
O43 - CFD: 2014/07/18 17:01:29 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Softick
O43 - CFD: 2015/06/28 04:24:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/01 01:08:29 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2015/08/15 16:28:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SURF
O43 - CFD: 2009/07/14 11:26:54 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/07/09 12:29:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
O43 - CFD: 2015/03/16 11:01:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The KMPlayer
O43 - CFD: 2014/06/07 09:02:03 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tongbu Network
O43 - CFD: 2015/07/29 10:22:32 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft
O43 - CFD: 2015/02/16 11:06:02 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 2013/10/18 06:38:45 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub
O43 - CFD: 2014/05/01 08:28:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 2014/10/21 23:34:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/01/21 20:31:02 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 2014/06/02 07:48:58 - [] D -- C:\ProgramData\91 Harbor
O43 - CFD: 2014/05/10 08:27:39 - [0] D -- C:\ProgramData\Acunetix WVS 9
O43 - CFD: 2015/07/30 15:13:45 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2015/07/29 10:19:15 - [] D -- C:\ProgramData\Andy
O43 - CFD: 2014/12/06 11:28:11 - [] D -- C:\ProgramData\AomeiBR
O43 - CFD: 2015/01/16 11:02:18 - [] D -- C:\ProgramData\APN  =>Toolbar.Ask
O43 - CFD: 2014/06/02 08:18:16 - [] D -- C:\ProgramData\Apple
O43 - CFD: 2014/06/01 22:32:43 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 2009/07/14 07:53:55 - [] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/06/22 23:16:25 - [] D -- C:\ProgramData\Arcade Lab
O43 - CFD: 2015/06/14 00:43:09 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 2014/05/01 08:31:35 - [] D -- C:\ProgramData\Atheros
O43 - CFD: 2015/06/18 01:57:01 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 2015/08/13 10:00:57 - [] D -- C:\ProgramData\BlueStacks
O43 - CFD: 2015/06/26 11:05:11 - [] D -- C:\ProgramData\BlueStacksSetup
O43 - CFD: 2015/08/12 22:54:46 - [] D -- C:\ProgramData\cmcm
O43 - CFD: 2014/07/18 16:44:50 - [] HD -- C:\ProgramData\Common Files
O43 - CFD: 2015/03/16 10:42:17 - [] D -- C:\ProgramData\Corel
O43 - CFD: 2014/11/14 11:22:31 - [0] D -- C:\ProgramData\CorelDRAW Graphics Suite X6
O43 - CFD: 2015/01/18 16:15:53 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2015/08/15 16:30:20 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 2009/07/14 07:53:55 - [] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/10/18 06:50:19 - [] D -- C:\ProgramData\DivX
O43 - CFD: 2009/07/14 07:53:55 - [] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/02/26 11:38:01 - [] D -- C:\ProgramData\ESET
O43 - CFD: 2015/06/29 08:30:04 - [] D -- C:\ProgramData\Farm Mania
O43 - CFD: 2009/07/14 07:53:55 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 2015/02/04 14:53:14 - [] D -- C:\ProgramData\FLEXnet
O43 - CFD: 2015/07/21 00:12:14 - [] D -- C:\ProgramData\Fugazo
O43 - CFD: 2015/01/18 13:36:33 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2015/06/29 19:31:35 - [] D -- C:\ProgramData\InterAction studios
O43 - CFD: 2015/06/18 02:21:11 - [] D -- C:\ProgramData\Kingsoft
O43 - CFD: 2015/06/25 17:10:53 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2014/06/27 15:17:02 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 2015/06/30 00:15:04 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/08/15 17:50:52 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/11/28 01:24:17 - [] D -- C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
O43 - CFD: 2015/03/28 19:32:40 - [0] D -- C:\ProgramData\Mozilla
O43 - CFD: 2015/07/22 08:40:43 - [] D -- C:\ProgramData\OnlineUpdate
O43 - CFD: 2014/05/03 07:53:47 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2015/06/20 19:23:48 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2013/10/18 06:10:06 - [] D -- C:\ProgramData\PDVD
O43 - CFD: 2015/07/23 09:47:14 - [] D -- C:\ProgramData\PlayFirst
O43 - CFD: 2015/06/23 18:06:36 - [] D -- C:\ProgramData\Playrix Entertainment
O43 - CFD: 2015/07/22 15:27:29 - [] D -- C:\ProgramData\PopCap Games
O43 - CFD: 2014/11/14 11:23:04 - [] D -- C:\ProgramData\Protexis
O43 - CFD: 2015/02/03 09:57:21 - [0] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 2014/07/09 12:29:19 - [] D -- C:\ProgramData\regid.1995-08.com.techsmith
O43 - CFD: 2015/06/26 00:06:10 - [] D -- C:\ProgramData\RELOADED
O43 - CFD: 2015/06/22 17:08:03 - [] D -- C:\ProgramData\Sandlot Games
O43 - CFD: 2015/06/20 05:57:44 - [] SHD -- C:\ProgramData\SecuROM
O43 - CFD: 2015/08/14 14:13:49 - [] D -- C:\ProgramData\SeriousBit
O43 - CFD: 2014/10/09 11:58:51 - [0] D -- C:\ProgramData\Skype
O43 - CFD: 2015/06/29 07:54:32 - [] D -- C:\ProgramData\SpinTop Games
O43 - CFD: 2009/07/14 07:53:55 - [] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/06/25 17:10:50 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2014/04/08 07:32:56 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2015/01/28 13:04:58 - [0] D -- C:\ProgramData\SUPPORTDIR
O43 - CFD: 2015/06/29 03:43:55 - [] D -- C:\ProgramData\SURF
O43 - CFD: 2014/07/09 12:28:45 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 2015/08/04 18:38:30 - [] AD -- C:\ProgramData\Temp
O43 - CFD: 2009/07/14 07:53:55 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2014/07/21 02:05:24 - [] D -- C:\ProgramData\Tipard Studio
O43 - CFD: 2014/05/01 08:41:01 - [] D -- C:\ProgramData\TP-LINK
O43 - CFD: 2013/10/16 01:28:25 - [0] D -- C:\ProgramData\Zen Data Safe
O43 - CFD: 2015/07/09 00:38:08 - [] D -- C:\ProgramData\{A047F26D-4602-4aaf-ACE7-F6F2ECEC34F9}
O43 - CFD: 2014/07/18 16:56:05 - [0] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 2015/02/03 10:20:59 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2015/02/04 14:47:08 - [] D -- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 2015/01/21 20:31:27 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2014/12/06 10:58:37 - [] D -- C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 2015/06/30 00:37:35 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2015/02/10 01:32:14 - [] D -- C:\Program Files\Common Files\EZB Systems
O43 - CFD: 2015/07/31 09:58:11 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2014/05/03 07:53:58 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 2015/02/04 14:25:50 - [] D -- C:\Program Files\Common Files\Macrovision Shared
O43 - CFD: 2015/06/30 17:22:35 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 2009/07/14 05:37:05 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2014/03/10 02:09:17 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2009/07/14 05:37:05 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/06/30 17:38:54 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2014/07/09 12:28:57 - [] D -- C:\Program Files\Common Files\TechSmith Shared
O43 - CFD: 2015/01/30 12:58:07 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\.mono
O43 - CFD: 2015/06/28 00:50:48 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\7Wonders
O43 - CFD: 2015/07/01 04:33:55 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Activision
O43 - CFD: 2015/02/04 14:46:16 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Adobe
O43 - CFD: 2015/06/24 03:39:04 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\alawar
O43 - CFD: 2014/06/06 10:52:20 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Apple Computer
O43 - CFD: 2013/11/01 12:07:29 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Avant Downloader
O43 - CFD: 2013/11/01 12:07:28 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Avant Profiles
O43 - CFD: 2015/06/18 01:56:29 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\AVS4YOU
O43 - CFD: 2015/03/03 21:17:01 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Charles
O43 - CFD: 2015/02/04 14:53:14 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\com.rosettastone.rosettastonetotale
O43 - CFD: 2014/11/14 11:34:52 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Corel
O43 - CFD: 2015/01/18 13:44:09 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\CyberLink
O43 - CFD: 2014/06/02 09:05:16 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\DiskAid
O43 - CFD: 2015/08/16 01:19:16 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\DMCache
O43 - CFD: 2015/06/26 00:06:18 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Doublefine
O43 - CFD: 2015/08/11 16:23:29 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\dvdcss
O43 - CFD: 2014/10/24 14:21:43 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\ESET
O43 - CFD: 2015/06/21 01:36:57 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Ford Street Racing
O43 - CFD: 2014/04/28 22:10:22 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Foxit Software
O43 - CFD: 2015/07/31 09:58:09 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\FreeCommander
O43 - CFD: 2015/07/25 18:01:34 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Gaijin Ent
O43 - CFD: 2015/07/21 00:27:33 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Games
O43 - CFD: 2015/06/22 05:01:36 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\gtk-2.0
O43 - CFD: 2013/10/15 11:55:30 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Identities
O43 - CFD: 2015/08/11 12:55:29 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\IDM
O43 - CFD: 2015/08/08 15:17:25 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\IDT
O43 - CFD: 2015/08/09 01:00:13 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\iFunbox_UserCache
O43 - CFD: 2015/08/09 01:04:49 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\ihelper2014
O43 - CFD: 2015/01/16 11:31:17 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\iMobie
O43 - CFD: 2014/07/21 02:11:37 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\ImTOO
O43 - CFD: 2014/07/21 02:17:39 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\iPhoneRingToneMaker
O43 - CFD: 2015/06/18 02:19:48 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\kingsoft
O43 - CFD: 2015/01/16 13:04:33 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\kuaiyong
O43 - CFD: 2013/10/15 18:34:55 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Macromedia
O43 - CFD: 2015/08/13 18:22:00 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Malwarebytes
O43 - CFD: 2009/07/14 11:26:54 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Media Center Programs
O43 - CFD: 2015/08/08 14:17:30 - [] SD -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft
O43 - CFD: 2014/03/19 20:57:43 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla
O43 - CFD: 2015/02/10 21:18:58 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\MPC-HC
O43 - CFD: 2015/06/30 17:22:00 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\OpenOffice
O43 - CFD: 2015/01/18 13:42:00 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Opera Software
O43 - CFD: 2013/10/17 13:10:24 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Philipp Winterberg
O43 - CFD: 2015/07/23 09:47:14 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\PlayFirst
O43 - CFD: 2015/06/29 21:52:05 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\PopCapv1002
O43 - CFD: 2015/01/18 13:03:25 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Power MP3 Cutter
O43 - CFD: 2014/06/23 14:03:37 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\redsn0w
O43 - CFD: 2015/07/31 09:58:09 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Robots
O43 - CFD: 2015/06/22 17:41:23 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\SBTT
O43 - CFD: 2015/07/09 00:48:23 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\SEGA
O43 - CFD: 2015/02/08 09:05:09 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Skype
O43 - CFD: 2014/11/16 11:11:21 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 2015/06/22 23:18:51 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Supermarket Mania 2
O43 - CFD: 2014/07/09 12:34:19 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\TechSmith
O43 - CFD: 2015/07/25 18:59:30 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Thinstall
O43 - CFD: 2015/07/09 00:38:07 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Twilight Games
O43 - CFD: 2015/05/30 02:39:05 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\TypingMaster7
O43 - CFD: 2015/01/29 11:45:42 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Unity
O43 - CFD: 2015/08/05 08:09:43 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\uTorrent
O43 - CFD: 2015/08/11 17:10:25 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\vlc
O43 - CFD: 2013/10/16 03:45:42 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\WinRAR
O43 - CFD: 2015/08/16 09:39:56 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\ZHP
O43 - CFD: 2015/07/06 19:22:29 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Activision
O43 - CFD: 2015/02/04 14:46:24 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Adobe
O43 - CFD: 2013/11/01 15:54:35 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Apple
O43 - CFD: 2014/06/01 22:33:57 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Apple Computer
O43 - CFD: 2013/10/15 11:53:27 - [] SHD -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Application Data
O43 - CFD: 2014/07/27 04:40:36 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Big Fish
O43 - CFD: 2014/05/18 14:14:54 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\cache
O43 - CFD: 2015/08/14 12:18:35 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\CrashDumps
O43 - CFD: 2015/01/18 13:43:07 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\CyberLink
O43 - CFD: 2015/06/22 17:30:01 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Diagnostics
O43 - CFD: 2014/06/02 08:07:42 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\DigiDNA
O43 - CFD: 2015/08/08 14:25:16 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2014/11/14 23:50:06 - [] SHD -- C:\Users\Dr.M.Abou Shaar\AppData\Local\EmieBrowserModeList
O43 - CFD: 2014/10/21 07:44:58 - [] SHD -- C:\Users\Dr.M.Abou Shaar\AppData\Local\EmieSiteList
O43 - CFD: 2014/10/21 07:44:58 - [] SHD -- C:\Users\Dr.M.Abou Shaar\AppData\Local\EmieUserList
O43 - CFD: 2014/10/24 14:21:43 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\ESET
O43 - CFD: 2013/12/14 11:55:08 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Facebook
O43 - CFD: 2015/02/08 13:32:56 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Google
O43 - CFD: 2015/03/01 01:23:08 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\GscWare
O43 - CFD: 2015/01/30 16:28:08 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Hewlett-Packard
O43 - CFD: 2013/10/15 11:53:27 - [] SHD -- C:\Users\Dr.M.Abou Shaar\AppData\Local\History
O43 - CFD: 2015/01/16 11:31:23 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\iMobie_Inc
O43 - CFD: 2015/06/18 02:34:22 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\KSafe
O43 - CFD: 2013/10/21 07:23:56 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Macromedia
O43 - CFD: 2013/10/18 06:09:59 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\MediaServer
O43 - CFD: 2015/08/08 14:17:30 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Microsoft
O43 - CFD: 2014/11/07 20:12:48 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Microsoft Games
O43 - CFD: 2015/08/08 23:09:51 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Microsoft Help
O43 - CFD: 2013/11/12 00:50:44 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Mozilla
O43 - CFD: 2015/03/17 11:45:39 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Norman Malware Cleaner
O43 - CFD: 2015/01/18 13:42:00 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Opera Software
O43 - CFD: 2014/05/10 08:27:39 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\PDFDecrypter
O43 - CFD: 2014/05/16 10:04:47 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Programs
O43 - CFD: 2015/06/20 05:57:56 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Rockstar Games
O43 - CFD: 2015/07/28 03:36:01 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\SKIDROW
O43 - CFD: 2014/07/09 12:37:32 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\TechSmith
O43 - CFD: 2015/08/16 09:39:12 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Temp
O43 - CFD: 2013/10/15 11:53:27 - [] SHD -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/01/29 11:42:23 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Unity
O43 - CFD: 2015/06/29 19:41:15 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Local\VirtualStore
O43 - CFD: 2009/07/14 07:42:04 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/03/13 20:32:23 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/06/22 05:30:10 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Andy
O43 - CFD: 2015/07/22 15:24:39 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy Games 7
O43 - CFD: 2015/08/13 22:45:36 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 2013/10/18 06:28:00 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
O43 - CFD: 2014/07/09 21:11:36 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Inter-Tel Collaboration
O43 - CFD: 2015/02/09 13:39:31 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Khirshyat 1.0
O43 - CFD: 2009/07/14 07:37:42 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/06/30 01:25:06 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/07/01 01:47:37 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POD-Bot 2.0
O43 - CFD: 2015/07/01 01:56:58 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\POD-Bot 2.5
O43 - CFD: 2013/10/24 21:34:56 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softick
O43 - CFD: 2015/05/08 21:50:08 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/01 01:08:29 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 2013/10/18 06:38:45 - [0] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub
O43 - CFD: 2014/10/21 23:34:22 - [] D -- C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (12) - 2s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM  [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher  [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\AdobeCS6ServiceManager  [Key] . (...) -- C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\BCSSync  [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O53 - SMSR:HKLM\...\startupreg\jswtrayutil  [Key] . (...) -- C:\Program Files\Jumpstart\jswtrayutil.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Persistence  [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\Skype  [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\Steam  [Key] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched  [Key] . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jusched.exe
O53 - SMSR:HKLM\...\startupreg\UnlockerAssistant  [Key] . (...) -- C:\Program Files\Unlocker\UnlockerAssistant.exe
O53 - SMSR:HKLM\...\startupreg\VirtualCloneDrive  [Key] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
O53 - SMSR:HKLM\...\startupreg\同步助手移动服务  [Key] . (.同步网络平台 - 同步助手服务.) -- C:\Program Files\Tongbu\tbMobileService.exe

---\\ System Drivers List (SDL) (O58) (119) - 79s
O58 - SDL:2015/02/27 17:56:28 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\30FB75B0.sys   [114904]
O58 - SDL:2015/03/09 06:50:10 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\39BD5228.sys   [114904]
O58 - SDL:2014/11/09 18:52:02 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\3CC54525.sys   [114904]
O58 - SDL:2015/04/05 00:58:46 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\42730CD4.sys   [114904]
O58 - SDL:2014/10/12 21:55:50 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\48230029.sys   [110296]
O58 - SDL:2014/10/27 21:35:08 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\6B822032.sys   [114904]
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [422976]
O58 - SDL:2009/07/14 04:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [297552]
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys   [146512]
O58 - SDL:2009/07/14 04:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [14400]
O58 - SDL:2014/04/18 05:39:04 A . (.Advanced Micro Devices - AMD ACP Kernel Service Driver.) -- C:\Windows\System32\drivers\amdacpksd.sys   [247520]
O58 - SDL:2011/03/11 08:38:37 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [80256]
O58 - SDL:2009/07/14 04:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [159312]
O58 - SDL:2011/03/11 08:38:37 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [22400]
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [76368]
O58 - SDL:2009/07/14 04:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [86608]
O58 - SDL:2010/01/05 19:20:10 A . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\drivers\athur.sys   [1500160]
O58 - SDL:2014/04/18 05:35:20 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys   [13515264]
O58 - SDL:2014/04/18 04:06:30 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys   [512000]
O58 - SDL:2009/07/14 01:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys   [229888]
O58 - SDL:2015/08/09 22:20:12 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\BA0F4CFE.sys   [135264]
O58 - SDL:2010/03/22 22:50:00 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL6.SYS   [2709056]
O58 - SDL:2009/07/14 01:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [13568]
O58 - SDL:2009/07/14 01:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [5248]
O58 - SDL:2009/07/14 03:57:25 A . (.Brother Industries Ltd. - برنامج تشغيل I/F التسلسلي لـ Brotehr (WDM)‎.) -- C:\Windows\System32\drivers\BrSerId.sys   [272128]
O58 - SDL:2009/07/14 01:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [62336]
O58 - SDL:2009/07/14 01:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [12160]
O58 - SDL:2009/07/14 01:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [11904]
O58 - SDL:2014/01/28 11:28:45 A . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\Windows\System32\drivers\btwavdt.sys   [175144]
O58 - SDL:2009/07/14 01:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys   [430080]
O58 - SDL:2009/07/14 04:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [15952]
O58 - SDL:2009/07/14 04:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys   [70720]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys   [188808]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys   [134248]
O58 - SDL:2010/12/17 01:57:57 A . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys   [31088]
O58 - SDL:2009/07/14 04:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [453712]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys   [174400]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys   [37416]
O58 - SDL:2013/09/17 15:17:38 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys   [49240]
O58 - SDL:2009/07/14 01:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys   [3100160]
O58 - SDL:2015/08/15 16:26:27 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys   [25856]
O58 - SDL:2015/08/15 16:26:27 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys   [195200]
O58 - SDL:2015/08/15 16:26:28 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys   [353792]
O58 - SDL:2015/08/15 16:26:28 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys   [19200]
O58 - SDL:2015/08/15 16:26:28 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys   [102784]
O58 - SDL:2015/08/15 16:26:28 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys   [73984]
O58 - SDL:2015/08/15 16:26:28 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys   [89856]
O58 - SDL:2015/08/15 16:26:29 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys   [66688]
O58 - SDL:2015/08/15 16:26:29 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys   [26624]
O58 - SDL:2015/08/15 16:26:29 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys   [190976]
O58 - SDL:2015/08/15 16:26:29 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys   [11136]
O58 - SDL:2012/08/21 13:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys   [26840]
O58 - SDL:2009/07/14 01:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [26624]
O58 - SDL:2011/09/22 11:38:36 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECI.sys   [41216]
O58 - SDL:2009/07/14 04:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [67152]
O58 - SDL:2011/05/20 11:43:02 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\drivers\iaStor.sys   [461592]
O58 - SDL:2014/04/24 17:34:12 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\drivers\iaStorA.sys   [490856]
O58 - SDL:2014/04/24 17:34:12 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys   [24424]
O58 - SDL:2011/03/11 08:38:51 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys   [332160]
O58 - SDL:2011/07/06 17:14:42 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys   [89376]
O58 - SDL:2014/03/20 07:40:40 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys   [3768320]
O58 - SDL:2009/07/14 04:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [41040]
O58 - SDL:2014/08/20 10:07:24 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys   [368368]
O58 - SDL:2008/05/15 03:28:44 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys   [20384]
O58 - SDL:2014/10/09 11:56:30 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi.sys   [81768]
O58 - SDL:2014/10/09 11:56:30 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi64.sys   [56680]
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [95824]
O58 - SDL:2009/07/14 04:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [89168]
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [54864]
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [96848]
O58 - SDL:2013/08/20 14:07:34 A . (...) -- C:\Windows\System32\drivers\MacrobileAssDriver.sys   [12128]
O58 - SDL:2013/04/04 14:50:32 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys   [22856]
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [30800]
O58 - SDL:2009/07/14 04:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [235584]
O58 - SDL:2015/08/15 16:26:29 A . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\drivers\mod7700.sys   [861696]
O58 - SDL:2010/10/14 04:55:06 A . (.Marvell Semiconductor, Inc. - USB EWS Device Driver.) -- C:\Windows\System32\drivers\mvusbews.sys   [17408]
O58 - SDL:2015/06/30 09:28:30 A . (.SeriousBit - nbdrv helper driver.) -- C:\Windows\System32\drivers\nbdrv.sys   [35344]
O58 - SDL:2012/12/07 10:34:48 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\Windows\System32\drivers\ndiskhaz.sys   [25416]
O58 - SDL:2009/07/14 04:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [44624]
O58 - SDL:2013/03/01 04:48:42 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys   [36600]
O58 - SDL:2011/03/11 08:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [117120]
O58 - SDL:2011/03/11 08:39:00 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [143744]
O58 - SDL:2009/07/14 04:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1383488]
O58 - SDL:2009/07/14 04:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [106064]
O58 - SDL:2014/07/16 06:06:16 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys   [719064]
O58 - SDL:2011/09/08 18:40:24 A . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\drivers\Rtlh86.sys   [363112]
O58 - SDL:2011/02/15 13:37:10 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsPStor.sys   [251496]
O58 - SDL:2009/07/13 23:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [20480]
O58 - SDL:2009/07/14 04:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [40016]
O58 - SDL:2009/07/14 04:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [77888]
O58 - SDL:2009/07/14 04:19:04 A . (.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [21072]
O58 - SDL:2013/12/05 00:32:36 A . (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\drivers\stwrt.sys   [459264]
O58 - SDL:2014/08/16 00:35:00 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys   [45056]
O58 - SDL:2014/11/21 15:16:54 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys   [744520]
O58 - SDL:2014/11/21 15:16:32 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys   [116184]
O58 - SDL:2014/11/21 15:16:32 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys   [104384]
O58 - SDL:2011/01/15 19:20:14 A . (.Elaborate Bytes AG - VirtualCloneCD Driver.) -- C:\Windows\System32\drivers\VClone.sys   [30208]
O58 - SDL:2009/07/14 04:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [16976]
O58 - SDL:2009/07/14 04:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [141904]
O58 - SDL:2014/08/19 16:47:14 A . (...) -- C:\Windows\System32\ambakdrv.sys   [26424]
O58 - SDL:2014/08/19 16:47:14 A . (...) -- C:\Windows\System32\ammntdrv.sys   [129720]
O58 - SDL:2014/08/19 16:47:14 A . (...) -- C:\Windows\System32\amwrtdrv.sys   [14392]
O58 - SDL:2009/07/14 00:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:2010/01/05 19:20:10 RA . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\athur.sys   [1500160]
O58 - SDL:2008/03/17 19:45:52 A . (...) -- C:\Windows\System32\Ckldrv.sys   [19584]
O58 - SDL:2009/07/14 00:40:44 A . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:2009/07/14 00:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:2009/07/14 00:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:2009/07/14 00:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:2009/07/14 00:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:2009/07/14 00:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:2009/07/14 00:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:2009/07/14 00:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:2009/07/14 00:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:2009/07/14 00:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:2009/07/14 00:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:2009/07/14 00:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:2009/07/14 00:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:2009/07/14 00:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]

---\\ Last modified or created user files (O61) (3) - 187s
O61 - LFC: 2015/08/11 13:03:03 A . (..) -- C:\Users\Dr.M.Abou Shaar\Downloads\stinger32.exe   [4227949]
O61 - LFC: 2015/08/11 23:12:32 A . (.SosVirus.) -- C:\Users\Dr.M.Abou Shaar\Downloads\Programs\AdsFix.exe   [2694280]
O61 - LFC: 2015/08/11 23:12:32 A . (.SosVirus.) -- C:\Users\Dr.M.Abou Shaar\Desktop\Programs\AdsFix.exe   [2694280]

---\\ File Associations Shell Spawning (O67) (10) - 1s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - ‎‎مشغل الأداة الإضافية لعارض الأحداث.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - ‎‎محرر التسجيل.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

---\\ Start Menu Internet (SMI) (O68) (12) - 0s
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe 
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- c:\program files\internet explorer\iexplore.exe 
O68 - StartMenuInternet: <Torch.V7ZL2GPBGRKJ4M352RJUUJQTGY> <Torch>[HKLM\..\Shell\open\Command] (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Torch\Application\torch.exe   =>PUP.Optional.Torch*
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Torch.V7ZL2GPBGRKJ4M352RJUUJQTGY> <Torch>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Torch\Application\torch.exe (.not file.)  =>PUP.Optional.Torch
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Torch.V7ZL2GPBGRKJ4M352RJUUJQTGY> <Torch>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Torch\Application\torch.exe (.not file.)  =>PUP.Optional.Torch
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <Torch.V7ZL2GPBGRKJ4M352RJUUJQTGY> <Torch>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Torch\Application\torch.exe (.not file.)  =>PUP.Optional.Torch

---\\ Search Browser Infection (SBI) (O69) (7) - 12s
O69 - SBI: C:\Users\Dr.M.Abou Shaar\AppData\Roaming\Mozilla\Firefox\Profiles\jwjpd38j.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [Dr.M.Abou Shaar - jwjpd38j.default] user_pref("Datamngr.Updater.Enabled", "true");  =>PUP.Optional.Datamngr
O69 - SBI: prefs.js [Dr.M.Abou Shaar - jwjpd38j.default] user_pref("browser.search.defaultengine", "Ask.com");  =>Toolbar.Ask
O69 - SBI: prefs.js [Dr.M.Abou Shaar - jwjpd38j.default] user_pref("browser.search.order.1", "Ask.com");  =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {0191A6B0-1154-4C22-9182-23A95BBE92D9} - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} - (Ask.com) - http://dts.search.ask.com/  =>PUP.Optional.Bandoo

---\\ Search Svchost Services (SSS) (O83) (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll   [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة الخادم.) -- C:\Windows\System32\srvsvc.dll   [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll   [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL   [679424]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - خدمة صوت Windows.) -- C:\Windows\System32\audiosrv.dll   [475136]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - إدارة الطلب التلقائي للوصول عن بُعد.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - خدمة الإعلام بأحداث النظام (SENS).) -- C:\Windows\System32\Sens.dll   [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll   [523776]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1973728]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - خدمة النقل الذكي في الخلفية.) -- C:\Windows\System32\qmgr.dll   [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll   [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll   [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll   [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - خدمة معلومات التطبيقات.) -- C:\Windows\System32\appinfo.dll   [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - خدمة اكتشاف iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - خدمة جدولة فئات تعدد الوسائط.) -- C:\Windows\System32\mmcss.dll   [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll   [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164864]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll   [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL   [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - خدمة تكوين سطح المكتب البعيد.) -- C:\Windows\System32\SessEnv.dll   [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة مستعرض الكم.) -- C:\Windows\System32\browser.dll   [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات نُسق Windo.) -- C:\Windows\System32\themeservice.dll   [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - خدمة BDE.) -- C:\Windows\System32\bdesvc.dll   [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll   [149504]

---\\ Firewall Active Exception List (FirewallRules) (O87) (10) - 2s
O87 - FAEL: "TCP Query User{ABF5C96B-E51E-4440-B6CF-29157E851E94}C:\program files\ppضْتض2.0\ihelper.exe" [In-None-P6-TRUE] .(.广州铁人网络科技有限公司 - PP助手.) -- C:\program files\ppضْتض2.0\ihelper.exe
O87 - FAEL: "UDP Query User{E4FF3FED-BD9B-4ED1-AEC6-65D1E4CB8380}C:\program files\ppضْتض2.0\ihelper.exe" [In-None-P17-TRUE] .(.广州铁人网络科技有限公司 - PP助手.) -- C:\program files\ppضْتض2.0\ihelper.exe
O87 - FAEL: "TCP Query User{210D83E5-0C47-4212-BAFB-4F0AC87CD435}C:\program files\ppضْتض2.0\ihelper.exe" [In-None-P6-TRUE] .(.广州铁人网络科技有限公司 - PP助手.) -- C:\program files\ppضْتض2.0\ihelper.exe
O87 - FAEL: "UDP Query User{557F4BA9-E87F-4B81-A689-B48C913404D3}C:\program files\ppضْتض2.0\ihelper.exe" [In-None-P17-TRUE] .(.广州铁人网络科技有限公司 - PP助手.) -- C:\program files\ppضْتض2.0\ihelper.exe
O87 - FAEL: "{39D59B9F-E359-4559-B4C7-154875257D35}" [In-None-P6-TRUE] .(...) -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Temp\KMSnano\qemu-system-i386.exe (.not file.)  =>HackTool.AutoKMS
O87 - FAEL: "{D1F7DB16-FF04-47CA-9FC3-C088B4514B3A}" [In-None-P17-TRUE] .(...) -- C:\Users\Dr.M.Abou Shaar\AppData\Local\Temp\KMSnano\qemu-system-i386.exe (.not file.)  =>HackTool.AutoKMS
O87 - FAEL: "{15657C5B-6C94-44CE-9FAF-30817DBDD3D3}" [In-None-P6-TRUE] .(...) -- C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe (.not file.)
O87 - FAEL: "{C4D0D2CD-0E6A-47F5-BAA4-DF93FE133058}" [In-None-P17-TRUE] .(...) -- C:\Program Files\MyPublicWiFi\MyPublicWiFi.exe (.not file.)
O87 - FAEL: "{440BF5EF-D6F5-4149-AEC6-39EAD6E0277E}" [In-None-P6-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
O87 - FAEL: "{3D793280-675A-4549-8932-775BAD11D0B6}" [In-None-P17-TRUE] .(.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe

---\\ Search Tracing Registry Key (O100) (6) - 4s
HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup-r641-n-bf_RASAPI32  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup-r641-n-bf_RASMANCS  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\Offercast_AVIRAV7__RASAPI32  =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\Offercast_AVIRAV7__RASMANCS  =>Toolbar.Ask

---\\ Additional Scan (O88) (19) - 0s
C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml  =>PUP.Optional.BDYahoo
HKLM\SYSTEM\CurrentControlSet\Services\KMService  =>PUP.Optional.Office
C:\Windows\System32\srvany.exe  =>PUP.Optional.Office
HKLM\SOFTWARE\PIP  =>Toolbar.Ask
HKCU\SOFTWARE\APN PIP  =>PUP.Optional.Conduit
HKCU\SOFTWARE\Conduit  =>PUP.Optional.Conduit
HKCU\SOFTWARE\eSupport.com  =>PUP.Optional.eSupport
HKCU\SOFTWARE\ilivid  =>PUP.Optional.Bandoo
HKCU\SOFTWARE\SereneScreen  =>PUP.Optional.MarineAquarium
HKCU\SOFTWARE\AppDataLow\Software\ilividmoviestoolbarha  =>PUP.Optional.Bandoo  =>PUP.Optional.Bandoo
HKCU\SOFTWARE\AppDataLow\Software\WinToFlash Suggestor  =>PUP.Optional.WinToFlash  =>PUP.Optional.WinToFlash
C:\ProgramData\APN  =>Toolbar.Ask
C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup-r641-n-bf_RASAPI32  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup-r641-n-bf_RASMANCS  =>PUP.Optional.Bandoo
HKLM\SOFTWARE\Microsoft\Tracing\Offercast_AVIRAV7__RASAPI32  =>Toolbar.Ask
HKLM\SOFTWARE\Microsoft\Tracing\Offercast_AVIRAV7__RASMANCS  =>Toolbar.Ask

---\\ Summary of the elements found on your workstation (12) - 0s
http://www.nicolascoolman.fr/blog  =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/hijacker-office/  =>PUP.Optional.Office
http://www.nicolascoolman.fr/toolbar-ask/  =>Toolbar.Ask
http://www.nicolascoolman.fr/toolbar-conduit/  =>PUP.Optional.Conduit
http://www.nicolascoolman.fr/blog  =>PUP.Optional.eSupport
http://www.nicolascoolman.fr/adware-bandoo/  =>PUP.Optional.Bandoo
http://www.nicolascoolman.fr/blog  =>PUP.Optional.MarineAquarium
http://www.nicolascoolman.fr/spyware-wintoflash/  =>PUP.Optional.WinToFlash
http://www.nicolascoolman.fr/trojan-autokms/  =>HackTool.AutoKMS
http://www.nicolascoolman.fr/blog  =>PUP.Optional.Torch*
http://www.nicolascoolman.fr/blog  =>PUP.Optional.Torch
http://www.nicolascoolman.fr/pup-datamngr/  =>PUP.Optional.Datamngr

~ End of the scan, 28705 items in 555 seconds (1155)(0)()