~ ZHPDiag v2016.1.9.9 By Nicolas Coolman (2016/01/09) ~ Run by samir (Administrator) (2016/01/09 20:24:36) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\samir\Desktop\ZHPDiag.txt ~ Report: C:\Users\samir\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 8.1 Pro, 32-bit (Build 9600) ---\\ Internet Browsers (3) - 0s MFIE: Mozilla Firefox 33.0.1 (x86 en-US) OPIE: Opera 31.0.1889.99 MSIE: Internet Explorer v11.0.9600.18125 ---\\ Windows Product Information (3) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (4) - 3s ESET Smart Security v9.0.349.0 Malwarebytes Anti-Malware version 2.2.0.1024 SMADAV version 10.4.1 v10.4.1 Windows Defender (Deactivate) ---\\ System optimization software (1) - 3s CCleaner v5.01 ---\\ Surveillance software (1) - 3s Adobe Flash Player 20 PPAPI ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 23 Stepping 6, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 2088.244 MB (21% free) System Restore: Activé (Enable) System drive C: has 52 GB () free of 96 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: GAZAFOREVER ~ User Name: samir ~ Logged in as Administrator ---\\ Enumeration of the disk units (2) - 0s ~ Drive C: has 52 GB free of 96 GB (System) ~ Drive E: has 12 GB free of 18 GB ---\\ State of the Windows Security Center (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (24) - 2s [MD5.91E24273FCA076EA9E65DAFA98901225] - 27/01/2015 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2207488] =>.Microsoft Corporation [MD5.8BFE805555CDAF6387912A34D7978DAA] - 29/10/2014 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [51200] =>.Microsoft Corporation [MD5.8A60D4136E37C3CCB1ECAE90D11618F4] - 20/12/2015 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [115712] =>.Microsoft Corporation [MD5.B60461B5CED2BFAE1A870C61C66966C4] - 20/12/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2011136] =>.Microsoft Corporation [MD5.C7B38F105DFDD3231314EDDF7012D8AA] - 20/12/2015 - (.Microsoft Corporation - Windows Log-on Application.) -- C:\Windows\System32\Winlogon.exe [465920] =>.Microsoft Corporation [MD5.BFB9E1202225113991F981D29BFB9029] - 18/03/2014 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [438272] =>.Microsoft Corporation [MD5.205BDB00F4C032AF45A6BFD18EA7886C] - 19/12/2015 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [498688] =>.Microsoft Corporation [MD5.E37F897ED7B5AFF79B1398258DB96BD9] - 22/08/2013 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [19456] =>.Microsoft Corporation [MD5.2B204EEC6A78BB9730927A28435DFEB4] - 20/12/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [462848] =>.Microsoft Corporation [MD5.72FCAE2CE6DFEAB2AB072435017F3417] - 22/08/2013 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [23392] =>.Microsoft Corporation [MD5.CE232BB0965C0C0B786C3F976CCBFB7D] - 22/08/2013 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [73728] =>.Microsoft Corporation [MD5.E2FC132D48EA4E8B04432C33EFB77801] - 22/08/2013 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [124928] =>.Microsoft Corporation [MD5.55758EBBC45E1628161121D7CFEAD4A1] - 06/03/2014 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation [MD5.7E0EDA9EE53E344D1604EB2A7E8DED47] - 24/07/2014 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [69632] =>.Microsoft Corporation [MD5.7A708934CC652100A94944EC808C3916] - 19/12/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [83456] =>.Microsoft Corporation [MD5.FA6C94C754A566EA8A61D658932F32DE] - 18/03/2014 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [126976] =>.Microsoft Corporation [MD5.27B19A0343AB86F1CF987A97AA41BB40] - 20/12/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [328192] =>.Microsoft Corporation [MD5.BC242922B0D08F61CF7C87FD08FAFA8B] - 22/08/2013 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [218624] =>.Microsoft Corporation [MD5.C52E578E3F8182C2EE6AAF0AC2B61C9B] - 15/10/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1689408] =>.Microsoft Corporation [MD5.4F30970F15ADCC382544B31D5D7E368E] - 22/08/2013 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [81408] =>.Microsoft Corporation [MD5.3255D128FDC28D6859303BF240991A0D] - 19/12/2015 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [82432] =>.Microsoft Corporation [MD5.67E91843B0344411820A012063E876B2] - 18/03/2014 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [143872] =>.Microsoft Corporation [MD5.80A7F31C89C7752DFEC2A9CF28FFF291] - 20/12/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [86016] =>.Microsoft Corporation [MD5.31A2AA48C1ECD390E2707E5C21B75DCE] - 19/06/2014 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [264512] =>.Microsoft Corporation ---\\ Non Microsoft non disabled Windows Services (17) - 3s O23 - Service: Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit - Advanced SystemCare Service.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology® O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe =>.LSI Corporation® O23 - Service: @oem2.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Manageme (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\System32\BtwRSupportService.exe =>.Broadcom Corporation® O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® O23 - Service: FSPro Filter Service 2 (fsproflt2) . (.FSPro Labs - FSPro Labs Filter Service.) - C:\Windows\System32\fsproflt2.exe {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs O23 - Service: @oem54.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company - HpService.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company® O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2008 - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe =>.HUAWEI Technologies Co., Ltd.® O23 - Service: JumpStart Push-Button Service (jswpbapi) . (.Atheros Communications, Inc. - JumpStart PushButton Service.) - C:\Program Files\Jumpstart\jswpbapi.exe =>.Atheros Communications, Inc. O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon - .) - C:\Program Files\Maxthon3\Modules\Service\Update\MaxthonUpdateSvc.exe =>.Maxthon (Asia) Limited.® O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe =>.Huawei Technologies Co., Ltd.® O23 - Service: MyWiFiRouterDHCP (MyWiFiRouterDHCP) . (...) - C:\Program Files\Wi-Fi\WiFiGxSvc.exe {6AC8AF24C602CB90FE71875F1C4CEC80} O23 - Service: StartMenu8 Service (StartMenuService) . (.IObit - StartMenu8 Services.) - C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology® O23 - Service: ULService (ULService) . (...) - C:\Program Files\GiliSoft\USB Lock\ULService.exe O23 - Service: (Update service) . (.Popcorn Time - Updater.) - C:\Program Files\Popcorn Time\Updater.exe =>.Popcorn Time ---\\ Task Planned Automatically (37) - 7s [MD5.F087BF62308F33AB22D9A6D159E00A28] [APT] [Adobe Flash Player PPAPI Notifier] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [1163456] =>.Adobe Systems Incorporated® [MD5.E4705F6EFA7B8BE1F55458B1584574A1] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269504] =>.Adobe Systems Incorporated® [MD5.9A7C5BE65ED820EC935AFAD9E675822D] [APT] [ASC9_SkipUac_samir] (.IObit.) -- C:\Program Files\IObit\Advanced SystemCare\ASC.exe [4995872] =>.IObit Information Technology® [MD5.0098F118EDFC23953919988D9531E9EE] [APT] [Ashampoo Privacy Protector Weekly Security Scan] (.Ashampoo GmbH & Co. KG.) -- C:\Program Files\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe [2223984] =>.Ashampoo GmbH & Co. KG® [MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS\AutoKMS.exe (.not file.) [0] =>HackTool.AutoKMS [MD5.00000000000000000000000000000000] [APT] [AutoPico Daily Restart] (...) -- C:\Program Files\KMSpico\AutoPico.exe (.not file.) [0] =>HackTool.KMSpico [MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.) [0] [MD5.805210C8DB11D5799E7172923959BF98] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [5489944] =>.Piriform Ltd® [MD5.16369F18244A0CEC509CEDB22E6786BF] [APT] [Driver Booster Scheduler] (.IObit.) -- C:\Program Files\IObit\Driver Booster\Scheduler.exe [1003328] =>.IObit Information Technology® [MD5.5640216A709262C8A35402BB7B931A6E] [APT] [Driver Booster SkipUAC (samir)] (.IObit.) -- C:\Program Files\IObit\Driver Booster\DriverBooster.exe [4629312] =>.IObit Information Technology® [MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.Optional.MyPCBackup [MD5.9E2F3C034C1C2D17B1550A24364CEAD1] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe [265640] =>.Maxthon (Asia) Limited.® [MD5.00000000000000000000000000000000] [APT] [Open Chrome] (...) -- C:\Users\samir\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) [0] [MD5.CD9E638EFC321B1856E1F3CCCCCCA478] [APT] [Opera scheduled Autoupdate 1437755498] (.Opera Software.) -- C:\Program Files\Opera\launcher.exe [930936] =>.Opera Software ASA® [MD5.00000000000000000000000000000000] [APT] [smadav] (...) -- C:\Program Files\Smadav\SM?RTP.exe [1658880] [MD5.C9ABE9ACBBD3CE54693412EE30D7639E] [APT] [Uninstaller_SkipUac_samir] (.IObit.) -- C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [4869920] =>.IObit Information Technology® O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated O39 - APT: ASC9_SkipUac_samir - (.IObit.) -- C:\Windows\Tasks\ASC9_SkipUac_samir.job [250] =>.IObit O39 - APT: Open Chrome - (...) -- C:\Windows\Tasks\Open Chrome.job [402] (.Orphean.) O39 - APT: Uninstaller_SkipUac_samir - (.IObit.) -- C:\Windows\Tasks\Uninstaller_SkipUac_samir.job [290] =>.IObit O39 - APT: Adobe Flash Player PPAPI Notifier - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3862] =>.Adobe Systems Incorporated O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3718] =>.Adobe Systems Incorporated O39 - APT: ASC9_SkipUac_samir - (.IObit.) -- C:\Windows\System32\Tasks\ASC9_SkipUac_samir [2350] =>.IObit O39 - APT: Ashampoo Privacy Protector Weekly Security Scan - (.Ashampoo GmbH & Co. KG.) -- C:\Windows\System32\Tasks\Ashampoo Privacy Protector Weekly Security Scan [3824] =>.Ashampoo GmbH & Co. KG O39 - APT: AutoKMS - (...) -- C:\Windows\System32\Tasks\AutoKMS [3758] (.Orphean.) =>HackTool.AutoKMS O39 - APT: AutoPico Daily Restart - (...) -- C:\Windows\System32\Tasks\AutoPico Daily Restart [3704] (.Orphean.) =>HackTool.KMSpico O39 - APT: avast! Emergency Update - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] (.Orphean.) O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2772] =>.Piriform Ltd O39 - APT: Driver Booster Scheduler - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Scheduler [3236] =>.IObit O39 - APT: Driver Booster SkipUAC (samir) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (samir) [2868] =>.IObit O39 - APT: LaunchSignup - (...) -- C:\Windows\System32\Tasks\LaunchSignup [4020] (.Orphean.) =>PUP.Optional.MyPCBackup O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update [3580] =>.Maxthon International ltd. O39 - APT: Open Chrome - (...) -- C:\Windows\System32\Tasks\Open Chrome [2624] (.Orphean.) O39 - APT: Opera scheduled Autoupdate 1437755498 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1437755498 [3826] =>.Opera Software O39 - APT: smadav - (...) -- C:\Windows\System32\Tasks\smadav [3216] O39 - APT: Uninstaller_SkipUac_samir - (.IObit.) -- C:\Windows\System32\Tasks\Uninstaller_SkipUac_samir [2390] =>.IObit ---\\ Process running (14) - 6s [MD5.932B1299206773C564F18F0A1C62712C] - (.FSPro Labs - FSPro Labs Filter Service.) -- C:\Windows\System32\fsproflt2.exe [69408] [PID.1404] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs [MD5.C16E00F89DC80590A03A33DDDA24E2E1] - (.FSPro Labs - Hide Folders 2012 Control Panel.) -- C:\Program Files\Hide Folders 2012\hf.exe [2210568] [PID.1644] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs [MD5.01539EEE760A042E791754A59AD341BC] - (.FSPro Labs - Hide Folders Control Panel.) -- C:\Program Files\Hide Folders\hf5.exe [2701576] [PID.1652] {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs [MD5.8AFD109901B377D55D1CB387B77C5893] - (.Smadsoft - Smadav USB Antivirus & Additional Protectio.) -- C:\Program Files\SMADAV\SMΔRTP.exe [1658880] [PID.1992] [MD5.670D6F56BA218AE78CD526AFCC530E2A] - (.Atheros Communications, Inc. - JumpStart PushButton Service.) -- C:\Program Files\Jumpstart\jswpbapi.exe [188416] [PID.2168] =>.Atheros Communications, Inc. [MD5.8118AA1C914D1A1171792B72C2A9C881] - (...) -- C:\Program Files\Wi-Fi\WiFiGxSvc.exe [47464] [PID.3292] {6AC8AF24C602CB90FE71875F1C4CEC80} [MD5.F7587F89E092AD179BC872D423068815] - (...) -- C:\Program Files\GiliSoft\USB Lock\ULService.exe [91944] [PID.3488] [MD5.BD93D1A0E0A7A96BEA4585F17C9B3307] - (.Popcorn Time - Updater.) -- C:\Program Files\Popcorn Time\Updater.exe [339968] [PID.3536] =>.Popcorn Time [MD5.043CCDB162DDCDAB3CB5F80EDE4F4C50] - (...) -- C:\Program Files\GiliSoft\USB Lock\ULClient.exe [922920] [PID.3544] [MD5.C3022E871677CB342EDFCD5D05D29DDF] - (.8pecxstudios - Cyberfox.) -- C:\Program Files\Cyberfox\Cyberfox.exe [768032] [PID.4472] {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios [MD5.A1D21F1E7E9B27075217DF9AF1056F1F] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe [8345568] [PID.5480] {17B0C425187E4534E12B02B218563F46} =>.AVM Software Inc. [MD5.A1D21F1E7E9B27075217DF9AF1056F1F] - (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\paltalk.exe [8345568] [PID.5444] {17B0C425187E4534E12B02B218563F46} =>.AVM Software Inc. [MD5.ED48A87D4C4F92BAF19FF1D6AF6C2D85] - (.FairStars Soft - Audio Recorder For Win32.) -- C:\Program Files\FairStars MP3 Recorder\Recorder.exe [1189888] [PID.5992] [MD5.845BE5F9082DD2C4A2DD8C11974E1ACA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\samir\AppData\Roaming\ZHP\ZHPDiag3.exe [2065920] [PID.1556] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (1) - 0s G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (19) - 5s M0 - MFSP: prefs.js [samir - fjqwa8wn.default] https://www.google.co.ma/ P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\clean_and_close@csb7.com.xpi P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\langpack-en-US@firefox.mozilla.org.xpi P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\langpack-fr@firefox.mozilla.org.xpi P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\{86054B0A-BD85-42F9-8E58-8794EC6F6EA1}.xpi P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\searchplugins\avg-secure-search.xml P2 - EXT FILE: (...) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\searchplugins\yandex.ru-145911.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazondotcom.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia.xml P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla P2 - EXT: (.Mixesoft - Click&Clean.) -- C:\Users\samir\AppData\Roaming\Mozilla\Firefox\Profiles\fjqwa8wn.default\extensions\clickclean@hotcleaner.com P2 - FPN: [HKCU] [@cntv.cn/Live2] - (.WWW.CNTV.CN.) -- C:\Users\samir\AppData\Roaming\8pecxstudios\Cyberfox\Profiles\843l1d0a.default\extensions\CNTVLive2@www.cntv.cn\plugins\npCNTVLive2.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\NPSWF32_20_0_0_267.dll =>.Adobe Systems Incorporated ---\\ Opera, Plugins,Start,Search (3) - 0s B2 - EXT: [HOTCLEANER.COM] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\lfpoajlbkhlfoeeokbppmecpplmieedm B2 - EXT: [IDM Integration Module] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\ngpampappnmepgilojfohadhhmbhlaek B2 - EXT: [Opera Stable] C:\Users\samir\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp ---\\ Internet Explorer Extensions, Start, Search (10) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://go.speedbit.com/ R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 0 ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (6) ---\\ Browser Helper Object (BHO) (6) - 1s O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} . (.IObit - Uninstall for explorer.) -- C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll =>.IObit Information Technology® O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.® O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} . (.IObit - Advanced SystemCare 8 ASCPlugin_Protection.) -- C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll =>.IObit Information Technology® O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.® ---\\ Internet Explorer Toolbars (2) - 0s O3 - Toolbar: 0x207D39914614D4118AF40040CA1127B6 - [HKCU]{91397D20-1446-11D4-8AF4-0040CA1127B6} . (...) -- (.not file.) O3 - Toolbar: (no name) - [HKLM]{1DAC0C53-7D23-4AB3-856A-B04D98CD982A} (Orphean) (.not file.) ---\\ Auto loading programs from Registry and folders (7) - 1s O4 - HKLM\..\Run: [jswtrayutil] . (.Atheros Communications, Inc. - Tray Utility for JumpStart for Wireless.) -- C:\Program Files\Jumpstart\jswtrayutil.exe =>.Atheros Communications, Inc. O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd® O4 - HKUS\S-1-5-21-3687495416-2605925994-925784546-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc. ---\\ Lop.com/Domain Hijackers (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{bbb18818-e9b1-45e8-a277-19e5057662c1}: DhcpNameServer = 192.168.1.1 ---\\ Extra protocols (22) - 0s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation O18 - Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (.AVG Secure Search - ViProtocol.) -- C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll =>Toolbar.AVGSafeGuard O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ---\\ Software installed (83) - 24s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 20 PPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Advanced SystemCare 9 - (.IObit.) [HKLM] -- Advanced SystemCare_is1 =>.IObit Information Technology® O42 - Logiciel: Allok 3GP PSP MP4 iPod Video Converter 6.2.0603 - (.Allok Soft Inc.) [HKLM] -- Allok 3GP PSP MP4 iPod Video Converter_is1 O42 - Logiciel: Allok Video Joiner 4.6.1217 - (.Allok Soft Inc..) [HKLM] -- Allok Video Joiner_is1 O42 - Logiciel: Aoao Video Watermark Pro - (.WonderFox Soft, Inc. All Rights Reserved..) [HKCU] -- AoaoVideoWatermarkPro O42 - Logiciel: Ashampoo Privacy Protector v.1.0.1 - (.Ashampoo GmbH & Co. KG.) [HKLM] -- {91B33C97-87C8-5585-2940-1AE1120D4DCC}_is1 =>.Ashampoo GmbH & Co. KG® O42 - Logiciel: Ashampoo Slideshow Studio HD 3 v.3.0.9 - (.Ashampoo GmbH & Co. KG.) [HKLM] -- {91B33C97-0CE8-6ABD-1CF4-0DAF2CCF492A}_is1 =>.Ashampoo GmbH & Co. KG® O42 - Logiciel: Audacity 2.0.2 - (.Audacity Team.) [HKLM] -- Audacity_is1 =>.Audacity Team O42 - Logiciel: Beyluxe Messenger - (.Hichatters Srl.) [HKLM] -- Beyluxe Messenger1 O42 - Logiciel: Boilsoft Video Converter 3.01 - (.Boilsoft. Inc..) [HKLM] -- {4822DF0D-087B-435C-843D-ADAB239CCA13}_is1 O42 - Logiciel: Boilsoft Video Joiner 6.57 - (.Boilsoft, Inc..) [HKLM] -- {FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1 O42 - Logiciel: Boilsoft Video Splitter 6.34 - (.Boilsoft, Inc..) [HKLM] -- {24549038-9956-4EE5-976D-4419AAEA7DD5}_is1 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: Cyberfox Web Browser (x86) - (.8pecxstudios.) [HKLM] -- {DA42BA39-9916-4F32-83AC-27AAE5CFA09E}_is1 {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios O42 - Logiciel: Driver Booster 3.1 - (.IObit.) [HKLM] -- Driver Booster_is1 =>.IObit Information Technology® O42 - Logiciel: Driver Reviver - (.ReviverSoft LLC.) [HKLM] -- Driver Reviver =>PUP.Optional.DriverReviver O42 - Logiciel: EcoLotoFoot - (.Cellard Softwares.) [HKLM] -- EcoLotofoot Shareware_is1 =>.Cellard Softwares O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {EE928C63-34BF-4157-8B20-C20404A22A34} =>.ESET, spol. s r.o. O42 - Logiciel: FairStars MP3 Recorder 2.50 - (.FairStars Soft.) [HKLM] -- FairStars MP3 Recorder_is1 O42 - Logiciel: FastStone Capture 7.8 - (.FastStone Soft.) [HKLM] -- FastStone Capture =>.FastStone Soft O42 - Logiciel: Folderico 4.0 RC12 - (.Shedko ( www.softq.org ).) [HKLM] -- Folderico O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory =>.Format Factory O42 - Logiciel: GiliSoft USB Lock 3.1 - (.Gilisoft International LLC..) [HKLM] -- {A3755312-4264-41d0-91CF-C0633F7ADF3B}_is1 O42 - Logiciel: GiliSoft USB Stick Encryption 5.5.0 - (.Gilisoft International LLC..) [HKLM] -- {5BAA1731-B992-48B6-A44E-7DF111698957}_is1 O42 - Logiciel: HP Quick Launch Buttons - (.Hewlett-Packard Company.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355} =>.Hewlett-Packard Company® O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: IObit Uninstaller - (.IObit.) [HKLM] -- IObitUninstall =>.IObit Information Technology® O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 45 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218045F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 60 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218060F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Jumpstart Installation Program - (.Atheros.) [HKLM] -- {B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13} =>.Atheros O42 - Logiciel: K-Lite Mega Codec Pack 10.4.0 - (...) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: KMPlayer (remove only) - (.PandoraTV.) [HKLM] -- The KMPlayer O42 - Logiciel: KMSpico v9.1.0.20131125 (Beta) - (...) [HKLM] -- KMSpico_is1 =>HackTool.KMSpico O42 - Logiciel: LSI HDA Modem - (.LSI Corporation.) [HKLM] -- LSI Soft Modem =>.LSI Corporation O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM] -- Maxthon3 =>.Maxthon (Asia) Limited.® O42 - Logiciel: MEGAsync - (.Mega Limited.) [HKLM] -- MEGAsync =>.Mega Limited® O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Milouz Market - (.Milouz Corp.) [HKLM] -- {EB863FE2-3602-447F-AC15-AEAD0A8B623A} O42 - Logiciel: Modem HDM EC156 - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Modem HDM EC156 =>.Huawei Technologies Co.,Ltd O42 - Logiciel: Mozilla Firefox 33.0.1 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 33.0.1 (x86 en-US) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: My WIFI Router - (.TxNetwork, Inc..) [HKLM] -- My WIFI Router {6AC8AF24C602CB90FE71875F1C4CEC80} O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {CF097717-F174-4144-954A-FBC4BF301033} =>.Nero AG O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG O42 - Logiciel: Opera Stable 31.0.1889.99 - (.Opera Software.) [HKLM] -- Opera 31.0.1889.99 =>.Opera Software ASA® O42 - Logiciel: Paltalk Messenger 11.6 - (.AVM Software Inc..) [HKLM] -- Paltalk Messenger =>.AVM Software Inc. O42 - Logiciel: PC Auto Shutdown 5.9 - (.GoldSolution Software, Inc..) [HKLM] -- PC Auto Shutdown_is1 O42 - Logiciel: PhotoInstrument 7.3 - (.Fatykhov Timur.) [HKLM] -- {5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}}_is1 =>.Fatykhov Timur O42 - Logiciel: Popcorn Time - (.Popcorn Time.) [HKLM] -- Popcorn Time_is1 =>.Popcorn Time O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO =>.Power Software Ltd O42 - Logiciel: Protected Folder - (.IObit.) [HKLM] -- Protected Folder_is1 =>.IObit Information Technology® O42 - Logiciel: QLBCASL - (.Hewlett-Packard.) [HKLM] -- {F1D7AC58-554A-4A58-B784-B61558B1449A} =>.Hewlett-Packard O42 - Logiciel: QuickStores-Toolbar 1.1.0 - (.AB-Tools.com.) [HKLM] -- QuickStores-Toolbar_is1 {432642D81F742569A0828E8CA82DE024} =>Toolbar.QuickStores O42 - Logiciel: REALTEK Wireless LAN Driver and Utility - (.REALTEK Semiconductor Corp..) [HKLM] -- {0DF70CB6-553A-4C57-8E6D-87635EECFB78} =>.Realtek Semiconductor Corp. O42 - Logiciel: Registry Trash Keys Finder (Freeware) - (.SNC.) [HKLM] -- Registry Trash Keys Finder =>.SNC O42 - Logiciel: Revo Uninstaller Pro 3.1.4 - (.VS Revo Group, Ltd..) [HKLM] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 =>.VS Revo Group, Ltd. O42 - Logiciel: SDFormatter - (.SD Association.) [HKLM] -- {179324FF-7B16-4BA8-9836-055CAAEE4F08} =>.SD Association O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation O42 - Logiciel: Skype™ 6.21 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7} =>.Skype Technologies S.A. O42 - Logiciel: SMADAV version 10.4.1 - (.SmadSoft.) [HKLM] -- {8B9FA5FF-3E61-4658-B0DA-E6DDB46D6BAD}_is1 O42 - Logiciel: Smart Defrag 3 - (.IObit.) [HKLM] -- Smart Defrag 3 Pro_is1 =>.IObit Information Technology® O42 - Logiciel: SsdReady - (.CEZEO software Ltd..) [HKLM] -- SsdReady_is1 O42 - Logiciel: Start Menu 8 - (.IObit.) [HKLM] -- IObit_StartMenu8_is1 =>.IObit Information Technology® O42 - Logiciel: Surfing Protection - (.IObit.) [HKLM] -- IObit Surfing Protection_is1 =>.IObit Information Technology® O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey =>.Synaptics Incorporated O42 - Logiciel: TapinRadio Pro - (.Raimersoft.) [HKLM] -- TapinRadio Pro_is1 =>.Raimersoft O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM] -- TAP-Windows O42 - Logiciel: Unlocker 1.9.1 - (.Cedrick Collomb.) [HKLM] -- Unlocker =>.Cedrick Collomb O42 - Logiciel: URL Helper - (...) [HKLM] -- URL Helper_is1 O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive =>.Elaborate Bytes O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN O42 - Logiciel: Webinaria 2.0 - (.Charlwood eMarketing.) [HKLM] -- Webinaria_is1 =>.Charlwood eMarketing O42 - Logiciel: WinAVI All-in-One Converter - (.ZJMedia Digital Technology Ltd..) [HKLM] -- WinAVI All-in-One Converter O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM] -- WinPcapInst =>.Riverbed Technology, Inc. O42 - Logiciel: WinRAR 5.20 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: YouTube Downloader Suite V3.2.3 - (.Apowersoft.) [HKLM] -- {3FF2F54D-FA3A-406F-9F9E-6CDD95B9A1A9}_is1 =>.APowerSoft ---\\ HKCU & HKLM Software Keys (188) - 24s HKLM\SOFTWARE\8pecxstudios HKLM\SOFTWARE\Agere HKLM\SOFTWARE\ahead HKLM\SOFTWARE\Apple Computer, Inc. HKLM\SOFTWARE\Ashampoo HKLM\SOFTWARE\AS_Mubashir HKLM\SOFTWARE\Atheros HKLM\SOFTWARE\Auslogics HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch HKLM\SOFTWARE\AviSynth HKLM\SOFTWARE\Belarc HKLM\SOFTWARE\Bigasoft HKLM\SOFTWARE\Chrispc HKLM\SOFTWARE\CyberGhost HKLM\SOFTWARE\Dell HKLM\SOFTWARE\Elaborate Bytes HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Freemake HKLM\SOFTWARE\FSPro Labs HKLM\SOFTWARE\GiliSoft HKLM\SOFTWARE\Gilisoft-usb-lock HKLM\SOFTWARE\GNU HKLM\SOFTWARE\Google HKLM\SOFTWARE\GSLLC HKLM\SOFTWARE\Hewlett-Packard HKLM\SOFTWARE\Hewlett-Packard Company HKLM\SOFTWARE\HPQ HKLM\SOFTWARE\Huawei technologies HKLM\SOFTWARE\Icaros HKLM\SOFTWARE\IM Providers HKLM\SOFTWARE\InstalledOptions HKLM\SOFTWARE\InstallShield HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\IO3O HKLM\SOFTWARE\IObit HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\KLCodecPack HKLM\SOFTWARE\KMPlayer HKLM\SOFTWARE\KONAMIPES6 HKLM\SOFTWARE\LAV HKLM\SOFTWARE\Licenses HKLM\SOFTWARE\LogMeInRescueCallingCard HKLM\SOFTWARE\LSI HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Maxthon3 HKLM\SOFTWARE\McAfee.com HKLM\SOFTWARE\Milouz Corp HKLM\SOFTWARE\MOVAVI HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\MT Solution HKLM\SOFTWARE\Nero HKLM\SOFTWARE\NSIS.Library.RegTool.v3 HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\PATHPILOT HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\PowerISO HKLM\SOFTWARE\Reg HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\RtWLan HKLM\SOFTWARE\Skype HKLM\SOFTWARE\SNC HKLM\SOFTWARE\Synaptics HKLM\SOFTWARE\Systweak =>Superfluous.Systweak HKLM\SOFTWARE\TAP-Windows HKLM\SOFTWARE\TechSmith HKLM\SOFTWARE\TuneUp HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\Volatile HKLM\SOFTWARE\Webinaria HKLM\SOFTWARE\WinChipHead HKLM\SOFTWARE\WinPcap HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\Wow6432Node HKLM\SOFTWARE\ZmnGlobalSDK HKCU\SOFTWARE\2vg HKCU\SOFTWARE\4kdownload.com HKCU\SOFTWARE\8322898 HKCU\SOFTWARE\Ahead HKCU\SOFTWARE\Aiseesoft Studio HKCU\SOFTWARE\Akeo Consulting HKCU\SOFTWARE\All-Radio HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\AppWork HKCU\SOFTWARE\Ashampoo HKCU\SOFTWARE\ASProtect HKCU\SOFTWARE\Atheros HKCU\SOFTWARE\AVAST Software HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\BcmSetup HKCU\SOFTWARE\BenVista HKCU\SOFTWARE\Beyluxe Messenger HKCU\SOFTWARE\Bigasoft HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Bmupd HKCU\SOFTWARE\Boilsoft HKCU\SOFTWARE\Bytescout HKCU\SOFTWARE\Cameyo HKCU\SOFTWARE\Cameyo Package Editor HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\CPSSoft HKCU\SOFTWARE\DownloadAstro HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\ej-technologies HKCU\SOFTWARE\Elaborate Bytes HKCU\SOFTWARE\epsxe HKCU\SOFTWARE\ESET HKCU\SOFTWARE\FreeDownloadManager.ORG HKCU\SOFTWARE\Freemake HKCU\SOFTWARE\FreeTime HKCU\SOFTWARE\Freeware HKCU\SOFTWARE\FSPro Labs HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GreenTree Applications HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Internet Cyclone HKCU\SOFTWARE\IObit HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\KGB Archiver HKCU\SOFTWARE\KMPlayer HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Lockdir HKCU\SOFTWARE\LogMeInRescueCallingCard HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\MassTube HKCU\SOFTWARE\Maxthon3 HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\MiniTool Solution Ltd. HKCU\SOFTWARE\Mirage HKCU\SOFTWARE\MOVAVI HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\MyLanViewer HKCU\SOFTWARE\Ongkara software HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Paltalk HKCU\SOFTWARE\PhotoInstrument HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Popcorn Time HKCU\SOFTWARE\PopcornTime HKCU\SOFTWARE\PowerISO HKCU\SOFTWARE\ProtectedData HKCU\SOFTWARE\pth264 HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Reg HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\screen-capture-recorder HKCU\SOFTWARE\SimpleTV by SergeyVS#3 HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SMADΔV HKCU\SOFTWARE\SpeedBit HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\TempCleaner HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\TSR Software HKCU\SOFTWARE\TuneUp HKCU\SOFTWARE\UpdateStar HKCU\SOFTWARE\URLHelper HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\VirtualDub.org HKCU\SOFTWARE\virtual_audio_capture HKCU\SOFTWARE\VOS HKCU\SOFTWARE\VS Revo Group HKCU\SOFTWARE\Widevine HKCU\SOFTWARE\WinAVI HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Xilisoft HKCU\SOFTWARE\Yandex HKCU\SOFTWARE\YouTube Downloader Suite HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Yandex HKCU\SOFTWARE\AppDataLow\Software\JavaSoft ---\\ Contents of the Common Files folders (371) - 48s O43 - CFD: 31/12/2015 - [0] D -- C:\Program Files\Aiseesoft Studio O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Allok 3GP PSP MP4 iPod Video Converter O43 - CFD: 17/12/2015 - [] D -- C:\Program Files\Allok Video Joiner O43 - CFD: 05/01/2016 - [0] D -- C:\Program Files\Aneesoft O43 - CFD: 22/09/2015 - [0] D -- C:\Program Files\AoaoPhoto Digital Studio O43 - CFD: 30/12/2015 - [0] D -- C:\Program Files\ApeeeGoSoft O43 - CFD: 17/12/2014 - [] D -- C:\Program Files\Apowersoft O43 - CFD: 24/07/2015 - [] D -- C:\Program Files\Ashampoo =>.Ashampoo GmbH & Co. KG® O43 - CFD: 20/04/2015 - [] D -- C:\Program Files\Audacity O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\AuthenTec =>.AuthenTec, Inc.® O43 - CFD: 10/03/2015 - [0] D -- C:\Program Files\Belarc O43 - CFD: 28/01/2015 - [] D -- C:\Program Files\Beyluxe Messenger O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Bigasoft O43 - CFD: 07/01/2016 - [] D -- C:\Program Files\Boilsoft O43 - CFD: 31/12/2015 - [] D -- C:\Program Files\Boilsoft Video Converter O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\Broadcom O43 - CFD: 08/10/2014 - [] D -- C:\Program Files\Bytescout Watermarking (Free) O43 - CFD: 22/12/2014 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 31/08/2015 - [] D -- C:\Program Files\CEZEO software {3C2C57985C7A9FA89B39C73FE4707BAE} O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 02/12/2014 - [] D -- C:\Program Files\Cyberfox {275F7B4841402DE0F41C8CCF30795AC2} O43 - CFD: 30/08/2015 - [] D -- C:\Program Files\EcoLotofootSha O43 - CFD: 15/11/2014 - [] D -- C:\Program Files\Elaborate Bytes O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\Enigma Software Group =>.Superfluous.SpyHunter O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.® O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\FairStars MP3 Recorder O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\FastStone Capture O43 - CFD: 29/07/2014 - [] D -- C:\Program Files\Folderico O43 - CFD: 06/03/2015 - [] D -- C:\Program Files\FreeTime =>.chen jun hao® O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\GiliSoft {166DAF8F034BBD9BE8EBE24044970524} O43 - CFD: 06/11/2014 - [0] D -- C:\Program Files\Glarysoft O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Hewlett-Packard =>.Hewlett-Packard Company® O43 - CFD: 29/10/2014 - [] D -- C:\Program Files\Hide Folders {7B6CC6957166C29858134F621F7124F8} O43 - CFD: 07/10/2014 - [] D -- C:\Program Files\Hide Folders 2012 {7B6CC6957166C29858134F621F7124F8} O43 - CFD: 19/08/2015 - [] HD -- C:\Program Files\InstallShield Installation Information O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\Intel O43 - CFD: 01/05/2015 - [] D -- C:\Program Files\Internet Download Manager O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 19/12/2015 - [] D -- C:\Program Files\IObit =>.IObit Information Technology® O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 14/11/2014 - [] D -- C:\Program Files\Jumpstart O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\K-Lite Codec Pack O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico O43 - CFD: 01/11/2014 - [] D -- C:\Program Files\LSI SoftModem =>.LSI Corporation® O43 - CFD: 23/12/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Maxthon3 =>.Maxthon (Asia) Limited.® O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 18/12/2015 - [0] D -- C:\Program Files\Microsoft Toolkit Final O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 31/10/2014 - [] D -- C:\Program Files\Milouz Corp O43 - CFD: 16/03/2015 - [] D -- C:\Program Files\Modem HDM EC156 =>.HUAWEI Technologies Co., Ltd.® O43 - CFD: 28/07/2015 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 29/07/2015 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 22/09/2014 - [] D -- C:\Program Files\MSBuild O43 - CFD: 05/07/2015 - [] D -- C:\Program Files\Nero =>.Nero AG® O43 - CFD: 22/12/2014 - [0] D -- C:\Program Files\Netscape O43 - CFD: 11/07/2015 - [0] D -- C:\Program Files\NextSecurity.NET O43 - CFD: 21/08/2015 - [] D -- C:\Program Files\Opera =>.Opera Software ASA® O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\Paltalk Messenger {17B0C425187E4534E12B02B218563F46} O43 - CFD: 18/10/2014 - [] D -- C:\Program Files\PC Auto Shutdown {0083998C9534478BD30EF63F2600FE0B3E} O43 - CFD: 01/08/2015 - [] D -- C:\Program Files\PhotoInstrument O43 - CFD: 03/01/2016 - [] D -- C:\Program Files\Popcorn Time O43 - CFD: 25/09/2014 - [] D -- C:\Program Files\PowerISO =>.Power Software Ltd® O43 - CFD: 08/07/2015 - [] D -- C:\Program Files\REALTEK O43 - CFD: 22/09/2014 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 06/10/2014 - [] D -- C:\Program Files\SDA {432CB9BB3C2E6ACD2E344A7C30F7C996} O43 - CFD: 11/01/2015 - [0] D -- C:\Program Files\SecurityXploded O43 - CFD: 05/11/2014 - [] RD -- C:\Program Files\Skype =>.Skype Software Sarl® O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\SMADAV O43 - CFD: 24/12/2014 - [] D -- C:\Program Files\StreamingStar O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated® O43 - CFD: 29/12/2014 - [] D -- C:\Program Files\TAP-Windows O43 - CFD: 03/06/2015 - [] D -- C:\Program Files\TapinRadio O43 - CFD: 21/11/2014 - [0] D -- C:\Program Files\TechSmith O43 - CFD: 01/05/2015 - [] D -- C:\Program Files\TrashReg O43 - CFD: 22/08/2013 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 15/12/2014 - [] D -- C:\Program Files\Unlocker O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\VideoLAN O43 - CFD: 23/10/2014 - [] D -- C:\Program Files\VS Revo Group =>.VS Revo Group® O43 - CFD: 09/05/2015 - [] D -- C:\Program Files\Webinaria O43 - CFD: 03/07/2015 - [] D -- C:\Program Files\Wi-Fi {6AC8AF24C602CB90FE71875F1C4CEC80} O43 - CFD: 02/01/2016 - [] D -- C:\Program Files\WinAVI O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Corporation® O43 - CFD: 20/12/2015 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Multimedia Platform O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Windows NT O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 22/08/2013 - [] SHD -- C:\Program Files\Windows Sidebar O43 - CFD: 06/11/2015 - [] HD -- C:\Program Files\WindowsApps O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\WindowsPowerShell O43 - CFD: 04/07/2015 - [] D -- C:\Program Files\WinPcap =>.Riverbed Technology, Inc.® O43 - CFD: 10/10/2014 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 22/09/2015 - [] D -- C:\Program Files\WonderFox Soft O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 11/06/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok 3GP PSP MP4 iPod Video Converter O43 - CFD: 17/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok Video Joiner O43 - CFD: 05/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aneesoft O43 - CFD: 17/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros O43 - CFD: 23/10/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics O43 - CFD: 12/12/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015 O43 - CFD: 07/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boilsoft O43 - CFD: 22/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 31/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEZEO software O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisTV Online! O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 O43 - CFD: 30/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EcoLotofootSha O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes O43 - CFD: 18/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairStars MP3 Recorder O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture O43 - CFD: 29/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folderico O43 - CFD: 03/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GiliSoft O43 - CFD: 02/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake O43 - CFD: 12/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company O43 - CFD: 01/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 17/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KM-Software O43 - CFD: 22/08/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Milouz Corp O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem HDM EC156 O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Auto Shutdown O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoInstrument O43 - CFD: 25/09/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Folder O43 - CFD: 08/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK RTL8187 Wireless LAN Utility O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft O43 - CFD: 20/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus O43 - CFD: 02/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3 O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8 O43 - CFD: 02/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 27/11/2014 - [0] HD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled O43 - CFD: 24/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StreamingStar O43 - CFD: 11/07/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SwitchSniffer O43 - CFD: 17/03/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 18/03/2014 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 31/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 09/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webinaria O43 - CFD: 26/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap O43 - CFD: 09/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Ahead O43 - CFD: 08/07/2015 - [0] D -- C:\ProgramData\APN =>Toolbar.Ask O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Ashampoo O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Atheros O43 - CFD: 23/10/2014 - [] D -- C:\ProgramData\Auslogics O43 - CFD: 17/04/2015 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 25/09/2014 - [] D -- C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 24/07/2015 - [] D -- C:\ProgramData\Baidu O43 - CFD: 12/12/2015 - [] D -- C:\ProgramData\BDLogging O43 - CFD: 08/10/2014 - [] D -- C:\ProgramData\cmcm O43 - CFD: 25/09/2014 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\DatacardService O43 - CFD: 06/02/2015 - [0] D -- C:\ProgramData\dbg O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 18/12/2015 - [] D -- C:\ProgramData\ESET O43 - CFD: 15/07/2014 - [] D -- C:\ProgramData\FastStone O43 - CFD: 29/07/2014 - [] D -- C:\ProgramData\Folderico O43 - CFD: 20/10/2014 - [] D -- C:\ProgramData\Free Download Manager O43 - CFD: 15/07/2014 - [0] D -- C:\ProgramData\IDM O43 - CFD: 19/12/2015 - [] D -- C:\ProgramData\IObit O43 - CFD: 08/10/2014 - [] D -- C:\ProgramData\Kingsoft O43 - CFD: 01/05/2015 - [0] D -- C:\ProgramData\Licenses O43 - CFD: 19/10/2014 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 18/08/2014 - [] D -- C:\ProgramData\McAfee O43 - CFD: 28/06/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 05/08/2015 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS O43 - CFD: 16/03/2015 - [] D -- C:\ProgramData\Modem HDM EC156 O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Movavi O43 - CFD: 31/10/2014 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 05/01/2016 - [0] D -- C:\ProgramData\NCH Software O43 - CFD: 05/07/2015 - [] D -- C:\ProgramData\Nero O43 - CFD: 01/11/2014 - [] D -- C:\ProgramData\Oracle O43 - CFD: 21/11/2014 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 18/10/2014 - [] D -- C:\ProgramData\PC Auto Shutdown O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\ProductData O43 - CFD: 17/03/2015 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 07/12/2014 - [] D -- C:\ProgramData\ReviverSoft O43 - CFD: 04/12/2014 - [] D -- C:\ProgramData\Rohos O43 - CFD: 05/11/2014 - [] D -- C:\ProgramData\Skype O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 15/11/2014 - [] D -- C:\ProgramData\Steam O43 - CFD: 01/11/2014 - [] D -- C:\ProgramData\Sun O43 - CFD: 17/01/2015 - [0] D -- C:\ProgramData\Systweak =>Superfluous.Systweak O43 - CFD: 23/12/2015 - [] D -- C:\ProgramData\TechSmith O43 - CFD: 20/07/2015 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 22/08/2013 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 14/01/2015 - [] D -- C:\ProgramData\TuneUp Software O43 - CFD: 23/10/2014 - [] D -- C:\ProgramData\VS Revo Group O43 - CFD: 15/11/2014 - [0] D -- C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic O43 - CFD: 19/12/2015 - [0] D -- C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} O43 - CFD: 14/01/2015 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 05/07/2015 - [] D -- C:\Program Files\Common Files\Ahead O43 - CFD: 13/12/2015 - [] D -- C:\Program Files\Common Files\AV O43 - CFD: 25/09/2014 - [] D -- C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\Common Files\EagleGet O43 - CFD: 11/07/2015 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 19/12/2015 - [] D -- C:\Program Files\Common Files\IObit O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Common Files\Java O43 - CFD: 25/08/2014 - [] D -- C:\Program Files\Common Files\microsoft shared O43 - CFD: 22/08/2013 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 05/11/2014 - [] D -- C:\Program Files\Common Files\Skype O43 - CFD: 15/07/2014 - [] D -- C:\Program Files\Common Files\SpeedBit O43 - CFD: 17/03/2015 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\8pecxstudios O43 - CFD: 12/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\AceBIT O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Adobe O43 - CFD: 05/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Ahead O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Anvsoft O43 - CFD: 09/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Apowersoft O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Apple Computer O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Ashampoo Slideshow Studio HD 3 O43 - CFD: 22/04/2015 - [] D -- C:\Users\samir\AppData\Roaming\Audacity O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Auslogics O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\AVAST Software O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Baidu O43 - CFD: 04/02/2015 - [] D -- C:\Users\samir\AppData\Roaming\Beyluxe O43 - CFD: 01/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Bigasoft Total Video Converter 5 O43 - CFD: 11/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Bigasoft Video Downloader Pro O43 - CFD: 07/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Boilsoft O43 - CFD: 31/08/2015 - [] D -- C:\Users\samir\AppData\Roaming\CEZEO software O43 - CFD: 22/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\CNTV O43 - CFD: 26/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\CrystalIdea Software O43 - CFD: 01/11/2014 - [0] D -- C:\Users\samir\AppData\Roaming\DiskDefrag O43 - CFD: 18/02/2015 - [] D -- C:\Users\samir\AppData\Roaming\djsoft.net O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\DMCache O43 - CFD: 05/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\EagleGet O43 - CFD: 31/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Easeware =>.Superfluous.Easeware O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\EasiestSoft O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\ESET O43 - CFD: 05/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\FairStars MP3 Recorder O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\FastStone O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\GiliSoft O43 - CFD: 06/11/2014 - [0] D -- C:\Users\samir\AppData\Roaming\GlarySoft O43 - CFD: 07/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Google O43 - CFD: 05/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\HD Video Converter O43 - CFD: 17/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Identities O43 - CFD: 08/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\IDM O43 - CFD: 14/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\InstallShield O43 - CFD: 19/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\IObit O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Macromedia O43 - CFD: 18/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\MassTube O43 - CFD: 19/11/2015 - [] D -- C:\Users\samir\AppData\Roaming\Maxthon3 O43 - CFD: 24/12/2014 - [] SD -- C:\Users\samir\AppData\Roaming\Microsoft O43 - CFD: 21/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Moonchild Productions O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Roaming\Mozilla O43 - CFD: 08/01/2016 - [0] D -- C:\Users\samir\AppData\Roaming\MPC-HC O43 - CFD: 05/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\NCH Software O43 - CFD: 25/09/2014 - [] D -- C:\Users\samir\AppData\Roaming\Nero O43 - CFD: 22/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\Netscape O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Opera Software O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Paltalk O43 - CFD: 25/09/2014 - [] D -- C:\Users\samir\AppData\Roaming\PowerISO O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\ProductData O43 - CFD: 17/04/2015 - [0] D -- C:\Users\samir\AppData\Roaming\QuickScan O43 - CFD: 20/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\QuickStoresToolbar =>Toolbar.QuickStores O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\RHEng =>PUP.Optional.Conduit O43 - CFD: 23/10/2014 - [0] D -- C:\Users\samir\AppData\Roaming\rmi O43 - CFD: 04/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Skype O43 - CFD: 10/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Smadav O43 - CFD: 30/08/2015 - [] D -- C:\Users\samir\AppData\Roaming\Sun O43 - CFD: 17/01/2015 - [0] D -- C:\Users\samir\AppData\Roaming\systweak =>Superfluous.Systweak O43 - CFD: 03/06/2015 - [] D -- C:\Users\samir\AppData\Roaming\TapinRadio O43 - CFD: 21/11/2015 - [] D -- C:\Users\samir\AppData\Roaming\TeamViewer O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\TechSmith O43 - CFD: 29/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\TeraCopy O43 - CFD: 06/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Thinstall O43 - CFD: 02/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Tomabo O43 - CFD: 14/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\TuneUp Software O43 - CFD: 03/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\TXWiFiDriver O43 - CFD: 08/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\uTorrent O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Video Converter Pro O43 - CFD: 03/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\videorecord O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\vlc O43 - CFD: 30/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\VOS O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\WinAVI O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\WinRAR O43 - CFD: 07/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Xilisoft O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Yandex O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\ZHP O43 - CFD: 20/12/2014 - [] D -- C:\Users\samir\AppData\Local\4kdownload.com O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Local\8pecxstudios O43 - CFD: 24/07/2015 - [0] D -- C:\Users\samir\AppData\Local\Adobe O43 - CFD: 05/07/2015 - [] D -- C:\Users\samir\AppData\Local\Ahead O43 - CFD: 31/12/2015 - [] D -- C:\Users\samir\AppData\Local\Aiseesoft Studio O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\Application Data O43 - CFD: 21/01/2015 - [] D -- C:\Users\samir\AppData\Local\ashampoo O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Local\assembly O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Local\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Local\Chromium O43 - CFD: 17/11/2014 - [0] D -- C:\Users\samir\AppData\Local\CrashDumps O43 - CFD: 18/05/2015 - [0] D -- C:\Users\samir\AppData\Local\Diagnostics O43 - CFD: 06/10/2014 - [] D -- C:\Users\samir\AppData\Local\Downloaded Installations O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Local\ElevatedDiagnostics O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieBrowserModeList O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieSiteList O43 - CFD: 24/07/2015 - [0] SHD -- C:\Users\samir\AppData\Local\EmieUserList O43 - CFD: 12/12/2015 - [] D -- C:\Users\samir\AppData\Local\ESET O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\FastStone O43 - CFD: 29/07/2014 - [] D -- C:\Users\samir\AppData\Local\Folderico O43 - CFD: 03/11/2014 - [] D -- C:\Users\samir\AppData\Local\Google O43 - CFD: 09/06/2015 - [] D -- C:\Users\samir\AppData\Local\GWX O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\History O43 - CFD: 29/12/2015 - [] D -- C:\Users\samir\AppData\Local\Ibsoft O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Local\Isoplex O43 - CFD: 16/07/2014 - [] D -- C:\Users\samir\AppData\Local\Macromedia O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Local\Mega Limited O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Local\MEGAsync O43 - CFD: 17/03/2015 - [] D -- C:\Users\samir\AppData\Local\Microsoft O43 - CFD: 17/12/2014 - [0] DC -- C:\Users\samir\AppData\Local\MigWiz O43 - CFD: 21/11/2014 - [] D -- C:\Users\samir\AppData\Local\Moonchild Productions O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Local\Movavi O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\Mozilla O43 - CFD: 11/07/2015 - [] D -- C:\Users\samir\AppData\Local\MyLanViewer O43 - CFD: 22/12/2014 - [] D -- C:\Users\samir\AppData\Local\Netscape O43 - CFD: 08/04/2015 - [] D -- C:\Users\samir\AppData\Local\node-webkit O43 - CFD: 24/07/2015 - [] D -- C:\Users\samir\AppData\Local\Opera Software O43 - CFD: 06/08/2015 - [] D -- C:\Users\samir\AppData\Local\Packages O43 - CFD: 16/11/2014 - [] D -- C:\Users\samir\AppData\Local\PCSX2 O43 - CFD: 03/01/2016 - [] D -- C:\Users\samir\AppData\Local\PopcornTimeDesktop O43 - CFD: 15/07/2014 - [] D -- C:\Users\samir\AppData\Local\Programs O43 - CFD: 04/12/2014 - [] D -- C:\Users\samir\AppData\Local\Rohos O43 - CFD: 03/08/2014 - [] D -- C:\Users\samir\AppData\Local\Skype O43 - CFD: 17/10/2014 - [] D -- C:\Users\samir\AppData\Local\TechSmith O43 - CFD: 09/01/2016 - [] D -- C:\Users\samir\AppData\Local\Temp O43 - CFD: 15/07/2014 - [0] SHD -- C:\Users\samir\AppData\Local\Temporary Internet Files O43 - CFD: 15/10/2014 - [] D -- C:\Users\samir\AppData\Local\TSR_Software_-_www.tsr-so O43 - CFD: 14/01/2015 - [] D -- C:\Users\samir\AppData\Local\TuneUp Software O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Local\VirtualStore O43 - CFD: 23/10/2014 - [] D -- C:\Users\samir\AppData\Local\VS Revo Group O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Local\WinAVI O43 - CFD: 10/11/2014 - [] D -- C:\Users\samir\AppData\Local\Yandex O43 - CFD: 05/02/2015 - [] D -- C:\Users\samir\AppData\Local\Zemana O43 - CFD: 18/03/2014 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 22/08/2013 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 11/03/2015 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 22/09/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Soft O43 - CFD: 28/01/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beyluxe Messenger O43 - CFD: 02/12/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cyberfox (x86) O43 - CFD: 06/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory O43 - CFD: 15/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hide Folders O43 - CFD: 07/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hide Folders 2012 O43 - CFD: 01/05/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 22/08/2013 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 22/12/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync O43 - CFD: 03/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My WIFI Router O43 - CFD: 14/07/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger O43 - CFD: 01/05/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Registry Trash Keys Finder O43 - CFD: 22/12/2015 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 01/11/2014 - [] HD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled O43 - CFD: 18/03/2014 - [] RD -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 10/03/2015 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer O43 - CFD: 20/11/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker O43 - CFD: 02/01/2016 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVI All-in-One Converter O43 - CFD: 09/10/2014 - [] D -- C:\Users\samir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Latest files created in Prefetcher (1) - 13s O45 - LFCP:[MD5.3074FC83EB9A0706A88445DB42835584] 29/12/2015 A -- C:\Windows\Prefetch\DRIVERGENIUS.EXE-6A44787C.pf =>.Superfluous.DriverGenius ---\\ ShellIconOverlayIdentifiers (SIOI) (6) - 0s O106 - SIOI: ###MegaShellExtPending [###MegaShellExtPending] - {056D528D-CE28-4194-9BA3-BA2E9197FF8C}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll O106 - SIOI: ###MegaShellExtSynced [###MegaShellExtSynced] - {05B38830-F4E9-4329-978B-1DD28605D202}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll O106 - SIOI: ###MegaShellExtSyncing [###MegaShellExtSyncing] - {0596C850-7BDD-4C9D-AFDF-873BE6890637}. (...) -- C:\Users\samir\AppData\Local\MEGAsync\ShellExtX32.dll O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.® O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll =>.Microsoft Corporation ---\\ System Drivers List (109) - 20s O58 - SDL:2013/08/22 05:33:26 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [86368] =>.Microsoft Windows® O58 - SDL:2015/12/19 18:44:38 A . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\drivers\Accelerometer.sys [37696] =>.Hewlett-Packard Company® O58 - SDL:2013/08/22 05:33:25 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [773472] =>.Microsoft Windows® O58 - SDL:2000/01/01 00:00:00 A . (.LSI Corporation - SoftModem Device Driver.) -- C:\Windows\System32\drivers\AGRSM.sys [1163328] =>.LSI Corporation O58 - SDL:2013/08/22 05:33:25 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [72544] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:26 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [215392] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:24 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22880] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:26 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [101728] =>.Microsoft Windows® O58 - SDL:2014/07/15 12:58:25 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [303200] =>.AVAST Software a.s.® O58 - SDL:2012/10/18 09:12:06 A . (.AuthenTec, Inc. - AuthenTec Fingerprint Sensor WBF Driver.) -- C:\Windows\System32\drivers\ATSwpWDF.sys [971752] =>.AuthenTec, Inc.® O58 - SDL:2014/09/25 18:32:08 A . (.AVG Technologies - .) -- C:\Windows\System32\drivers\avgtpx86.sys [42784] =>Toolbar.AVGSafeGuard O58 - SDL:2015/12/19 18:45:19 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [415000] =>.Broadcom Corporation® O58 - SDL:2013/10/28 16:02:14 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\drivers\bcbtums.sys [175320] =>.Broadcom Corporation® O58 - SDL:2013/08/12 23:25:32 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [16088] =>.Broadcom Corporation® O58 - SDL:2012/05/08 14:02:40 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL6.SYS [4269120] =>.Broadcom Corporation® O58 - SDL:2013/07/01 16:50:16 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\Windows\System32\drivers\BCMWL63L.SYS [4715008] =>.Broadcom Corporation O58 - SDL:2013/10/28 16:02:14 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys [144600] =>.Broadcom Corporation® O58 - SDL:2014/12/05 17:26:56 A . (...) -- C:\Windows\System32\drivers\BurnCtrl.sys [20480] O58 - SDL:2011/11/04 15:00:00 A . (.www.winchiphead.com - WDM for CH341 serial, by W.ch.) -- C:\Windows\System32\drivers\CH341SER.SYS [39696] =>.www.winchiphead.com O58 - SDL:2010/02/24 22:02:30 A . (.Hewlett-Packard Company - HP Tablet PC Key Button HID Driver.) -- C:\Windows\System32\drivers\CPQBTTN.sys [15544] =>.Hewlett-Packard Company® O58 - SDL:2015/11/16 12:21:22 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.® O58 - SDL:2015/07/30 11:41:36 A . (.ESET - ESET ELAM driver.) -- C:\Windows\System32\drivers\eelam.sys [14464] =>.Microsoft Windows Early Launch Anti-malware Publisher® O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys [146024] =>.ESET, spol. s r.o.® O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\Windows\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.® O58 - SDL:2013/03/04 09:25:00 A . (.Elaborate Bytes AG - ElbyCD Windows NT/2000/XP I/O driver.) -- C:\Windows\System32\drivers\ElbyCDIO.sys [30616] =>.Elaborate Bytes AG® O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.® O58 - SDL:2015/11/16 12:21:22 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44608] =>.ESET, spol. s r.o.® O58 - SDL:2015/11/16 12:21:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys [56944] =>.ESET, spol. s r.o.® O58 - SDL:2016/01/03 00:15:07 A . (...) -- C:\Windows\System32\drivers\EsgScanner.sys [19984] =>.Superfluous.SpyHunter O58 - SDL:2010/10/08 08:55:06 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys [25856] =>.Huawei Tech. Co., Ltd. O58 - SDL:2011/12/31 01:20:23 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys [199168] =>.Huawei Technologies Co., Ltd. O58 - SDL:2012/11/19 07:48:20 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys [379392] =>.Huawei Technologies Co., Ltd. O58 - SDL:2010/09/26 10:09:22 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys [19200] =>.Huawei Technologies Co., Ltd. O58 - SDL:2010/07/27 01:52:02 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys [102784] =>.Huawei Technologies Co., Ltd. O58 - SDL:2012/08/20 00:54:18 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys [76544] =>.Huawei Technologies Co., Ltd. O58 - SDL:2012/08/20 00:54:18 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys [96000] =>.Huawei Technologies Co., Ltd. O58 - SDL:2012/10/29 11:42:46 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys [70272] =>.Huawei Technologies Co., Ltd. O58 - SDL:2012/08/20 00:54:19 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys [27520] =>.Huawei Technologies Co., Ltd. O58 - SDL:2012/10/31 14:52:20 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys [203776] =>.Huawei Technologies Co., Ltd. O58 - SDL:2012/10/30 04:42:15 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys [11136] =>.Huawei Technologies Co., Ltd. O58 - SDL:2011/06/03 22:59:14 A . (.FSPro Labs - FSPro File System Filter.) -- C:\Windows\System32\drivers\FSPFltd2.sys [51760] {5B4C9286D5437F09B40BEE7A9F6A6DC1} =>.FSPro Labs O58 - SDL:2014/12/05 17:26:56 A . (.GiliSoft International LLC. - USB Lock Driver.) -- C:\Windows\System32\drivers\gsusblck.sys [17152] O58 - SDL:2015/12/19 18:44:38 A . (.Hewlett-Packard Company - HP Disk Filter - SATA/RAID.) -- C:\Windows\System32\drivers\hpdskflt.sys [27968] =>.Hewlett-Packard Company® O58 - SDL:2009/04/29 05:46:54 A . (.Hewlett-Packard Development Company, L.P. - HpqKbFiltr Keyboard Filter Driver.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys [15872] =>.Hewlett-Packard Development Company, L.P. O58 - SDL:2013/08/22 05:33:29 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [56672] =>.Microsoft Windows® O58 - SDL:2015/01/07 08:33:52 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] =>.Martin Malik - REALiX® O58 - SDL:2013/07/23 21:18:30 AC . (.Intel Corporation - Intel(R) Atom(TM) Processor GPIO Controller.) -- C:\Windows\System32\drivers\iaiogpio.sys [22016] =>.Intel Corporation O58 - SDL:2013/07/23 21:18:30 AC . (.Intel Corporation - Intel(R) Atom(TM) Processor I2C Controller.) -- C:\Windows\System32\drivers\iaioi2c.sys [61936] =>.Intel Corporation O58 - SDL:2013/08/10 00:39:44 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [524784] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2013/08/22 05:33:29 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [333664] =>.Microsoft Windows® O58 - SDL:2015/04/18 01:06:24 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [122432] =>.Tonec Inc.® O58 - SDL:2012/03/23 02:29:58 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4815872] =>.Intel Corporation O58 - SDL:2008/05/15 03:28:44 A . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\System32\drivers\jswpslwf.sys [20384] =>.Atheros Communications, Inc. O58 - SDL:2014/10/08 17:50:16 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi.sys [81768] =>.Beijing Kingsoft Security software Co.,Ltd® O58 - SDL:2014/10/08 17:50:17 A . (.Kingsoft Corporation - Kingsoft KSAPI Module.) -- C:\Windows\System32\drivers\ksapi64.sys [56680] =>.Beijing Kingsoft Security software Co.,Ltd® O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [94048] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [79712] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [68960] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [69472] =>.Microsoft Windows® O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation® O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] =>.Malwarebytes Corporation® O58 - SDL:2016/01/09 19:00:30 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] =>.Malwarebytes Corporation® O58 - SDL:2013/08/22 05:33:30 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51552] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:29 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [464736] =>.Microsoft Windows® O58 - SDL:2010/08/05 23:42:34 A . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\drivers\mod7700.sys [861696] O58 - SDL:2013/08/22 05:33:32 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [58208] =>.Microsoft Windows® O58 - SDL:2015/10/05 09:50:20 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] =>.Malwarebytes Corporation® O58 - SDL:2013/06/18 18:30:37 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28u.sys [1696528] =>.Mediatek Inc.® O58 - SDL:2013/03/01 01:48:42 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] =>.Riverbed Technology, Inc.® O58 - SDL:2013/08/22 05:33:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [120160] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:33 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [141664] =>.Microsoft Windows® O58 - SDL:2014/12/05 17:27:07 A . (.Gili Soft Inc. - EXE Lock Kernel Modual.) -- C:\Windows\System32\drivers\ProgLock.sys [35712] O58 - SDL:2009/12/30 10:21:18 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [27192] =>.VS Revo Group® O58 - SDL:2009/06/26 07:21:54 R . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187.sys [346624] =>.Realtek Semiconductor Corporation O58 - SDL:2013/04/18 08:51:04 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [113608] =>.Power Software Ltd® O58 - SDL:2013/08/22 08:16:47 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2013/08/22 05:32:56 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [41312] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:32:57 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [79200] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:32:57 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [26976] =>.Microsoft Windows® O58 - SDL:2010/06/04 00:18:58 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [1303728] =>.Synaptics Incorporated® O58 - SDL:2013/08/22 12:40:22 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [35288] =>.OpenVPN Technologies, Inc.® O58 - SDL:2014/12/01 09:18:42 A . (.Nanjing Tongxiang Network Technology Co.,LTD - TX WiFi NAT Driver.) -- C:\Windows\System32\drivers\txwifinat.sys [31152] {6AC8AF24C602CB90FE71875F1C4CEC80} O58 - SDL:2007/09/23 23:00:00 A . (.WCH - WDM for USB serial, by W.ch.) -- C:\Windows\System32\drivers\USBSER34.SYS [37456] O58 - SDL:2015/07/20 12:50:16 A . (.Gili Soft INC. - USB Stick Encryption Driver.) -- C:\Windows\System32\drivers\usedisk.sys [17408] O58 - SDL:2014/09/09 18:34:28 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [741488] =>.Oracle Corporation® O58 - SDL:2014/09/09 18:32:52 A . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\drivers\VBoxNetAdp.sys [117272] =>.Oracle Corporation® O58 - SDL:2012/12/19 14:35:16 A . (.Oracle Corporation - VirtualBox USB Driver.) -- C:\Windows\System32\drivers\VBoxUSB.sys [84904] =>.Oracle Corporation® O58 - SDL:2014/09/09 18:32:52 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [105472] =>.Oracle Corporation® O58 - SDL:2013/07/24 15:03:04 A . (.Elaborate Bytes AG - Virtual CloneDrive storage miniport.) -- C:\Windows\System32\drivers\VClone.sys [29696] =>.Elaborate Bytes AG O58 - SDL:2013/08/22 05:33:00 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [18272] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:01 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\drivers\vsmraid.sys [148832] =>.Microsoft Windows® O58 - SDL:2013/08/22 05:33:01 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [276832] =>.Microsoft Windows® O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO.SYS [33968] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO404.SYS [34688] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO412.SYS [35552] O58 - SDL:2015/01/28 20:53:14 A . (...) -- C:\Windows\System32\NTIO804.SYS [34688] O58 - SDL:2013/08/26 10:52:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [15576] =>.MiniTool Solution Ltd® O58 - SDL:2013/08/26 10:52:50 N . (...) -- C:\Windows\System32\pwdspio.sys [10200] =>.MiniTool Solution Ltd® ---\\ Last modified or created user files (1) - 49s O61 - LFC: 2016/01/05 11:20:23 A . (..) -- C:\Users\samir\AppData\Local\Microsoft\Windows\2057\StructuredQuerySchema.bin [375495] ---\\ File Associations Shell Spawning (11) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.8pecxstudios - Cyberfox.) -- C:\Program Files\Cyberfox\Cyberfox.exe {275F7B4841402DE0F41C8CCF30795AC2} =>.8pecxstudios ---\\ Start Menu Internet (16) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd. O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\Launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialisation Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon3\Bin\Maxthon.exe =>.Maxthon International ltd. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Launcher.) -- C:\Program Files\Opera\launcher.exe =>.Opera Software ---\\ Search Browser Infection (4) - 7s O69 - SBI: prefs.js [samir - fjqwa8wn.default] user_pref("avg.install.newtab", true); =>Toolbar.AVGSearch O69 - SBI: prefs.js [samir - fjqwa8wn.default] user_pref("browser.search.order.1", "Ask.com"); =>Toolbar.Ask O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Yandex) - http://yandex.ru/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Search Svchost Services (36) - 2s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [161792] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) -- C:\Windows\System32\certprop.dll [126976] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smart card Certificate Propagatio.) -- C:\Windows\System32\certprop.dll [126976] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [250368] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1212928] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [734208] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [822784] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Log-on Service DLL.) -- C:\Windows\System32\seclogon.dll [24064] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [89600] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [115712] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [93696] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [1015808] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [185856] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [74752] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [108032] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [191488] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [296448] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [75264] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [41984] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\System32\wlidsvc.dll [1245184] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [367104] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [297984] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [167424] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\NcaSvc.dll [142848] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [95232] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [461824] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [183296] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [58368] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [390144] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [254464] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [3066880] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [734208] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [576512] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [155648] =>.Microsoft Corporation O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [76096] =>.Microsoft Windows® ---\\ Firewall Active Exception List (5) - 4s O87 - FAEL: "{DC64C73B-6AED-46D8-9FC3-62F85CC808DE}" [In-None-P17-TRUE] .(.Tx-Network - My WIFI Router.) -- C:\Program Files\Wi-Fi\Wi-Fi.exe {6AC8AF24C602CB90FE71875F1C4CEC80} O87 - FAEL: "{17FF39AF-6791-4F04-871B-8582E55D6C71}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe O87 - FAEL: "{D6861116-1C48-4A36-8F9F-64932EC4ED3B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe O87 - FAEL: "{53B50F2C-1871-446A-8D2F-053C9D0DB517}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe O87 - FAEL: "{26AC10E5-0E72-4B89-A686-8B98CBAC735B}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Popcorn Time\PopcornTimeDesktop.exe ---\\ Services not Microsoft (SR=Run, SS=Stop) (30) - 64s SS - Demand [29/12/2015] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [04/11/2015] [ 827680] Advanced SystemCare Service 9 (AdvancedSystemCareService9) . (.IObit.) - C:\Program Files\IObit\Advanced SystemCare\ASCService.exe =>.IObit Information Technology® SR - Auto [01/01/2000] [ 26112] Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agrsmsvc.exe =>.LSI Corporation® SR - Auto [28/10/2013] [ 1680088] @oem2.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Manageme (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe =>.Broadcom Corporation® SS - Demand [12/01/2010] [ 227896] Com4QLBEx (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe =>.Hewlett-Packard Company® SR - Auto [19/11/2015] [ 1983424] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.® SR - Auto [06/10/2014] [ 69408] FSPro Filter Service 2 (fsproflt2) . (.FSPro Labs.) - C:\Windows\System32\fsproflt2.exe {7B6CC6957166C29858134F621F7124F8} =>.FSPro Labs SS - Demand [30/04/2009] [ 229944] hpqwmiex (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe =>.Hewlett-Packard Company® SR - Auto [19/12/2015] [ 27968] @oem54.inf,%hpservice_desc%;HP Service (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe =>.Hewlett-Packard Company® SR - Auto [14/03/2011] [ 271712] HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2008.) - C:\ProgramData\DatacardService\HWDeviceService.exe =>.HUAWEI Technologies Co., Ltd.® SR - Auto [26/09/2008] [ 188416] JumpStart Push-Button Service (jswpbapi) . (.Atheros Communications, Inc..) - C:\Program Files\Jumpstart\jswpbapi.exe =>.Atheros Communications, Inc. SS - Demand [26/09/2008] [ 954368] JumpStart Wi-Fi Protected Setup (jswpsapi) . (.Atheros Communications, Inc..) - C:\Program Files\Jumpstart\jswpsapi.exe =>.Atheros Communications, Inc. SR - Auto [10/11/2015] [ 2934048] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe =>.IObit Information Technology® SR - Auto [27/11/2015] [ 1872808] Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon.) - C:\Program Files\Maxthon3\Modules\Service\Update\MaxthonUpdateSvc.exe =>.Maxthon (Asia) Limited.® SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® SR - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® SS - Auto [12/11/2012] [ 657504] Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - C:\Program Files\Modem HDM EC156\UpdateDog\ouc.exe =>.Huawei Technologies Co., Ltd.® SS - Demand [24/07/2015] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [18/11/2014] [ 47464] MyWiFiRouterDHCP (MyWiFiRouterDHCP) . (...) - C:\Program Files\Wi-Fi\WiFiGxSvc.exe {6AC8AF24C602CB90FE71875F1C4CEC80} SS - Demand [29/06/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG® SS - Demand [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe =>.Nero AG® SS - Demand [14/11/2011] [ 442136] PCAutoShutdown_Service (PCAutoShutdown_Service) . (.GoldSolution Software, Inc..) - C:\Program Files\PC Auto Shutdown\ShutdownService.exe {5FDAFF1C5F7FF6330F6090FAA6CA4C47} SS - Demand [30/06/2009] [ 40960] Realtek87L (Realtek87L) . (.Realtek.) - C:\Program Files\REALTEK\RTL8187 Wireless LAN Utility\RtlService.exe =>.Realtek SS - Demand [01/03/2013] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files\WinPcap\rpcapd.exe =>.Riverbed Technology, Inc.® SS - Demand [03/04/2014] [ 315008] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [21/09/2015] [ 1055008] StartMenu8 Service (StartMenuService) . (.IObit.) - C:\Program Files\IObit\Start Menu 8\StartMenuServices.exe =>.IObit Information Technology® SR - Auto [22/03/2013] [ 91944] ULService (ULService) . (...) - C:\Program Files\GiliSoft\USB Lock\ULService.exe SR - Auto [19/10/2015] [ 339968] (Update service) . (.Popcorn Time.) - C:\Program Files\Popcorn Time\Updater.exe =>.Popcorn Time SS - Demand [25/09/2014] [ 1820184] (vToolbarUpdater18.1.9) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe =>Toolbar.AVGSafeGuard ---\\ Additional Scan (O88) (26) - 0s C:\Windows\System32\Tasks\AutoKMS =>HackTool.AutoKMS C:\Windows\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico C:\Windows\System32\Tasks\LaunchSignup =>PUP.Optional.MyPCBackup C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver =>PUP.Optional.DriverReviver HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1 =>Toolbar.QuickStores HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Reviver =>PUP.Optional.DriverReviver HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1 =>Toolbar.QuickStores HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch HKLM\SOFTWARE\Systweak =>Superfluous.Systweak HKCU\SOFTWARE\APN PIP =>PUP.Optional.Conduit C:\Program Files\KMSpico =>HackTool.KMSpico C:\ProgramData\APN =>Toolbar.Ask C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS C:\ProgramData\Systweak =>Superfluous.Systweak C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} =>PUP.Optional.Generic C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch C:\Users\samir\AppData\Roaming\Easeware =>.Superfluous.Easeware C:\Users\samir\AppData\Roaming\QuickStoresToolbar =>Toolbar.QuickStores C:\Users\samir\AppData\Roaming\RHEng =>PUP.Optional.Conduit C:\Users\samir\AppData\Roaming\systweak =>Superfluous.Systweak C:\Users\samir\AppData\Local\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard C:\Windows\Prefetch\DRIVERGENIUS.EXE-6A44787C.pf =>.Superfluous.DriverGenius ---\\ Summary of the elements found (14) - 0s http://www.nicolascoolman.fr/?p=1804 =>HackTool.AutoKMS http://www.nicolascoolman.fr/?p=989 =>HackTool.KMSpico http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BDYahoo http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.DriverReviver http://www.nicolascoolman.fr/?p=4664 =>Toolbar.QuickStores http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSearch http://www.nicolascoolman.fr/pup-systweak/ =>Superfluous.Systweak http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit http://www.nicolascoolman.fr/?p=235 =>Toolbar.Ask http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.Easeware http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSafeGuard http://www.nicolascoolman.fr/?p=4664 =>.Superfluous.DriverGenius ~ End of the scan, 21236 items in 00h04mn55s (1148)(0)