~ ZHPDiag v2016.3.26.75 By Nicolas Coolman (2016/03/26) ~ Run by sama office (Administrator) (2016/03/26 14:46:12) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\sama office\Desktop\ZHPDiag.txt ~ Report: C:\Users\sama office\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (4) - 0s GCIE: Google Chrome v49.0.2623.87 MFIE: Mozilla Firefox 43.0.4 (x86 ar) OPIE: Opera 36.0.2130.32 MSIE: Internet Explorer v8.0.7601.17514 ---\\ Windows Product Information (4) - 3s ~ Windows Server License Manager Script : OK System - VBScript Engine not found Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System protection software (1) - 1s Malwarebytes Anti-Malware version 2.2.1.1043 ---\\ System protection software (Superfluous) (1) - 1s McAfee Security Scan Plus v3.11.292.3 ---\\ System optimization software (1) - 1s CCleaner v3.16 ---\\ Surveillance software (2) - 1s Adobe Flash Player 19 PPAPI Adobe Reader XI ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8106.352 MB (70% free) System Restore: Activé (Enable) System drive C: has 61 GB () free of 239 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: SAMAOFFICE-PC ~ User Name: sama office ~ Logged in as Administrator ---\\ Enumeration of the disk units (5) - 0s ~ Drive C: has 61 GB free of 239 GB (System) ~ Drive D: has 68 GB free of 239 GB ~ Drive E: has 69 GB free of 239 GB ~ Drive F: has 32 GB free of 233 GB ~ Drive G: has 14 GB free of 29 GB ---\\ State of the Windows Security Center (10) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (25) - 0s [MD5.AC4C51EB24AA95B77F705AB159189E24] - 21/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation [MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation [MD5.F6C5302E1F4813D552F41A0AC82455E5] - 21/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 21/11/2010 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation [MD5.067FA52BFB59A56110A12312EF9AF243] - 21/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation [MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 21/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation [MD5.59DF156711A76BCB993253EC6C9BBF41] - 21/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 21/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows® [MD5.B8BD2BB284668C84865658C77574381A] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.F036CE71586E93D94DAB220D7BDF4416] - 21/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 21/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 21/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation [MD5.FAF015B07E3A2874A790A39B7D2C579F] - 21/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation [MD5.09594D1089C523423B32A4229263F068] - 21/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation [MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 21/11/2010 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Windows® [MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation [MD5.471815800AE33E6F1C32FB1B97C490CA] - 21/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation [MD5.1B6163C503398B23FF8B939C67747683] - 21/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 21/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 21/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (5) - 1s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: (MBAMScheduler) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® ---\\ Services not Microsoft (SR=Run, SS=Stop) (17) - 11s SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Disabl [05/12/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SS - Disabl [17/11/2009] [ 98208] Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe =>.Andrea Electronics® SS - Disabl [16/09/2014] [ 239616] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe =>.AMD SS - Disabl [26/09/2014] [ 551896] Application Driver Auto Removal Service (01) (appdrvrem01) . (.Protection Technology.) - C:\Windows\System32\appdrvrem01.exe =>.Protection Technology SR - Auto [30/08/2011] [ 462184] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SS - Disabl [20/08/2014] [ 280680] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - pGFX® SS - Auto [29/08/2015] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [29/08/2015] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Disabl [20/08/2014] [ 318568] Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe =>.Intel Corporation SR - Auto [10/03/2016] [ 1514464] (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® SR - Auto [10/03/2016] [ 1136608] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® SS - Demand [05/02/2016] [ 293128] McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe =>.McAfee, Inc.® SS - Disabl [13/01/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SS - Disabl [08/01/2014] [ 290520] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp® SS - Disabl [03/04/2014] [ 315008] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® ---\\ Task Planned Automatically (19) - 3s [MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] (.Activate.) =>.Adobe Systems, Incorporated® [MD5.00000000000000000000000000000000] [APT] [Adobe Flash Player PPAPI Notifier] (...) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.91B88B8845AE709EB780D372372A0BBF] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269000] (.Activate.) =>.Adobe Systems Incorporated® [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.2A5C656B0A364580E578B26EAE2EE889] [APT] [klcp_update] (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1173504] (.Activate.) [MD5.A1893180CC1AE9763CDAA06D544843C9] [APT] [Opera scheduled Autoupdate 1411730159] (.Opera Software.) -- C:\Program Files (x86)\Opera\launcher.exe [695848] (.Activate.) =>.Opera Software ASA® [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [Apple\] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984] (.Activate.) =>.Apple Inc.® O39 - APT: Adobe Flash Player PPAPI Notifier - (...) -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [892] (.Orphean.) =>.Superfluous.Orphean O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [838] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [842] =>.Google Inc® O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems, Incorporated® O39 - APT: Adobe Flash Player PPAPI Notifier - (...) -- C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier [3908] (.Orphean.) =>.Superfluous.Orphean O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] =>.Adobe Systems Incorporated® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3586] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3838] =>.Google Inc® O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\klcp_update [3712] O39 - APT: Opera scheduled Autoupdate 1411730159 - (.Opera Software.) -- C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1411730159 [3856] =>.Opera Software ASA® ---\\ Process running (27) - 0s [MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.1424] =>.Adobe Systems, Incorporated® [MD5.EBBCD5DFBB1DE70E8F4AF8FA59E401FD] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462184] [PID.1544] =>.Apple Inc.® [MD5.9611577752E293259C7DCE19E9026362] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464] [PID.1588] =>.Malwarebytes Corporation® [MD5.F1A89A34388B5626F1548D393B23ECB1] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608] [PID.1672] =>.Malwarebytes Corporation® [MD5.357CABBF155AFD1D3926E62539D2A3A7] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480] [PID.1876] =>.Microsoft Corporation® [MD5.D790CAFEFF0291D0AF8C76F5A1EE2E4E] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [223488] [PID.2032] =>.Microsoft Corporation® [MD5.8E98E3EC16D2641005B4748CD330FB45] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [9926112] [PID.1496] =>.Malwarebytes Corporation® [MD5.ABF64234F3462571E66527828040219B] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe [252232] [PID.2844] =>.Google Inc® [MD5.2E6215108125A42160A1EC17208A50F0] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe [313672] [PID.2972] =>.Google Inc® [MD5.89144ED117C1D506AE3AB6D0E12F4D4B] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe [2094080] [PID.3560] =>.BitTorrent Inc® [MD5.3AE97CB476F6DF4DFA0B4378E9DD9A81] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3898960] [PID.3648] =>.Tonec Inc. [MD5.D425C962A27E01583084CA6AB175E552] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe [334088] [PID.3720] =>.McAfee, Inc.® [MD5.A31CFF26B3A73BAA93DD59BD062FFEE3] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743136] [PID.3132] =>.Wondershare Software Co., Ltd. ® [MD5.FCEC6F664FA7E5FE323165FBC9314470] - (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040] [PID.3332] =>.Oracle America, Inc.® [MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] [PID.772] =>.Adobe Systems, Incorporated® [MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.2984] =>.Tonec Inc.® [MD5.25B6F764C7201ABD6672AAB425F48019] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\sama office\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe [335872] [PID.3640] =>.BitTorrent Inc. [MD5.25B6F764C7201ABD6672AAB425F48019] - (.BitTorrent Inc. - WebHelper.) -- C:\Users\sama office\AppData\Roaming\uTorrent\updates\3.4.5_41865\utorrentie.exe [335872] [PID.2920] =>.BitTorrent Inc. [MD5.6A7D18C7DF17EAD9ED0DD6278DBE22AA] - (.Oracle Corporation - Java Update Checker.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe [923184] [PID.3028] =>.Oracle America, Inc.® [MD5.A72B4A83E277C04817A1B52D27790DC9] - (.DRD Systems, Inc. - VideoRedo.exe.) -- C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe [3002264] [PID.3848] {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. [MD5.6298F3ACEEC7DCF7F454B2B0D93FCDD0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\sama office\ZHPDiag3.exe [2162688] [PID.4172] =>.Nicolas Coolman [MD5.C8A299BB91912D446F19EA4BD4D135C7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.4336] =>.Google Inc® [MD5.C8A299BB91912D446F19EA4BD4D135C7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.4864] =>.Google Inc® [MD5.C8A299BB91912D446F19EA4BD4D135C7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.1792] =>.Google Inc® [MD5.C8A299BB91912D446F19EA4BD4D135C7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.3152] =>.Google Inc® [MD5.C8A299BB91912D446F19EA4BD4D135C7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.3876] =>.Google Inc® [MD5.C8A299BB91912D446F19EA4BD4D135C7] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [874136] [PID.3696] =>.Google Inc® ---\\ Google Chrome, Start,Search,Extensions (9) - 0s G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (12) - 1s P2 - EXT: (...) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\QuickTimePlugin.class P2 - EXT FILE: (...) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\mp4downloader@jeff.net.xpi P2 - EXT FILE: (...) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\vdpure@link64.xpi P2 - EXT FILE: (...) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi P2 - EXT FILE: (...) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\YouTubetoALL@ALLPlayer.org.xpi P2 - EXT FILE: (...) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\{43b26f4e-bf58-4e63-a91c-bb4388f26f66}.xpi P2 - EXT FILE: (...) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi P2 - EXT FILE: (...) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla P2 - EXT: (. - Flash Video Downloader - YouTube HD Download [4K].) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\artur.dubovoy@gmail.com P2 - EXT: (. - Youtube Downloader - 4K Download.) -- C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\extensions\paulsaintuzb@gmail.com P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll =>.Adobe Systems Incorporated ---\\ Internet Explorer Extensions, Start, Search (9) - 0s R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKEY_USERS\S-1-5-21-3855221253-3299819671-4228833451-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (5) ---\\ Browser Helper Object (BHO) (3) - 1s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll =>.Microsoft Corporation® O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll =>.Oracle America, Inc.® ---\\ Auto loading programs from Registry and folders (18) - 0s O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd® O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [UVS12 Preload] . (.Corel TW Corp. - Corel VideoStudio.) -- C:\Program Files (x86)\Corel\Corel VideoStudio 12\uvPL.exe =>.Corel Corporation® O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe =>.Apple Inc. O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe =>.Wondershare Software Co., Ltd. ® O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc.® O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle America, Inc.® O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated® O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3855221253-3299819671-4228833451-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - HKUS\S-1-5-21-3855221253-3299819671-4228833451-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd® O4 - HKUS\S-1-5-21-3855221253-3299819671-4228833451-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKUS\S-1-5-21-3855221253-3299819671-4228833451-1000\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (.not file.) ---\\ Global shortcuts Startup (91) - 5s O4 - GS\Desktop [Administrator]: EasiestSoft Movie Editor 4.1.0.lnk . (...) C:\Program Files (x86)\EasiestSoft\Movie Editor\videoeditor.exe {166DAF8F034BBD9BE8EBE24044970524} O4 - GS\Desktop [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Desktop [Administrator]: Moo0 Video Cutter 1.07.lnk . (.Moo0 - Moo0 VideoCutter.) C:\Program Files (x86)\Moo0\VideoCutter 1.07\VideoCutter.exe O4 - GS\Desktop [Administrator]: PhotoshopCS6Portable - Shortcut.lnk . (.PortableAppZ.blogspot.com - Adobe Photoshop CS6 Portable.) D:\New folder (3)\PhotoshopPortable\PhotoshopCS6Portable.exe =>.PortableAppZ.blogspot.com O4 - GS\Desktop [Administrator]: Subtitle Edit.lnk . (.Nikse - SubtitleEdit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [Administrator]: Subtitle Workshop.lnk . (...) D:\Subtitle Workshop\SubtitleWorkshop.exe O4 - GS\Desktop [Administrator]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\sama office\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Administrator]: Apple Safari.lnk . (...) C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [Administrator]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\sama office\AppData\Roaming\BitTorrent\BitTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Administrator]: EasiestSoft Movie Editor 4.1.0.lnk . (...) C:\Program Files (x86)\EasiestSoft\Movie Editor\videoeditor.exe {166DAF8F034BBD9BE8EBE24044970524} O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE {1472BF5317E0965C879EF989EB6864AD} =>.Gretech Corp. O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrator]: Subtitle Workshop.lnk . (...) D:\Subtitle Workshop\SubtitleWorkshop.exe O4 - GS\Quicklaunch [Administrator]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\Quicklaunch [Administrator]: WinX HD Video Converter Deluxe.lnk . (.Digiarty Software, Inc. - WinX HD Video Converter Deluxe.) C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\WinX_HD_Video_Converter_Deluxe.exe =>.Digiarty, Inc.® O4 - GS\Quicklaunch [Administrator]: Xilisoft Video Converter Ultimate.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe =>.xilisoft corporation® O4 - GS\Quicklaunch [Administrator]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - GS\Quicklaunch [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrator]: Media Player Classic (x64).lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team O4 - GS\TaskBar [Administrator]: Moo0 Video Cutter 1.07.lnk . (.Moo0 - Moo0 VideoCutter.) C:\Program Files (x86)\Moo0\VideoCutter 1.07\VideoCutter.exe O4 - GS\TaskBar [Administrator]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [Administrator]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\TaskBar [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Desktop [Guest]: EasiestSoft Movie Editor 4.1.0.lnk . (...) C:\Program Files (x86)\EasiestSoft\Movie Editor\videoeditor.exe {166DAF8F034BBD9BE8EBE24044970524} O4 - GS\Desktop [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Desktop [Guest]: Moo0 Video Cutter 1.07.lnk . (.Moo0 - Moo0 VideoCutter.) C:\Program Files (x86)\Moo0\VideoCutter 1.07\VideoCutter.exe O4 - GS\Desktop [Guest]: PhotoshopCS6Portable - Shortcut.lnk . (.PortableAppZ.blogspot.com - Adobe Photoshop CS6 Portable.) D:\New folder (3)\PhotoshopPortable\PhotoshopCS6Portable.exe =>.PortableAppZ.blogspot.com O4 - GS\Desktop [Guest]: Subtitle Edit.lnk . (.Nikse - SubtitleEdit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [Guest]: Subtitle Workshop.lnk . (...) D:\Subtitle Workshop\SubtitleWorkshop.exe O4 - GS\Desktop [Guest]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\sama office\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Guest]: Apple Safari.lnk . (...) C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [Guest]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\sama office\AppData\Roaming\BitTorrent\BitTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Guest]: EasiestSoft Movie Editor 4.1.0.lnk . (...) C:\Program Files (x86)\EasiestSoft\Movie Editor\videoeditor.exe {166DAF8F034BBD9BE8EBE24044970524} O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE {1472BF5317E0965C879EF989EB6864AD} =>.Gretech Corp. O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Guest]: Subtitle Workshop.lnk . (...) D:\Subtitle Workshop\SubtitleWorkshop.exe O4 - GS\Quicklaunch [Guest]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\Quicklaunch [Guest]: WinX HD Video Converter Deluxe.lnk . (.Digiarty Software, Inc. - WinX HD Video Converter Deluxe.) C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\WinX_HD_Video_Converter_Deluxe.exe =>.Digiarty, Inc.® O4 - GS\Quicklaunch [Guest]: Xilisoft Video Converter Ultimate.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe =>.xilisoft corporation® O4 - GS\Quicklaunch [Guest]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - GS\Quicklaunch [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Guest]: Media Player Classic (x64).lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team O4 - GS\TaskBar [Guest]: Moo0 Video Cutter 1.07.lnk . (.Moo0 - Moo0 VideoCutter.) C:\Program Files (x86)\Moo0\VideoCutter 1.07\VideoCutter.exe O4 - GS\TaskBar [Guest]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [Guest]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\TaskBar [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Desktop [sama office]: EasiestSoft Movie Editor 4.1.0.lnk . (...) C:\Program Files (x86)\EasiestSoft\Movie Editor\videoeditor.exe {166DAF8F034BBD9BE8EBE24044970524} O4 - GS\Desktop [sama office]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Desktop [sama office]: Moo0 Video Cutter 1.07.lnk . (.Moo0 - Moo0 VideoCutter.) C:\Program Files (x86)\Moo0\VideoCutter 1.07\VideoCutter.exe O4 - GS\Desktop [sama office]: PhotoshopCS6Portable - Shortcut.lnk . (.PortableAppZ.blogspot.com - Adobe Photoshop CS6 Portable.) D:\New folder (3)\PhotoshopPortable\PhotoshopCS6Portable.exe =>.PortableAppZ.blogspot.com O4 - GS\Desktop [sama office]: Subtitle Edit.lnk . (.Nikse - SubtitleEdit.) C:\Program Files (x86)\Subtitle Edit\SubtitleEdit.exe =>.Nikse O4 - GS\Desktop [sama office]: Subtitle Workshop.lnk . (...) D:\Subtitle Workshop\SubtitleWorkshop.exe O4 - GS\Desktop [sama office]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\Desktop [sama office]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\sama office\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [sama office]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [sama office]: Apple Safari.lnk . (...) C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - GS\Quicklaunch [sama office]: BitTorrent.lnk . (.BitTorrent Inc. - BitTorrent.) C:\Users\sama office\AppData\Roaming\BitTorrent\BitTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [sama office]: EasiestSoft Movie Editor 4.1.0.lnk . (...) C:\Program Files (x86)\EasiestSoft\Movie Editor\videoeditor.exe {166DAF8F034BBD9BE8EBE24044970524} O4 - GS\Quicklaunch [sama office]: GOM Player.lnk . (.Gretech Corp. - GOM Player.) C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE {1472BF5317E0965C879EF989EB6864AD} =>.Gretech Corp. O4 - GS\Quicklaunch [sama office]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [sama office]: Subtitle Workshop.lnk . (...) D:\Subtitle Workshop\SubtitleWorkshop.exe O4 - GS\Quicklaunch [sama office]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\Quicklaunch [sama office]: WinX HD Video Converter Deluxe.lnk . (.Digiarty Software, Inc. - WinX HD Video Converter Deluxe.) C:\Program Files (x86)\Digiarty\WinX_HD_Video_Converter_Deluxe\WinX_HD_Video_Converter_Deluxe.exe =>.Digiarty, Inc.® O4 - GS\Quicklaunch [sama office]: Xilisoft Video Converter Ultimate.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\vcloader.exe =>.xilisoft corporation® O4 - GS\Quicklaunch [sama office]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - GS\Quicklaunch [sama office]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\sendTo [sama office]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [sama office]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [sama office]: Media Player Classic (x64).lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team O4 - GS\TaskBar [sama office]: Moo0 Video Cutter 1.07.lnk . (.Moo0 - Moo0 VideoCutter.) C:\Program Files (x86)\Moo0\VideoCutter 1.07\VideoCutter.exe O4 - GS\TaskBar [sama office]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\TaskBar [sama office]: VideoReDo TVSuite.lnk . (.DRD Systems, Inc. - VideoRedo.exe.) C:\Program Files (x86)\VideoReDoTVSuite\VideoReDo3.exe {0CC0A53EAA4FEE5E7A556ABC59C0CF39} =>.DRD Systems, Inc. O4 - GS\TaskBar [sama office]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\sama office\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\CommonDesktop [Public]: Allok Video to MP4 Converter.lnk . (...) C:\Program Files (x86)\Allok Video to MP4 Converter\Allok Video to MP4 Converter.exe O4 - GS\CommonDesktop [Public]: BluffTitler.lnk . (.Outerspace Software - BluffTitler.) C:\Outerspace Software\BluffTitler\BluffTitler.exe O4 - GS\CommonDesktop [Public]: Corel VideoStudio 12.lnk . (.Corel TW Corp. - Corel VideoStudio.) C:\Program Files (x86)\Corel\Corel VideoStudio 12\vstudio.exe =>.Corel Corporation® O4 - GS\CommonDesktop [Public]: Intel(R) HD Graphics Control Panel.lnk . (.Intel Corporation - GFXUIEX Module.) C:\Windows\system32\GfxUIEx.exe =>.Intel Corporation - pGFX® O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation® O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O4 - GS\CommonDesktop [Public]: Wondershare Fantashow.lnk . (.Wondershare - .) C:\Program Files (x86)\Wondershare\Fantashow\Fantashow.exe =>.Wondershare Software Co., Ltd. ® O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.) C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe =>.McAfee, Inc.® O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (2) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{1C453518-AAAD-44FC-91AD-D924275F57D3}: DhcpNameServer = 192.168.0.1 ---\\ Extra protocols (26) - 1s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll =>.Microsoft Corporation® O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation® O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (90) - 13s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM][64Bits] -- 7-Zip O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000} =>.Igor Pavlov O42 - Logiciel: AC3Filter (remove only) - (...) [HKLM][64Bits] -- AC3Filter O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 19 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Reader XI (11.0.15) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {D34598D1-07B8-4EB6-AD9A-DBDF58FFC19F} =>.Adobe Systems, Inc O42 - Logiciel: Aegisub 3.2.1 - (.Aegisub Team.) [HKLM][64Bits] -- {24BC8B57-716C-444F-B46B-A3349B9164C5}_is1 =>.Aegisub Team O42 - Logiciel: Allok Video Converter 4.6.1217 - (.Allok Soft Inc..) [HKLM][64Bits] -- Allok Video Converter_is1 O42 - Logiciel: Allok Video to MP4 Converter 6.2.0603 - (.Allok Soft Inc.) [HKLM][64Bits] -- Allok Video to MP4 Converter_is1 O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc. O42 - Logiciel: AVI ReComp 1.5.5 - (.Mateusz Gola (aka Prozac).) [HKLM][64Bits] -- AVI ReComp O42 - Logiciel: AviSynth 2.5 - (...) [HKLM][64Bits] -- AviSynth O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- BitTorrent =>.BitTorrent Inc® O42 - Logiciel: BluffTitler - (.Outerspace Software.) [HKLM][64Bits] -- BluffTitler O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} =>.Apple Inc. O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: Corel VideoStudio 12 - (.Corel Corporation.) [HKLM][64Bits] -- InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875} =>.Corel Corporation O42 - Logiciel: Cute Video Cutter 1.6.0.1 - (...) [HKLM][64Bits] -- Cute Video Cutter_is1 O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd® O42 - Logiciel: EasiestSoft Movie Editor 4.1.0 - (.EasiestSoft International LLC..) [HKLM][64Bits] -- {8BB65DEC-BE2C-EB66-7595-ADAE2D710380}_is1 O42 - Logiciel: FIFA 11 - (.Electronic Arts.) [HKLM][64Bits] -- {3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C} =>.Electronic Arts O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM][64Bits] -- GOM Player =>.Gretech Corporation O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>.Google Inc. O42 - Logiciel: ImageShack Uploader 2.2.0 - (.ImageShack Corp..) [HKLM][64Bits] -- {8BCD7AE7-F713-4D50-BAB9-7839B9386870} O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} =>.Intel Corporation® O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {BE77874C-0353-49DF-A5BC-36A8FE51D95E} =>.Intel Corporation O42 - Logiciel: Intel(R) ME UninstallLegacy - (.Intel Corporation.) [HKLM][64Bits] -- {F43C7651-A7CB-49EF-8AF4-40630849FF29} =>.Intel Corporation O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: Java 8 Update 25 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218025F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 65 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218065F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: K-Lite Mega Codec Pack 10.8.0 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM][64Bits] -- McAfee Security Scan =>.McAfee, Inc.® O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Moo0 Video Cutter 1.07 - (...) [HKLM][64Bits] -- Moo0 VideoCutter O42 - Logiciel: Mozilla Firefox 43.0.4 (x86 ar) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 43.0.4 (x86 ar) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: MP4 Cutter 1.0 - (.spgsoft.com.) [HKLM][64Bits] -- MP4 Cutter_is1 =>.spgsoft.com O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {24DB3A5E-0BC8-11E5-9A27-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft O42 - Logiciel: Ontrack EasyRecovery Enterprise - (.Kroll Ontrack Inc..) [HKLM][64Bits] -- Ontrack EasyRecovery Enterprise_is1 O42 - Logiciel: Opera Stable 36.0.2130.32 - (.Opera Software.) [HKLM][64Bits] -- Opera 36.0.2130.32 =>.Opera Software ASA® O42 - Logiciel: PES 2016 PESEdit v1.0 Patch By Minosta4u - (...) [HKLM][64Bits] -- PES 2016 PESEdit v1.0 Patch By Minosta4u O42 - Logiciel: PhotoLine 18.0.0.0 - (.Computerinsel GmbH.) [HKLM][64Bits] -- PhotoLine_is1 =>.Computerinsel GmbH O42 - Logiciel: Pro Evolution Soccer 2010 - (.KONAMI.) [HKLM][64Bits] -- {283FFB23-8751-4B08-ACB8-5E0F8BCF7727} =>.Konami O42 - Logiciel: Pro Evolution Soccer 2012 - (.KONAMI.) [HKLM][64Bits] -- {E737A098-F161-4B6F-AF22-86AAE34F6FBD} =>.Konami O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- Pro Evolution Soccer 2015_is1 O42 - Logiciel: Pro Evolution Soccer 2015 Update v1.05 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1 O42 - Logiciel: Pro Evolution Soccer 2016 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1 O42 - Logiciel: QuickTime 7 - (.Apple Inc..) [HKLM][64Bits] -- {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} =>.Apple Inc. O42 - Logiciel: Raptr - (...) [HKLM][64Bits] -- Raptr O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM][64Bits] -- RealPlayer 15.0 =>.RealNetworks, Inc.® O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp. O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM][64Bits] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.RealNetworks, Inc. O42 - Logiciel: Safari - (.Apple Inc..) [HKLM][64Bits] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} =>.Apple Inc. O42 - Logiciel: SEGA Mega Drive Classic Collection: Gold Edition - (.SEGA.) [HKLM][64Bits] -- SEGAMegaDriveClassicCollection_Gold Edition =>.SEGA O42 - Logiciel: Skype™ 6.16 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} =>.Skype Technologies S.A. O42 - Logiciel: Starus File Recovery 3.3 - (...) [HKLM][64Bits] -- Starus File Recovery O42 - Logiciel: Subtitle Edit v3.0 - (.Nikse.) [HKLM][64Bits] -- SubtitleEdit_is1 =>.Nikse O42 - Logiciel: The KMPlayer - (.Your Company.) [HKLM][64Bits] -- The KMPlayer1.0 =>.Your Company O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM][64Bits] -- {933B4015-4618-4716-A828-5289FC03165F} =>.DivX, Inc O42 - Logiciel: Vegas Pro 13.0 (64-bit) - (.Sony.) [HKLM][64Bits] -- {1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58} =>.Sony O42 - Logiciel: VideoDownloaderUltimate - (.Link64.) [HKCU][64Bits] -- VideoDownloaderUltimateWinApp =>.Link64 O42 - Logiciel: VideoReDo TVSuite Version 3.1.5.565 - (.DRD Systems, Inc..) [HKLM][64Bits] -- VideoReDoTVSuite_is1 =>.DRD Systems, Inc. O42 - Logiciel: VideoStudio - (.Corel Corporation.) [HKLM][64Bits] -- {F0FDF9C9-1DDC-401F-B638-36F1CAE8A875} =>.Corel Corporation O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: VobSub 2.23 - (.Gabest.) [HKLM][64Bits] -- VobSub =>.Gabest O42 - Logiciel: WebcamMax - (...) [HKLM][64Bits] -- WebcamMax O42 - Logiciel: WinAVI All in One Converter v1.1 - (.ZJMedia Digital Technology Ltd..) [HKLM][64Bits] -- WinAVI All in One Converter O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH O42 - Logiciel: WinX HD Video Converter Deluxe 5.6.0 - (.Digiarty Software, Inc..) [HKLM][64Bits] -- WinX HD Video Converter Deluxe_is1 =>.Digiarty, Inc.® O42 - Logiciel: Wise Data Recovery 3.37 - (.WiseCleaner.com, Inc..) [HKLM][64Bits] -- Wise Data Recovery_is1 =>.WiseCleaner.com, Inc. O42 - Logiciel: Wondershare Fantashow(Build 3.1.1) - (.Wondershare Software.) [HKLM][64Bits] -- Wondershare Fantashow Plus_is1 =>.Wondershare Software O42 - Logiciel: Xilisoft Video Converter Ultimate - (.Xilisoft.) [HKLM][64Bits] -- Xilisoft Video Converter Ultimate =>.Xilisoft O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM][64Bits] -- Xvid Video Codec 1.3.2 =>.Xvid Team O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger =>.Yahoo! Inc. O42 - Logiciel: Youtube Downloader HD v. 2.9.4 - (.YoutubeDownloaderHD.com.) [HKLM][64Bits] -- Youtube Downloader HD_is1 =>.YoutubeDownloaderHD.com O42 - Logiciel: YoutubeMovieMaker - (.Youtube Movie Maker.) [HKLM][64Bits] -- {E084C471-FA8F-4468-93F1-25B3A13ED942} =>.Youtube Movie Maker O42 - Logiciel: دعم تطبيق Apple - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D} =>.Apple Inc. ---\\ HKCU & HKLM Software Keys (174) - 13s HKLM\SOFTWARE\Wow6432Node\7-Zip HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AMD HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Computer, Inc. HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\AVG HKLM\SOFTWARE\Wow6432Node\AVI ReComp HKLM\SOFTWARE\Wow6432Node\AviSynth HKLM\SOFTWARE\Wow6432Node\BluffTitler HKLM\SOFTWARE\Wow6432Node\CDDB HKLM\SOFTWARE\Wow6432Node\DivX HKLM\SOFTWARE\Wow6432Node\DivXNetworks HKLM\SOFTWARE\Wow6432Node\DT Soft HKLM\SOFTWARE\Wow6432Node\EA Sports HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\GN2 HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\GRETECH HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\InterVideo HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\KasperskyLab HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\KONAMI HKLM\SOFTWARE\Wow6432Node\KONAMIPES6 HKLM\SOFTWARE\Wow6432Node\KONAMIWE8IU HKLM\SOFTWARE\Wow6432Node\KONAMIwe9 HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Lavasoft HKLM\SOFTWARE\Wow6432Node\LEAD Technologies, Inc. HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\McAfee.com HKLM\SOFTWARE\Wow6432Node\mcafeeupdater HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\Raptr HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\RichFX HKLM\SOFTWARE\Wow6432Node\Rocket Division Software HKLM\SOFTWARE\Wow6432Node\RZsoft HKLM\SOFTWARE\Wow6432Node\SEGA HKLM\SOFTWARE\Wow6432Node\Siano HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Sony Creative Software HKLM\SOFTWARE\Wow6432Node\TechSmith HKLM\SOFTWARE\Wow6432Node\TuneUp HKLM\SOFTWARE\Wow6432Node\Ulead Systems HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\WebcamMax HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\Xilisoft HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp. HKLM\SOFTWARE\Wow6432Node\Xvid Team HKLM\SOFTWARE\Wow6432Node\Yahoo =>.Yahoo! HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\7-Zip HKCU\SOFTWARE\A0 Digital Audio HKCU\SOFTWARE\AC3Filter HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AMD HKCU\SOFTWARE\AnchorFree HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ATI HKCU\SOFTWARE\AVG HKCU\SOFTWARE\AVI ReComp HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\Camfrog HKCU\SOFTWARE\CardRecoveryPro HKCU\SOFTWARE\CardRecoveryPro_Init HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\CodeAero Technologies HKCU\SOFTWARE\Computerinsel HKCU\SOFTWARE\DashSignature.com HKCU\SOFTWARE\DivXNetworks HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\DRD Systems HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\DT Soft HKCU\SOFTWARE\EA Sports HKCU\SOFTWARE\EMU HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Freeware HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GN2 HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GRETECH HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\Imagenomic HKCU\SOFTWARE\ImageShack HKCU\SOFTWARE\ImageShack Corp. HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\KasperskyLab HKCU\SOFTWARE\Kroll OnTrack HKCU\SOFTWARE\Lagarith HKCU\SOFTWARE\LEAD Technologies, Inc. HKCU\SOFTWARE\Leadertech HKCU\SOFTWARE\Leawo Software HKCU\SOFTWARE\Link64 HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\MediaChance HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Moo0 HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\n-Track7 HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\NewBlue HKCU\SOFTWARE\Nik Software HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Psiphon3 HKCU\SOFTWARE\PurpleRain House HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Raptr HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\SEGA HKCU\SOFTWARE\SimonTatham HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Sony Creative Software HKCU\SOFTWARE\Starus Recovery HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\TuneUp HKCU\SOFTWARE\Ulead HKCU\SOFTWARE\Ulead Systems HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VooFoo Studios HKCU\SOFTWARE\VST HKCU\SOFTWARE\Waves Audio HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WPI HKCU\SOFTWARE\Xenocode HKCU\SOFTWARE\Xilisoft HKCU\SOFTWARE\yahoo =>.Yahoo! HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\Adobe HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\Macromedia ---\\ Contents of the Common Files folders (360) - 47s O43 - CFD: 26/05/2014 - [] D -- C:\Program Files\7-Zip O43 - CFD: 07/11/2014 - [] D -- C:\Program Files\Aegisub O43 - CFD: 31/05/2014 - [] D -- C:\Program Files\Allok AVI MPEG Converter O43 - CFD: 05/08/2014 - [] D -- C:\Program Files\Allok MPEG4 Converter O43 - CFD: 04/10/2014 - [] D -- C:\Program Files\AMD O43 - CFD: 29/05/2014 - [] D -- C:\Program Files\ATI O43 - CFD: 04/10/2014 - [0] D -- C:\Program Files\ATI Technologies O43 - CFD: 28/12/2014 - [] D -- C:\Program Files\Bonjour =>.Apple Inc.® O43 - CFD: 26/05/2014 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 18/03/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 06/10/2014 - [] D -- C:\Program Files\DivX O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 06/10/2014 - [] D -- C:\Program Files\Intel O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 20/02/2016 - [] D -- C:\Program Files\McAfee Security Scan =>.McAfee, Inc.® O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 27/05/2014 - [] D -- C:\Program Files\Microsoft Office O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild O43 - CFD: 28/12/2014 - [] D -- C:\Program Files\PhotoLine O43 - CFD: 29/05/2014 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 21/11/2010 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 28/06/2014 - [] D -- C:\Program Files (x86)\7-Zip O43 - CFD: 09/11/2014 - [] D -- C:\Program Files (x86)\AC3Filter O43 - CFD: 09/05/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 31/05/2014 - [] D -- C:\Program Files (x86)\All in One Converter O43 - CFD: 26/06/2015 - [] D -- C:\Program Files (x86)\Allok Video Converter O43 - CFD: 27/08/2014 - [] D -- C:\Program Files (x86)\Allok Video to MP4 Converter O43 - CFD: 04/10/2014 - [] D -- C:\Program Files (x86)\AMD AVT O43 - CFD: 19/10/2014 - [] D -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.® O43 - CFD: 04/10/2014 - [] D -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 29/02/2016 - [] D -- C:\Program Files (x86)\AVI ReComp O43 - CFD: 29/02/2016 - [] D -- C:\Program Files (x86)\AviSynth 2.5 O43 - CFD: 28/12/2014 - [] D -- C:\Program Files (x86)\Bonjour =>.Apple Inc.® O43 - CFD: 28/02/2015 - [] D -- C:\Program Files (x86)\CardRecoveryPro {288A6842C331C5443D747BDABF31E2A3} O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 12/12/2014 - [] D -- C:\Program Files (x86)\Corel =>.Corel Corporation® O43 - CFD: 30/03/2015 - [] D -- C:\Program Files (x86)\Cute Video Cutter O43 - CFD: 26/09/2014 - [] D -- C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd® O43 - CFD: 27/06/2015 - [] D -- C:\Program Files (x86)\Digiarty =>.Digiarty, Inc.® O43 - CFD: 06/10/2014 - [0] D -- C:\Program Files (x86)\DivX O43 - CFD: 06/10/2014 - [] D -- C:\Program Files (x86)\Driver Checker O43 - CFD: 06/10/2014 - [] D -- C:\Program Files (x86)\EA Sports O43 - CFD: 24/04/2015 - [] D -- C:\Program Files (x86)\EasiestSoft O43 - CFD: 09/11/2014 - [] D -- C:\Program Files (x86)\Easy RealMedia Tools O43 - CFD: 29/02/2016 - [] D -- C:\Program Files (x86)\Gabest O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\GRETECH {1472BF5317E0965C879EF989EB6864AD} O43 - CFD: 15/11/2014 - [] D -- C:\Program Files (x86)\GUM5FFB.tmp =>.Google Inc® O43 - CFD: 06/03/2015 - [] D -- C:\Program Files (x86)\ImageShack Uploader O43 - CFD: 12/12/2014 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.Macrovision Corporation® O43 - CFD: 06/10/2014 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation - pGFX® O43 - CFD: 10/02/2015 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 27/10/2015 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 19/10/2014 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\KONAMI O43 - CFD: 28/12/2014 - [] D -- C:\Program Files (x86)\Kroll Ontrack O43 - CFD: 26/03/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 12/03/2015 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\Microsoft Works O43 - CFD: 29/05/2014 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 16/11/2014 - [] D -- C:\Program Files (x86)\Moo0 O43 - CFD: 13/01/2016 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 13/01/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 16/11/2014 - [] D -- C:\Program Files (x86)\MP4 Cutter O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 27/05/2014 - [] SHD -- C:\Program Files (x86)\MSOffice2o07ensp2_Setup =>.Microsoft Corporation® O43 - CFD: 03/10/2014 - [] D -- C:\Program Files (x86)\n-Track Studio 7 O43 - CFD: 17/03/2016 - [] D -- C:\Program Files (x86)\Opera =>.Opera Software ASA® O43 - CFD: 09/05/2015 - [] D -- C:\Program Files (x86)\Photoshop O43 - CFD: 28/02/2015 - [] D -- C:\Program Files (x86)\Pro Evolution Soccer 2015 {6A554237B5E1DC24DF071C5940AB8DD6} O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Pro Evolution Soccer 2016 O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\QuickTime O43 - CFD: 19/10/2014 - [] D -- C:\Program Files (x86)\Raptr =>.Raptr, Inc® O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\Real =>.RealNetworks, Inc.® O43 - CFD: 04/10/2014 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 28/12/2014 - [] D -- C:\Program Files (x86)\Safari =>.Apple Inc.® O43 - CFD: 26/09/2014 - [] D -- C:\Program Files (x86)\SEGA O43 - CFD: 21/07/2014 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 09/10/2015 - [] D -- C:\Program Files (x86)\Sony O43 - CFD: 28/12/2014 - [] D -- C:\Program Files (x86)\Starus Recovery O43 - CFD: 12/04/2015 - [] D -- C:\Program Files (x86)\Subtitle Edit O43 - CFD: 29/05/2014 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\The KMPlayer {2F339DC7AF9B9CF34A626D51A53BE2DC} O43 - CFD: 19/08/2014 - [] D -- C:\Program Files (x86)\Ulead Systems =>.Microsoft Corporation® O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 28/06/2014 - [] D -- C:\Program Files (x86)\VideoReDoTVSuite O43 - CFD: 28/06/2014 - [] D -- C:\Program Files (x86)\VideoReDoTVSuite4 O43 - CFD: 30/05/2014 - [] D -- C:\Program Files (x86)\WebcamMax O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 12/03/2015 - [] D -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation® O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 12/12/2014 - [] D -- C:\Program Files (x86)\Windows Media Components O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 21/11/2010 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 28/12/2014 - [] D -- C:\Program Files (x86)\Wise O43 - CFD: 30/01/2015 - [] D -- C:\Program Files (x86)\Wondershare =>.Wondershare Software Co., Ltd. ® O43 - CFD: 06/11/2014 - [] D -- C:\Program Files (x86)\Xilisoft =>.xilisoft corporation® O43 - CFD: 29/02/2016 - [] D -- C:\Program Files (x86)\Xvid O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\Yahoo! O43 - CFD: 21/04/2015 - [] D -- C:\Program Files (x86)\Youtube Downloader HD O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\Youtube Movie Maker O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip O43 - CFD: 09/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter O43 - CFD: 26/05/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 26/05/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 26/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok Video Converter O43 - CFD: 05/08/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Allok Video to MP4 Converter O43 - CFD: 04/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center O43 - CFD: 29/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5 O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 12/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio 12 O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cute Video Cutter Free Version O43 - CFD: 26/09/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite O43 - CFD: 29/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Audio O43 - CFD: 27/06/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty O43 - CFD: 24/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasiestSoft O43 - CFD: 09/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy RealMedia Tools O43 - CFD: 19/10/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player O43 - CFD: 06/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader O43 - CFD: 05/10/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 10/02/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 27/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 19/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 04/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 20/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus O43 - CFD: 27/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 16/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 Cutter O43 - CFD: 28/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Enterprise O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outerspace Software O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PES 2016 PESEdit v1.0 Patch By Minosta4u O43 - CFD: 06/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X O43 - CFD: 28/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoLine O43 - CFD: 04/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real O43 - CFD: 26/10/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 09/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 20/02/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 28/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starus Recovery O43 - CFD: 12/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit O43 - CFD: 21/11/2010 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 27/08/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio 11 O43 - CFD: 08/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 28/06/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoReDo O43 - CFD: 29/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub O43 - CFD: 30/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebcamMax O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 28/12/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Data Recovery O43 - CFD: 30/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare O43 - CFD: 06/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft O43 - CFD: 29/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger O43 - CFD: 21/04/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Downloader HD O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Youtube Movie Maker O43 - CFD: 15/02/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 04/10/2014 - [] D -- C:\ProgramData\AMD O43 - CFD: 19/10/2014 - [] D -- C:\ProgramData\Apple O43 - CFD: 19/10/2014 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 04/10/2014 - [] D -- C:\ProgramData\ATI O43 - CFD: 21/07/2014 - [] D -- C:\ProgramData\AVG O43 - CFD: 21/07/2014 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\cutevideocutterfree O43 - CFD: 26/09/2014 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\DivX O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 03/10/2014 - [0] D -- C:\ProgramData\firebird O43 - CFD: 03/10/2014 - [] D -- C:\ProgramData\Google O43 - CFD: 31/05/2014 - [0] D -- C:\ProgramData\IDM O43 - CFD: 06/10/2014 - [] D -- C:\ProgramData\Intel O43 - CFD: 19/08/2014 - [] D -- C:\ProgramData\InterVideo O43 - CFD: 14/12/2015 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 23/09/2015 - [] D -- C:\ProgramData\KONAMI O43 - CFD: 01/06/2014 - [] D -- C:\ProgramData\Leawo O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 04/01/2015 - [] D -- C:\ProgramData\McAfee O43 - CFD: 01/08/2015 - [] D -- C:\ProgramData\McAfee Security Scan O43 - CFD: 12/03/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 27/05/2014 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 20/09/2014 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 27/10/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 07/11/2014 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Real O43 - CFD: 26/03/2016 - [] D -- C:\ProgramData\RogueKiller O43 - CFD: 26/10/2014 - [] D -- C:\ProgramData\Skype O43 - CFD: 09/10/2015 - [] D -- C:\ProgramData\Sony O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 04/01/2015 - [] D -- C:\ProgramData\Steam O43 - CFD: 03/10/2014 - [] D -- C:\ProgramData\Supereasy O43 - CFD: 26/03/2016 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\TuneUp Software O43 - CFD: 12/12/2014 - [] D -- C:\ProgramData\Ulead Systems O43 - CFD: 30/03/2015 - [] D -- C:\ProgramData\videocutter O43 - CFD: 30/05/2014 - [] D -- C:\ProgramData\WebcamMax O43 - CFD: 06/11/2014 - [] D -- C:\ProgramData\Xilisoft O43 - CFD: 26/05/2014 - [] D -- C:\ProgramData\Yahoo! O43 - CFD: 21/07/2014 - [] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} O43 - CFD: 18/10/2014 - [] SHD -- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} O43 - CFD: 15/02/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 19/10/2014 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 04/10/2014 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 06/10/2014 - [] D -- C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 12/12/2014 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\Common Files\Intel O43 - CFD: 29/05/2014 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 27/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 12/03/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 28/05/2014 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\Common Files\Real O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 21/07/2014 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 25/11/2014 - [] D -- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 27/05/2014 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 12/12/2014 - [] D -- C:\Program Files (x86)\Common Files\Ulead Systems O43 - CFD: 12/03/2015 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 30/01/2015 - [] D -- C:\Program Files (x86)\Common Files\Wondershare O43 - CFD: 26/05/2014 - [] D -- C:\Program Files (x86)\Common Files\xing shared O43 - CFD: 09/02/2016 - [] D -- C:\Program Files (x86)\Common Files\YUMediaCodec O43 - CFD: 09/05/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Adobe O43 - CFD: 25/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\Aegisub O43 - CFD: 08/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\AMD O43 - CFD: 28/12/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Apple Computer O43 - CFD: 29/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\ATI O43 - CFD: 21/07/2014 - [] D -- C:\Users\sama office\AppData\Roaming\AVG O43 - CFD: 02/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\AVI ReComp O43 - CFD: 21/11/2014 - [] D -- C:\Users\sama office\AppData\Roaming\BitTorrent O43 - CFD: 04/01/2015 - [] D -- C:\Users\sama office\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 27/06/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Digiarty O43 - CFD: 29/06/2014 - [] D -- C:\Users\sama office\AppData\Roaming\DivX O43 - CFD: 26/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\DMCache O43 - CFD: 24/04/2015 - [] D -- C:\Users\sama office\AppData\Roaming\EasiestSoft O43 - CFD: 29/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\ESET O43 - CFD: 14/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\fontconfig O43 - CFD: 01/06/2014 - [] D -- C:\Users\sama office\AppData\Roaming\GRETECH O43 - CFD: 06/07/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Identities O43 - CFD: 13/03/2015 - [] D -- C:\Users\sama office\AppData\Roaming\IDM O43 - CFD: 12/12/2014 - [] D -- C:\Users\sama office\AppData\Roaming\InstallShield O43 - CFD: 29/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Intel Corporation O43 - CFD: 06/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Leadertech O43 - CFD: 01/06/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Leawo O43 - CFD: 29/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\library_dir O43 - CFD: 26/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Macromedia O43 - CFD: 21/11/2010 - [0] D -- C:\Users\sama office\AppData\Roaming\Media Center Programs O43 - CFD: 11/12/2015 - [] SD -- C:\Users\sama office\AppData\Roaming\Microsoft O43 - CFD: 03/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Movie Label O43 - CFD: 27/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Mozilla O43 - CFD: 19/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\MPC-HC O43 - CFD: 03/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\n-Track Drums O43 - CFD: 03/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\n-Track Software Data O43 - CFD: 03/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\n-Track Studio 7 O43 - CFD: 26/09/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Opera Software O43 - CFD: 09/02/2016 - [] D -- C:\Users\sama office\AppData\Roaming\Outerspace Software O43 - CFD: 06/05/2015 - [] D -- C:\Users\sama office\AppData\Roaming\PhotoLine O43 - CFD: 14/07/2014 - [] D -- C:\Users\sama office\AppData\Roaming\PotPlayerMini O43 - CFD: 01/11/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Raptr O43 - CFD: 26/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Real O43 - CFD: 18/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\rmi O43 - CFD: 09/06/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Skype O43 - CFD: 09/10/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Sony O43 - CFD: 12/04/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Subtitle Edit O43 - CFD: 27/10/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Sun O43 - CFD: 02/06/2014 - [] D -- C:\Users\sama office\AppData\Roaming\TechSmith O43 - CFD: 23/04/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Thinstall O43 - CFD: 13/06/2014 - [] D -- C:\Users\sama office\AppData\Roaming\tiger-k O43 - CFD: 05/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\TuneUp Software O43 - CFD: 12/12/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Ulead Systems O43 - CFD: 26/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\uTorrent O43 - CFD: 15/05/2015 - [] D -- C:\Users\sama office\AppData\Roaming\vfilter O43 - CFD: 26/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\VideoReDo-TVSuite O43 - CFD: 23/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\vlc O43 - CFD: 30/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\WebcamMax O43 - CFD: 31/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\WinAVI O43 - CFD: 27/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\WinRAR O43 - CFD: 06/11/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Xilisoft O43 - CFD: 17/07/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Yahoo! O43 - CFD: 21/04/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Youtube Downloader HD O43 - CFD: 26/03/2016 - [] D -- C:\Users\sama office\AppData\Roaming\ZHP O43 - CFD: 05/12/2015 - [] D -- C:\Users\sama office\AppData\Local\Adobe O43 - CFD: 07/11/2014 - [] D -- C:\Users\sama office\AppData\Local\Aegisub O43 - CFD: 01/06/2014 - [] D -- C:\Users\sama office\AppData\Local\Aiseesoft Studio O43 - CFD: 19/10/2014 - [] D -- C:\Users\sama office\AppData\Local\Apple O43 - CFD: 28/12/2014 - [] D -- C:\Users\sama office\AppData\Local\Apple Computer O43 - CFD: 26/05/2014 - [0] SHD -- C:\Users\sama office\AppData\Local\Application Data O43 - CFD: 29/05/2014 - [] D -- C:\Users\sama office\AppData\Local\ATI O43 - CFD: 21/07/2014 - [] D -- C:\Users\sama office\AppData\Local\AVG O43 - CFD: 29/02/2016 - [] D -- C:\Users\sama office\AppData\Local\bunkus.org O43 - CFD: 25/11/2014 - [0] D -- C:\Users\sama office\AppData\Local\CrashDumps O43 - CFD: 14/07/2014 - [] D -- C:\Users\sama office\AppData\Local\Daum O43 - CFD: 29/10/2015 - [0] D -- C:\Users\sama office\AppData\Local\Diagnostics O43 - CFD: 09/02/2016 - [] D -- C:\Users\sama office\AppData\Local\Downloaded Installations O43 - CFD: 08/10/2015 - [0] D -- C:\Users\sama office\AppData\Local\ElevatedDiagnostics O43 - CFD: 29/05/2014 - [] D -- C:\Users\sama office\AppData\Local\ESET O43 - CFD: 12/04/2015 - [] D -- C:\Users\sama office\AppData\Local\fontconfig O43 - CFD: 17/09/2015 - [] D -- C:\Users\sama office\AppData\Local\Google O43 - CFD: 26/05/2014 - [0] SHD -- C:\Users\sama office\AppData\Local\History O43 - CFD: 27/05/2014 - [] D -- C:\Users\sama office\AppData\Local\Intel_Corporation O43 - CFD: 02/07/2014 - [] D -- C:\Users\sama office\AppData\Local\Macromedia O43 - CFD: 27/06/2015 - [] D -- C:\Users\sama office\AppData\Local\Microsoft O43 - CFD: 15/09/2014 - [] D -- C:\Users\sama office\AppData\Local\Microsoft Games O43 - CFD: 27/05/2014 - [0] D -- C:\Users\sama office\AppData\Local\Microsoft Help O43 - CFD: 21/09/2014 - [] D -- C:\Users\sama office\AppData\Local\Mozilla O43 - CFD: 26/09/2014 - [] D -- C:\Users\sama office\AppData\Local\Opera Software O43 - CFD: 01/06/2014 - [] D -- C:\Users\sama office\AppData\Local\Programs O43 - CFD: 21/07/2014 - [] D -- C:\Users\sama office\AppData\Local\Skype O43 - CFD: 09/10/2015 - [] D -- C:\Users\sama office\AppData\Local\Sony O43 - CFD: 02/06/2014 - [] D -- C:\Users\sama office\AppData\Local\TechSmith O43 - CFD: 26/03/2016 - [] D -- C:\Users\sama office\AppData\Local\Temp O43 - CFD: 26/05/2014 - [0] SHD -- C:\Users\sama office\AppData\Local\Temporary Internet Files O43 - CFD: 31/05/2014 - [] D -- C:\Users\sama office\AppData\Local\Thinstall O43 - CFD: 05/10/2014 - [] D -- C:\Users\sama office\AppData\Local\TuneUp Software O43 - CFD: 30/05/2014 - [] D -- C:\Users\sama office\AppData\Local\VirtualStore O43 - CFD: 31/05/2014 - [] D -- C:\Users\sama office\AppData\Local\WinAVI O43 - CFD: 24/06/2015 - [] D -- C:\Users\sama office\AppData\Local\Windows Live O43 - CFD: 30/01/2015 - [] D -- C:\Users\sama office\AppData\Local\Wondershare O43 - CFD: 09/11/2014 - [0] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter O43 - CFD: 14/07/2009 - [] RD -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 26/05/2014 - [] RD -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 11/10/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center O43 - CFD: 29/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved O43 - CFD: 29/02/2016 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVI ReComp O43 - CFD: 29/02/2016 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5 O43 - CFD: 09/11/2014 - [0] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Easy RealMedia Tools O43 - CFD: 08/06/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 10/02/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 14/07/2009 - [] RD -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 16/11/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0 O43 - CFD: 26/09/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SEGA O43 - CFD: 20/11/2014 - [] RD -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 28/12/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Starus Recovery O43 - CFD: 05/06/2015 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Subtitle Workshop O43 - CFD: 26/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer O43 - CFD: 31/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVI All in One Converter O43 - CFD: 26/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 26/05/2014 - [] D -- C:\Users\sama office\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Your Product ---\\ Latest files created in Prefetcher (11) - 4s O45 - LFCP:[MD5.E51577F4D265543573B48ED18AFC93CD] 25/03/2016 A -- C:\Windows\Prefetch\THIRTEENDEGREES.BROWSERADAPTE-154C3CE2.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.AE54C7413D78D8533AD521D5D4C2E425] 25/03/2016 A -- C:\Windows\Prefetch\THIRTEENDEGREES.BROWSERADAPTE-8C8D4C00.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.7447DCD6091FE7A54441B6104CB73A5C] 25/03/2016 A -- C:\Windows\Prefetch\THIRTEENDEGREES.EXPEXT.EXE-46D3184D.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.98C5A35E45056F51CB07618B938A5DF1] 25/03/2016 A -- C:\Windows\Prefetch\THIRTEENDEGREES.PLINX.EXE-E7834DBE.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.21D981D98A2092568FF9CAE4A4C05643] 25/03/2016 A -- C:\Windows\Prefetch\THIRTEENDEGREES.PURBROWSE64.E-D15B1C1E.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.611788ACEF7849DD24979EE74E8D49AE] 25/03/2016 A -- C:\Windows\Prefetch\THIRTEENDEGREESUNINSTALL.EXE-178BD3A2.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.5B5546D61366FC81AC66E80A5B093C9E] 25/03/2016 A -- C:\Windows\Prefetch\THIRTEENDEGREES_SETUP.EXE-8DA44E2A.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.9785096C52CE51C7CCC8AA53AB325FA2] 25/03/2016 A -- C:\Windows\Prefetch\TORCH.EXE-64894864.pf =>.Superfluous.Torch O45 - LFCP:[MD5.84675B6FADC67FDFE920FEF842552EEE] 25/03/2016 A -- C:\Windows\Prefetch\TORCHUPDATE.EXE-532A0CB4.pf =>.Superfluous.Torch O45 - LFCP:[MD5.96C1A555D5FBE1F5798C219B6EF2275B] 25/03/2016 A -- C:\Windows\Prefetch\UPDATETHIRTEENDEGREES.EXE-4ACE730F.pf =>PUP.Optional.ThirteenDegrees O45 - LFCP:[MD5.C57A7AB71286A3DF582D66D82FAF2436] 25/03/2016 A -- C:\Windows\Prefetch\UTILTHIRTEENDEGREES.EXE-97F84AE7.pf =>PUP.Optional.ThirteenDegrees ---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation® O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ ShareTools MSconfig StartupReg (18) - 1s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe =>.Apple Inc. O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd O53 - SMSR:HKLM\...\startupreg\DivXMediaServer [Key] . (...) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc. O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe =>.Apple Inc. O53 - SMSR:HKLM\...\startupreg\Raptr [Key] . (.Raptr, Inc - Raptr Desktop App.) -- C:\Program Files (x86)\Raptr\raptrstub.exe =>.Raptr, Inc O53 - SMSR:HKLM\...\startupreg\RtHDVBg [Key] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor O53 - SMSR:HKLM\...\startupreg\RtHDVBg_PushButton [Key] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor O53 - SMSR:HKLM\...\startupreg\RTHDVCPL [Key] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc. O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc. O53 - SMSR:HKLM\...\startupreg\WavesSvc [Key] . (.Waves Audio Ltd. - Waves MaxxAudio Service Application.) -- C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe =>.Waves Audio Ltd. O53 - SMSR:HKLM\...\startupreg\WebcamMaxAutoRun [Key] . (.CoolwareMax - WebcamMax.) -- C:\Program Files (x86)\WebcamMax\WebcamMax.exe ---\\ System Drivers List (71) - 7s O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows® O58 - SDL:2014/09/16 01:29:04 A . (.Advanced Micro Devices - AMD ACP Kernel Service Driver.) -- C:\Windows\System32\drivers\amdacpksd.sys [293088] =>.Advanced Micro Devices, Inc.® O58 - SDL:2013/12/13 23:00:34 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmpfd.sys [36608] =>.Advanced Micro Devices, Inc.® O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows® O58 - SDL:2010/11/21 06:23:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows® O58 - SDL:2014/09/26 20:49:05 A . (.Protection Technology - Application Driver (01).) -- C:\Windows\System32\drivers\appdrv01.sys [3852976] =>.Protection Technology, Ltd.® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows® O58 - SDL:2013/09/24 23:42:52 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athrx.sys [4021248] =>.Qualcomm Atheros Communications, Inc. O58 - SDL:2014/09/16 01:26:58 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [16750080] =>.Advanced Micro Devices, Inc. O58 - SDL:2014/09/16 00:59:06 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [576000] =>.Advanced Micro Devices, Inc. O58 - SDL:2009/06/10 23:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd. O58 - SDL:2009/06/10 23:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd. O58 - SDL:2009/07/14 04:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 23:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd. O58 - SDL:2013/02/07 01:41:02 A . (.Atheros - BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys [551552] =>.Atheros O58 - SDL:2009/06/10 23:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation O58 - SDL:2009/07/14 04:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows® O58 - SDL:2014/09/26 14:11:04 A . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [283200] =>.DT Soft Ltd® O58 - SDL:2009/07/14 04:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows® O58 - SDL:2015/01/30 16:13:30 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys [44632] =>.ESET, spol. s r.o.® O58 - SDL:2009/06/10 23:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation O58 - SDL:2009/06/10 23:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc. O58 - SDL:2010/11/21 06:23:47 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows® O58 - SDL:2013/09/20 15:41:20 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [630632] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2013/09/20 15:41:16 A . (.Intel Corporation - Intel Rapid Storage Technology Filter drive.) -- C:\Windows\System32\drivers\iaStorF.sys [28008] =>.Intel Corporation - Intel® Rapid Storage Technology® O58 - SDL:2010/11/21 06:23:47 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows® O58 - SDL:2014/11/29 03:37:06 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [180648] =>.Tonec Inc.® O58 - SDL:2014/08/20 11:15:16 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [3824272] =>.Intel Corporation - pGFX® O58 - SDL:2009/07/14 04:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows® O58 - SDL:2014/08/20 11:15:08 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [453872] =>.Intel Corporation - Client Components Group® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation® O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation® O58 - SDL:2016/03/26 14:07:43 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:09:06 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64896] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 04:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows® O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows® O58 - SDL:2010/11/21 06:23:47 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows® O58 - SDL:2014/04/23 10:25:24 A . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Dri.) -- C:\Windows\System32\drivers\Rt64win7.sys [936664] =>.Realtek Semiconductor Corp® O58 - SDL:2014/05/14 18:37:38 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3962840] =>.Realtek Semiconductor Corp® O58 - SDL:2014/01/07 14:10:00 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsBaStor.sys [313048] =>.Realtek Semiconductor Corp® O58 - SDL:2014/01/03 16:08:00 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsP2Stor.sys [291544] =>.Realtek Semiconductor Corp® O58 - SDL:2014/01/03 16:34:28 A . (.Realsil Semiconductor Corporation - RTS PCIE READER Driver.) -- C:\Windows\System32\drivers\RtsPer.sys [465624] =>.Realtek Semiconductor Corp® O58 - SDL:2014/01/07 14:24:34 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsPStor.sys [359128] =>.Realtek Semiconductor Corp® O58 - SDL:2014/01/03 13:33:52 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUStor.sys [271064] =>.Realtek Semiconductor Corp® O58 - SDL:2014/01/03 11:14:10 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUVStor.sys [331992] =>.Realtek Semiconductor Corp® O58 - SDL:2009/06/10 23:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2009/07/14 03:00:40 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\serial.sys [94208] =>.Brother Industries Ltd. O58 - SDL:2009/07/14 04:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows® O58 - SDL:2013/08/13 02:10:26 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184] =>.AnchorFree Inc® O58 - SDL:2014/06/24 16:08:20 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [125952] =>.Intel Corporation - Intel® Management Engine Firmware® O58 - SDL:2016/03/26 04:31:33 A . (...) -- C:\Windows\System32\drivers\TrueSight.sys [24688] =>.Adlice® O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows® O58 - SDL:2009/07/14 04:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows® ---\\ Last modified or created user files (6) - 43s O61 - LFC: 2016/03/19 00:45:23 A . (..) -- C:\Users\sama office\Documents\KONAMI\Pro Evolution Soccer 2015\save\EDIT.bin [5812044] O61 - LFC: 2016/03/18 22:17:42 A . (..) -- C:\Users\sama office\Documents\KONAMI\Pro Evolution Soccer 2015\save\LG 01.bin [14076840] O61 - LFC: 2016/03/25 00:10:35 A . (..) -- C:\Users\sama office\Documents\KONAMI\Pro Evolution Soccer 2015\save\LG 08.bin [14076840] O61 - LFC: 2016/03/25 00:10:43 A . (..) -- C:\Users\sama office\Documents\KONAMI\Pro Evolution Soccer 2015\save\SYSTEM.bin [136577] O61 - LFC: 2016/03/18 18:17:00 A . (..) -- C:\Users\sama office\AppData\Roaming\AMD\GLCache\5b29effe650b9c07_24.bin [704153] O61 - LFC: 2016/03/20 11:44:36 A . (..) -- C:\Users\sama office\AppData\Local\ATI\ACE\Manifest.Bin [29892] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software ASA® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (24) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe =>.Opera Software ASA® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc.® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\sama office\AppData\Local\Torch\Application\torch.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\sama office\AppData\Local\Torch\Application\torch.exe (.not file.) =>.Superfluous.Torch O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\sama office\AppData\Local\Torch\Application\torch.exe (.not file.) =>.Superfluous.Torch O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\launcher.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe =>.Apple Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\sama office\AppData\Local\Torch\Application\torch.exe (.not file.) =>.Superfluous.Torch ---\\ Search Browser Infection (5) - 7s O69 - SBI: prefs.js [sama office - zb8a5j99.default] user_pref("extensions.fvd_single.enable_superfish", true); =>.Superfluous.Superfish O69 - SBI: prefs.js [sama office - zb8a5j99.default] user_pref("extensions.fvd_single.superfish_id", "395D3876-D5FB-42D3-A4C7-0B61612D2043"); =>.Superfluous.Superfish O69 - SBI: prefs.js [sama office - zb8a5j99.default] user_pref("extensions.yt_downloader.enable_superfish", true); =>.Superfluous.Superfish O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ ---\\ Search Svchost Services (33) - 0s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [679424] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2420736] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation ---\\ Firewall Active Exception List (3) - 2s O87 - FAEL: "{4CFDB6A3-CA78-45E4-894E-19A3D4245FD4}" [In-None-P17-TRUE] .(...) -- C:\Users\sama office\AppData\Local\Torch\Plugins\Hola\hola_plugin_x64.exe (.not file.) =>.Superfluous.Torch O87 - FAEL: "TCP Query User{6F8B56CB-941F-47E0-A58A-5CE2BC273633}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe" [In-None-P6-TRUE] .(...) -- C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe (.not file.) O87 - FAEL: "UDP Query User{85C355D3-0E38-4355-BC1B-CCDD1F41A5A7}C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe" [In-None-P17-TRUE] .(...) -- C:\programdata\videodownloaderultimatewinapp\videodownloaderultimate.exe (.not file.) ---\\ Search Tracing Registry Key (6) - 1s HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver HKLM\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver HKLM\SOFTWARE\Microsoft\Tracing\thirteendegrees_RASAPI32 =>PUP.Optional.ThirteenDegrees HKLM\SOFTWARE\Microsoft\Tracing\thirteendegrees_RASMANCS =>PUP.Optional.ThirteenDegrees HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV ---\\ Additional Scan (O88) (18) - 0s C:\Users\sama office\AppData\Roaming\Mozilla\Firefox\Profiles\zb8a5j99.default\searchplugins\yahoo.xml =>PUP.Optional.BDYahoo C:\Windows\Prefetch\THIRTEENDEGREES.BROWSERADAPTE-154C3CE2.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\THIRTEENDEGREES.BROWSERADAPTE-8C8D4C00.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\THIRTEENDEGREES.EXPEXT.EXE-46D3184D.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\THIRTEENDEGREES.PLINX.EXE-E7834DBE.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\THIRTEENDEGREES.PURBROWSE64.E-D15B1C1E.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\THIRTEENDEGREESUNINSTALL.EXE-178BD3A2.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\THIRTEENDEGREES_SETUP.EXE-8DA44E2A.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\TORCH.EXE-64894864.pf =>.Superfluous.Torch C:\Windows\Prefetch\TORCHUPDATE.EXE-532A0CB4.pf =>.Superfluous.Torch C:\Windows\Prefetch\UPDATETHIRTEENDEGREES.EXE-4ACE730F.pf =>PUP.Optional.ThirteenDegrees C:\Windows\Prefetch\UTILTHIRTEENDEGREES.EXE-97F84AE7.pf =>PUP.Optional.ThirteenDegrees HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASAPI32 =>PUP.Optional.RegistryReviver HKLM64\SOFTWARE\Microsoft\Tracing\RegistryReviver_RASMANCS =>PUP.Optional.RegistryReviver HKLM64\SOFTWARE\Microsoft\Tracing\thirteendegrees_RASAPI32 =>PUP.Optional.ThirteenDegrees HKLM64\SOFTWARE\Microsoft\Tracing\thirteendegrees_RASMANCS =>PUP.Optional.ThirteenDegrees HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32 =>PUP.Optional.TornTV HKLM64\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS =>PUP.Optional.TornTV ---\\ Summary of the elements found (7) - 0s http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BDYahoo http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.ThirteenDegrees http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Torch http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Torch http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Superfish http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.RegistryReviver http://www.nicolascoolman.fr/?p=290 =>PUP.Optional.TornTV ~ End of the scan, 32863 items in 00h03mn05s (1194)(0)