~ ZHPDiag v2016.4.30.92 By Nicolas Coolman (2016/04/30) ~ Run by Mohamed (Administrator) (2016/05/02 23:07:10) ~ Web: http://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Mohamed\Desktop\ZHPDiag.txt ~ Report: C:\Users\Mohamed\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 8 Single Language, 64-bit (Build 9200) ---\\ Internet Browsers (4) - 0s GCIE: Google Chrome v49.0.2623.112 MFIE: Mozilla Firefox 42.0 (x86 en-US) OPIE: Opera 12.16.1860 MSIE: Internet Explorer v10.0.9200.17607 ---\\ Windows Product Information (3) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (2) - 4s Malwarebytes Anti-Malware version 2.2.1.1043 Windows Defender W8 (Deactivate) ---\\ System protection software (Superfluous) (1) - 4s Zemana AntiMalware v2.20.613 ---\\ Surveillance software (1) - 5s Adobe Acrobat Reader DC ---\\ Sharing software PeerToPeer (1) - 5s µTorrent v3.4.6.42094 ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 69 Stepping 1, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8283.092 MB (71% free) System Restore: Activé (Enable) System drive C: has 10 GB () free of 425 GB =>Alerte espace disque inférieur à 20 Go ---\\ Connection to the system mode (3) - 0s ~ Computer Name: MOHAMEDHAMID ~ User Name: Mohamed ~ Logged in as Administrator ---\\ Enumeration of the disk units (4) - 0s ~ Drive C: has 10 GB free of 425 GB (System) ~ Drive E: has 1 GB free of 511 GB ~ Drive X: has 1 GB free of 2 GB ~ Drive Y: has 0 GB free of 13 GB ---\\ State of the Windows Security Center (11) - 0s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (24) - 0s [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - 01/06/2013 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2391280] =>.Microsoft Windows® [MD5.3A6209AC494296C24C2065CB4392B5F4] - 26/07/2012 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [51712] =>.Microsoft Corporation [MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - 26/07/2012 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [132608] =>.Microsoft Corporation [MD5.513A0BEDC45862E8D89B52B272F0B4A3] - 15/12/2015 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [2240000] =>.Microsoft Corporation [MD5.88B4DA29CF8C3628F3647447FD5CDAE5] - 16/11/2015 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [578048] =>.Microsoft Corporation [MD5.9448F5740A037EC0C18F0E9177232DD0] - 26/07/2012 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [273408] =>.Microsoft Corporation [MD5.7904C03BF9C0C0337563FFAA97D0ACE8] - 09/10/2014 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [623616] =>.Microsoft Corporation [MD5.0BE9606A1175C7400ED862991453A847] - 09/10/2014 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [458240] =>.Microsoft Corporation [MD5.8252EE6D7F87846EA409D0DA602FB1D9] - 13/10/2015 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [576512] =>.Microsoft Corporation [MD5.A721FF570C2387E383BDDEA9632863C9] - 26/07/2012 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [25840] =>.Microsoft Windows® [MD5.990B1BABE6E81FB18E65A87EBEFB1772] - 26/07/2012 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [108544] =>.Microsoft Corporation [MD5.339BFF85D788268752DA8C9644B188EE] - 26/07/2012 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [174080] =>.Microsoft Corporation [MD5.431141C6859990824D17F71C30A78728] - 16/01/2014 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [118784] =>.Microsoft Corporation [MD5.58CC013EFA9893057160EDA018D8ADCE] - 16/07/2014 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [71168] =>.Microsoft Corporation [MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - 26/07/2012 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [112640] =>.Microsoft Corporation [MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - 26/07/2012 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [145920] =>.Microsoft Corporation [MD5.6BA2A5D1C74E7CB3AFAF301A7E5D9E44] - 07/01/2015 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [403456] =>.Microsoft Corporation [MD5.7CEC25C682D319D484630B3952C31A11] - 26/07/2012 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [331776] =>.Microsoft Corporation [MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - 27/01/2014 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1939288] =>.Microsoft Windows® [MD5.4563DAF8C6A740AD7F501E219BD10766] - 26/07/2012 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [105984] =>.Microsoft Corporation [MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - 26/07/2012 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [124928] =>.Microsoft Corporation [MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - 26/07/2012 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [179712] =>.Microsoft Corporation [MD5.217AEE5DAE1BEF81A1E9A184C4C0BF6A] - 13/10/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [129024] =>.Microsoft Corporation [MD5.AA37946941ED3805AB3A924965907147] - 04/07/2014 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [328000] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (26) - 3s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe =>.Andrea Electronics® O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe =>.AMD O23 - Service: AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations - AdminService Application.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe =>.Qualcomm Atheros Commnucations O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® O23 - Service: Dell Data Vault (DellDataVault) . (.Dell Inc. - Dell Data Vault Service.) - C:\Program Files\Dell\DellDataVault\DellDataVault.exe =>.Techporch Incorporated® O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) . (.Dell Inc. - Dell Data Vault Wizard.) - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe =>.Techporch Incorporated® O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology® O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware® O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® O23 - Service: Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2013 - .) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.® O23 - Service: Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012 - PassThruSvr Application.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: ProductAgentService (ProductAgentService) . (.Bitdefender - Bitdefender Agent.) - C:\Program Files\Bitdefender Agent\ProductAgentService.exe =>.Bitdefender SRL® O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Copyright 2004 - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe =>.CyberLink® O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp® O23 - Service: Samsung AllShare PC (SamsungAllShareV2.0) . (.Samsung Electronics Co., Ltd. - Samsung AllShare Service.) - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe =>.Samsung Electronics CO., LTD.® O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe =>.Dell Inc.® O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe =>.StarWind Software O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc. - Service.) - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe =>.Dell Inc.® O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe =>.Bitdefender SRL® O23 - Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe =>.Bitdefender SRL® O23 - Service: ZAM Controller Service (ZAMSvc) . (.Zemana Ltd. - ZAM.) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.® O23 - Service: ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe =>.Atheros ---\\ Services not Microsoft (SR=Run, SS=Stop) (34) - 24s SR - Auto [13/12/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SR - Auto [11/01/2016] [ 106952] Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe =>.Andrea Electronics® SR - Auto [06/05/2013] [ 241152] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe =>.AMD SR - Auto [01/03/2013] [ 227968] AtherosSvc (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe =>.Qualcomm Atheros Commnucations SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® SS - Demand [14/05/2013] [ 279024] Intel(R) Content Protection HECI Service (cphs) . (.Intel Corporation.) - C:\Windows\SysWOW64\IntelCpHeciSvc.exe =>.Intel Corporation - Software and Firmware Products® SR - Auto [11/03/2016] [ 2572024] Dell Data Vault (DellDataVault) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DellDataVault.exe =>.Techporch Incorporated® SR - Auto [11/03/2016] [ 202488] Dell Data Vault Wizard (DellDataVaultWiz) . (.Dell Inc..) - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe =>.Techporch Incorporated® SS - Auto [06/09/2015] [ 144200] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [06/09/2015] [ 144200] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [14/04/2015] [ 194032] Google Software Updater (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe =>.Google Inc® SR - Auto [22/03/2013] [ 15344] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe =>.Intel Corporation - Intel® Rapid Storage Technology® SR - Auto [12/05/2013] [ 733696] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel(R) Corporation SS - Demand [12/05/2013] [ 822232] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe =>.Intel® Trusted Connect Service® SR - Auto [01/06/2013] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation - Intel® Management Engine Firmware® SR - Auto [01/06/2013] [ 368600] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation - Software and Firmware Products® SR - Auto [28/01/2013] [ 239184] Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2013.) - C:\ProgramData\MobileBrServ\mbbservice.exe =>.Huawei Technologies Co., Ltd.® SS - Demand [16/11/2015] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [17/10/2013] [ 166912] Internet Pass-Through Service (PassThru Service) . (.Copyright (C) 2012.) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe SR - Auto [30/03/2016] [ 947640] ProductAgentService (ProductAgentService) . (.Bitdefender.) - C:\Program Files\Bitdefender Agent\ProductAgentService.exe =>.Bitdefender SRL® SR - Auto [25/04/2012] [ 254512] Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Copyright 2004.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe =>.CyberLink® SR - Auto [11/01/2016] [ 307456] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe =>.Realtek Semiconductor Corp® SR - Auto [02/03/2012] [ 25504] Samsung AllShare PC (SamsungAllShareV2.0) . (.Samsung Electronics Co., Ltd..) - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe =>.Samsung Electronics CO., LTD.® SS - Demand [02/06/2009] [ 637952] ServiceLayer (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe =>.Nokia. SR - Auto [05/04/2014] [ 1915920] SoftThinks Agent Service (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe =>.Dell Inc.® SS - Demand [02/03/2012] [ 27584] SimpleSlideShowServer (SimpleSlideShowServer) . (.Samsung Electronics Co., Ltd..) - C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe =>.Samsung Electronics CO., LTD.® SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SR - Auto [24/12/2009] [ 370688] StarWind AE Service (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe =>.StarWind Software SR - Auto [22/04/2016] [ 31928] Dell SupportAssist Agent (SupportAssistAgent) . (.Dell Inc..) - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe =>.Dell Inc.® SR - Auto [27/04/2016] [ 156016] Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe =>.Bitdefender SRL® SR - Auto [27/04/2016] [ 1693104] Bitdefender Virus Shield (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe =>.Bitdefender SRL® SR - Auto [27/04/2016] [13317960] ZAM Controller Service (ZAMSvc) . (.Zemana Ltd..) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.® SR - Auto [02/03/2013] [ 81536] ZAtheros Wlan Agent (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe =>.Atheros ---\\ Task Planned Automatically (40) - 9s [MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.4EAF6F8F0B3BE33A0E3877EB7FFD48D4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656] (.Activate.) =>.Adobe Systems, Incorporated® [MD5.00000000000000000000000000000000] [APT] [arp_flush] (...) -- C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.2ADD5877BB9196581B9C54E8A2531ED9] [APT] [Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864] (.Bitdefender.) -- C:\Program Files\Bitdefender Agent\WatchDog.exe [622392] (.Activate.) =>.Bitdefender SRL® [MD5.00000000000000000000000000000000] [APT] [Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8] (...) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.7098651FB78BC6950F507C91E6A18CFF] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6675672] (.Activate.) =>.Piriform Ltd® [MD5.F419E9A607B79DAB0AC93119016E8342] [APT] [CLMLSvc_P2G8] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] (.Activate.) =>.CyberLink Corp.® [MD5.2FC635380608BD0D1BF3FB4986676D05] [APT] [CLVDLauncher] (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340000] (.Activate.) =>.CyberLink Corp.® [MD5.00000000000000000000000000000000] [APT] [Dell SupportAssistAgent AutoUpdate] (...) -- Inc. (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [Driver Booster SkipUAC (Mohamed)] (...) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200] (.Activate.) =>.Google Inc® [MD5.B1F9D665E52C29972B50D7145D88DCE1] [APT] [klcp_update] (...) -- C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1177088] (.Activate.) [MD5.00000000000000000000000000000000] [APT] [PCDDataUploadTask] (...) -- uaclauncher.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [PCDEventLauncherTask] (...) -- Inc. (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.283051D1223775945F851AE756C99C87] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1215960] (.Activate.) =>.Dell Inc.® [MD5.82E702A2F6900F36CC7209259EF92A58] [APT] [RtHDVBg_PushButton] (.Realtek Semiconductor.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744] (.Activate.) =>.Realtek Semiconductor Corp® [MD5.77A7603F799D52CEEEB978CD8C961CAE] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- \Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408] (.Activate.) =>.Synaptics Incorporated® [MD5.00000000000000000000000000000000] [APT] [SystemToolsDailyTest] (...) -- uaclauncher.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{141BA9EA-9A0F-4042-9C8F-3531F94EE8C3}] (...) -- C:\Users\Mohamed\Downloads\New folder\MafiaSetup.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [928] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [932] =>.Google Inc® O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] =>.Adobe Systems, Incorporated® O39 - APT: arp_flush - (...) -- C:\Windows\System32\Tasks\arp_flush [2720] (.Orphean.) =>.Superfluous.Orphean O39 - APT: Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 - (.Bitdefender.) -- C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 [3640] =>.Bitdefender SRL® O39 - APT: Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 - (...) -- C:\Windows\System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 [3518] (.Orphean.) =>.Superfluous.Orphean O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2802] =>.Piriform Ltd® O39 - APT: CLMLSvc_P2G8 - (.CyberLink.) -- C:\Windows\System32\Tasks\CLMLSvc_P2G8 [3160] =>.CyberLink Corp.® O39 - APT: CLVDLauncher - (.CyberLink Corp..) -- C:\Windows\System32\Tasks\CLVDLauncher [3160] =>.CyberLink Corp.® O39 - APT: Dell SupportAssistAgent AutoUpdate - (...) -- C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate [3820] (.Orphean.) =>.Superfluous.Orphean O39 - APT: Driver Booster SkipUAC (Mohamed) - (...) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mohamed) [2886] (.Orphean.) =>.Superfluous.Orphean O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3668] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3904] =>.Google Inc® O39 - APT: klcp_update - (...) -- C:\Windows\System32\Tasks\klcp_update [3810] O39 - APT: PCDDataUploadTask - (...) -- C:\Windows\System32\Tasks\PCDDataUploadTask [3352] (.Orphean.) =>.Superfluous.Orphean O39 - APT: PCDEventLauncherTask - (...) -- C:\Windows\System32\Tasks\PCDEventLauncherTask [3484] (.Orphean.) =>.Superfluous.Orphean O39 - APT: PCDoctorBackgroundMonitorTask - (.PC-Doctor, Inc..) -- C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask [4040] =>.Dell Inc.® O39 - APT: RtHDVBg_PushButton - (.Realtek Semiconductor.) -- C:\Windows\System32\Tasks\RtHDVBg_PushButton [3146] =>.Realtek Semiconductor Corp® O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements [2982] =>.Synaptics Incorporated® O39 - APT: SystemToolsDailyTest - (...) -- C:\Windows\System32\Tasks\SystemToolsDailyTest [3230] (.Orphean.) =>.Superfluous.Orphean ---\\ Process running (52) - 4s [MD5.1B276F898588CFB77F20CFC600ED6ED5] - (.Bitdefender - Bitdefender Security Service.) -- C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104] [PID.928] =>.Bitdefender SRL® [MD5.84E3EDF751EAD62B7ABDBF72F829FFA9] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [241152] [PID.1168] =>.AMD [MD5.C6B7B79684A3857B7F9B03C8DBDA0248] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456] [PID.1568] =>.Realtek Semiconductor Corp® [MD5.82E702A2F6900F36CC7209259EF92A58] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744] [PID.1600] =>.Realtek Semiconductor Corp® [MD5.82E702A2F6900F36CC7209259EF92A58] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744] [PID.1608] =>.Realtek Semiconductor Corp® [MD5.8F4FAF01F65CCA632C4E9AFDAC824BC5] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [561664] [PID.1792] =>.AMD [MD5.F2CEEE9ABBCEF207ACB103215AC28BC2] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2372] =>.Adobe Systems, Incorporated® [MD5.139874C9FFBD6A71B5344D947A08688C] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [106952] [PID.2392] =>.Andrea Electronics® [MD5.49748EBE40D14C038AFD80D8419CF960] - (.Qualcomm Atheros Commnucations - AdminService Application.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [227968] [PID.2412] =>.Qualcomm Atheros Commnucations [MD5.0DB1E3F6189C628675F855C0EB510419] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696] [PID.2660] =>.Intel(R) Corporation [MD5.862F0F2F0B4867C3A85C3AC27BBC631C] - (.Copyright (C) 2013 - .) -- C:\ProgramData\MobileBrServ\mbbservice.exe [239184] [PID.2768] =>.Huawei Technologies Co., Ltd.® [MD5.446462BBA744DA60379574926FD51EAB] - (.Copyright (C) 2012 - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912] [PID.2844] [MD5.2DC4BE7BA723BC70D22597A3CF061125] - (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640] [PID.2912] =>.Bitdefender SRL® [MD5.41DDCF1ADD1FB7DE23DCF671740DDBE6] - (.Copyright 2004 - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512] [PID.2936] =>.CyberLink® [MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688] [PID.3024] =>.StarWind Software [MD5.019EA723AE8288231C602F41343735DC] - (.Bitdefender - Bitdefender Update Service.) -- C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016] [PID.3052] =>.Bitdefender SRL® [MD5.D8112BBCB65EEF15AD5AFD4F74D50D21] - (.Zemana Ltd. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960] [PID.3096] =>.Zemana Ltd.® [MD5.7AE00FE0A9A586DA6712458FBF10B3B1] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536] [PID.3172] =>.Atheros [MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.3228] =>.WIBU-SYSTEMS AG® [MD5.77A7603F799D52CEEEB978CD8C961CAE] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3015408] [PID.4144] =>.Synaptics Incorporated® [MD5.00DB08C55C008B67301496213C106CD1] - (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [132224] [PID.5096] =>.Qualcomm Atheros Commnucations [MD5.A1CE26057B6BBA30FEEC504A34D45614] - (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248] [PID.5104] =>.Realtek Semiconductor Corp® [MD5.82E702A2F6900F36CC7209259EF92A58] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744] [PID.2104] =>.Realtek Semiconductor Corp® [MD5.82E702A2F6900F36CC7209259EF92A58] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1407744] [PID.1420] =>.Realtek Semiconductor Corp® [MD5.FEA9E208E1369211798F59D9B31A8822] - (...) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe [12928] [PID.1864] [MD5.E30987C26979B7D45DABAD46E512569F] - (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\quickset.exe [5762408] [PID.1968] =>.Compal Electronics, Inc.® [MD5.AAA919E2177D09C18603AFEB2809D667] - (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1651600] [PID.4136] =>.Bitdefender SRL® [MD5.D8112BBCB65EEF15AD5AFD4F74D50D21] - (.Zemana Ltd. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960] [PID.3964] =>.Zemana Ltd.® [MD5.3DDC1784EA5963EFBDF5D528D53820B4] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3911248] [PID.4292] =>.Tonec Inc. [MD5.2DBF9667A2069E1D4AFE26E91CE5316C] - (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1447840] [PID.5024] =>.Bitdefender SRL® [MD5.139C3E683C64935D397A3A656D443E29] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928] [PID.5456] =>.CyberLink® [MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552] [PID.5500] =>.Sun Microsystems, Inc.® [MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.5524] =>.Tonec Inc.® [MD5.7A84DB64E06281C86AD66CC6F2D6F4C7] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800] [PID.5596] =>.Wondershare software CO., LIMITED® [MD5.85ECB75CE632C65A88436A748B90ACE4] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [126704] [PID.6004] =>.Synaptics Incorporated® [MD5.79B65FCC2AC6169B0B898F2894C61221] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe [8698584] [PID.6080] =>.Piriform Ltd® [MD5.F419E9A607B79DAB0AC93119016E8342] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136] [PID.4976] =>.CyberLink Corp.® [MD5.D8F74B93897C8FDF2EAF4C99E30500A4] - (.Dell Inc. - Dell Data Vault Wizard.) -- C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488] [PID.5552] =>.Techporch Incorporated® [MD5.3AEE4C821114AC707699A28988F27ABB] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344] [PID.3388] =>.Intel Corporation - Intel® Rapid Storage Technology® [MD5.1E09DFA4048196C9D3CC40C485A39422] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.5372] =>.Advanced Micro Devices Inc. [MD5.74CDE657245C114B98816E89B8D4CCD1] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.4520] =>.ATI Technologies Inc. [MD5.1128B38EEC9DAF1B36373B65E87C00A3] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.5736] =>.Intel Corporation - Intel® Management Engine Firmware® [MD5.388B04A767082D0B0581AF475DF943D9] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [368600] [PID.6172] =>.Intel Corporation - Software and Firmware Products® [MD5.328100AF2EFD951EAB657384EC361B6F] - (.Samsung Electronics Co., Ltd. - Samsung AllShare Service.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [25504] [PID.6948] =>.Samsung Electronics CO., LTD.® [MD5.1AFF08DFBB72A235DE60433C4FE7920B] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915920] [PID.7132] =>.Dell Inc.® [MD5.1957C598952FBE08193EE43A109FD3DD] - (.Dell Inc. - Service.) -- C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928] [PID.5208] =>.Dell Inc.® [MD5.E554163D138B79CD8C6EDF73187FC635] - (.Dell Inc. - Dell Data Vault Service.) -- C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024] [PID.3720] =>.Techporch Incorporated® [MD5.283051D1223775945F851AE756C99C87] - (.PC-Doctor, Inc. - PC-Doctor Module.) -- C:\Program Files\Dell\SupportAssist\uaclauncher.exe [1215960] [PID.2608] =>.Dell Inc.® [MD5.2991C495CF25B9AD4E05002222A1E3B0] - (.SoftThinks - Dell - Dell Backup And Recovery Update Launcher.) -- C:\Program Files (x86)\Dell Backup and Recovery\COMPONENTS\DBRUPDATE\DBRUpd.exe [493072] [PID.6372] =>.Dell Inc.® [MD5.C15C29EA66E0695D6E053B8AC751A949] - (.SoftThinks - Dell - Dell Backup And Recovery Toaster.) -- C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe [4163552] [PID.3060] =>.Dell Inc.® [MD5.84EDE9676C0CBD588E3B4CF410A66111] - (.Copyright © 2013 - DBRCrawler.) -- C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe [486880] [PID.2900] =>.Dell Inc.® [MD5.905AA88C8ED186663A39E90F717950FA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Mohamed\Desktop\ZHPDiag3.exe [2199040] [PID.3336] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (22) - 0s G0 - GCSP: Preferences [User Data\Default][HomePage] http://ads1.msads.net G0 - GCSP: Preferences [User Data\Default][HomePage] http://b.scorecardresearch.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://c.msn.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://img-s-msn-com.akamaized.net G0 - GCSP: Preferences [User Data\Default][HomePage] http://otf.msn.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://static-hp-weu-s-msn-com.akamaized.net G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.msn.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.nicolascoolman.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com.sa G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [dhhejlifdlcgcmogbggeomfodgklfaem] Bitdefender Wallet G2 - GCE: Preference [User Data\Default] [fcfenmboojpjinhpgggodefccipikbpd] G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (4) - 1s P2 - EXT FILE: (...) -- C:\Users\Mohamed\AppData\Roaming\Mozilla\Firefox\Profiles\leanhv45.default\extensions\firefox@mega.co.nz.xpi P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla P2 - EXT: (.Microsoft Corporation - Bing Search.) -- C:\Users\Mohamed\AppData\Roaming\Mozilla\Firefox\Profiles\leanhv45.default\extensions\bingsearch.full@microsoft.com =>.Microsoft Corporation P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.1] - (.VideoLAN.) -- C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll =>.VideoLAN ---\\ Internet Explorer Extensions, Start, Search (21) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKEY_USERS\S-1-5-21-4096001809-1678659572-2453698571-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (6) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: Bitdefender Wallet [64Bits] - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll =>.Bitdefender SRL® O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} (Orphean) O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>.Google Inc® O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O2 - BHO: (no name) [64Bits] - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} (Orphean) ---\\ Auto loading programs from Registry and folders (22) - 3s O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [RtHDVBg] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [RtHDVBg_PushButton] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- c:\Program Files\Dell\QuickSet\quickset.exe =>.Compal Electronics, Inc.® O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe =>.Bitdefender SRL® O4 - HKLM\..\Run: [ZAM] . (.Zemana Ltd. - ZAM.) -- C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.® O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe =>.Nokia O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKCU\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe =>.Bitdefender SRL® O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc.® O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe =>.CyberLink® O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Sun Microsystems, Inc.® O4 - HKLM\..\Wow6432Node\Run: [AllShareAgent] . (.Samsung Electronics Co., Ltd. - Samsung AllShare Agent.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe =>.Samsung Electronics CO., LTD.® O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe =>.Wondershare software CO., LIMITED® O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe =>.Qualcomm Atheros Commnucations O4 - HKUS\S-1-5-21-4096001809-1678659572-2453698571-1001\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe =>.Nokia O4 - HKUS\S-1-5-21-4096001809-1678659572-2453698571-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKUS\S-1-5-21-4096001809-1678659572-2453698571-1001\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKUS\S-1-5-21-4096001809-1678659572-2453698571-1001\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe =>.Bitdefender SRL® O4 - HKUS\S-1-5-21-4096001809-1678659572-2453698571-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® ---\\ Global shortcuts Startup (67) - 11s O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - GS\Desktop [Administrator]: Metal Gear Rising REVENGEANCE.lnk . (...) C:\Program Files (x86)\Metal Gear Rising REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe O4 - GS\Desktop [Administrator]: mgsvtpp - Shortcut.lnk . (.Konami Digital Entertainment - METAL GEAR SOLID V: THE PHANTOM PAIN.) C:\Games\MGSVTPP\mgsvtpp.exe =>.KONAMI Digital Entertainment O4 - GS\Desktop [Administrator]: UltraISO.lnk . (.EZB Systems, Inc. - UltraISO Premium Edition.) C:\Program Files (x86)\UltraISO\UltraISO.exe O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Mohamed\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Administrator]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Mohamed\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrator]: Revo Uninstaller Pro.lnk . (.VS Revo Group - Revo Uninstaller Pro.) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe =>.VS Revo Group® O4 - GS\Quicklaunch [Administrator]: Samsung AllShare.lnk . (.Samsung Electronics Co., Ltd. - Samsung AllShare Player.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrator]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrator]: Xilisoft PDF to Word Converter.lnk . (...) C:\Program Files (x86)\Xilisoft\PDF to Word Converter\SplashScreen.exe O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Administrator]: File Explorer.lnk . (...) C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Libraries O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Administrator]: Opera12.16 1860.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera x64\opera.exe =>.Opera Software ASA® O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - GS\Desktop [Guest]: Metal Gear Rising REVENGEANCE.lnk . (...) C:\Program Files (x86)\Metal Gear Rising REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe O4 - GS\Desktop [Guest]: mgsvtpp - Shortcut.lnk . (.Konami Digital Entertainment - METAL GEAR SOLID V: THE PHANTOM PAIN.) C:\Games\MGSVTPP\mgsvtpp.exe =>.KONAMI Digital Entertainment O4 - GS\Desktop [Guest]: UltraISO.lnk . (.EZB Systems, Inc. - UltraISO Premium Edition.) C:\Program Files (x86)\UltraISO\UltraISO.exe O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Mohamed\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Guest]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Mohamed\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Guest]: Revo Uninstaller Pro.lnk . (.VS Revo Group - Revo Uninstaller Pro.) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe =>.VS Revo Group® O4 - GS\Quicklaunch [Guest]: Samsung AllShare.lnk . (.Samsung Electronics Co., Ltd. - Samsung AllShare Player.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Guest]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Guest]: Xilisoft PDF to Word Converter.lnk . (...) C:\Program Files (x86)\Xilisoft\PDF to Word Converter\SplashScreen.exe O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Guest]: File Explorer.lnk . (...) C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Libraries O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Guest]: Opera12.16 1860.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera x64\opera.exe =>.Opera Software ASA® O4 - GS\Desktop [Mohamed]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - GS\Desktop [Mohamed]: Metal Gear Rising REVENGEANCE.lnk . (...) C:\Program Files (x86)\Metal Gear Rising REVENGEANCE\METAL GEAR RISING REVENGEANCE.exe O4 - GS\Desktop [Mohamed]: mgsvtpp - Shortcut.lnk . (.Konami Digital Entertainment - METAL GEAR SOLID V: THE PHANTOM PAIN.) C:\Games\MGSVTPP\mgsvtpp.exe =>.KONAMI Digital Entertainment O4 - GS\Desktop [Mohamed]: UltraISO.lnk . (.EZB Systems, Inc. - UltraISO Premium Edition.) C:\Program Files (x86)\UltraISO\UltraISO.exe O4 - GS\Desktop [Mohamed]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Mohamed\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Desktop [Mohamed]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) C:\Users\Mohamed\AppData\Roaming\uTorrent\uTorrent.exe =>.BitTorrent Inc® O4 - GS\Quicklaunch [Mohamed]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Mohamed]: Revo Uninstaller Pro.lnk . (.VS Revo Group - Revo Uninstaller Pro.) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe =>.VS Revo Group® O4 - GS\Quicklaunch [Mohamed]: Samsung AllShare.lnk . (.Samsung Electronics Co., Ltd. - Samsung AllShare Player.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Mohamed]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Mohamed]: Xilisoft PDF to Word Converter.lnk . (...) C:\Program Files (x86)\Xilisoft\PDF to Word Converter\SplashScreen.exe O4 - GS\sendTo [Mohamed]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\TaskBar [Mohamed]: File Explorer.lnk . (...) C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Libraries O4 - GS\TaskBar [Mohamed]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Mohamed]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\TaskBar [Mohamed]: Opera12.16 1860.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera x64\opera.exe =>.Opera Software ASA® O4 - GS\CommonDesktop [Public]: Acrobat Reader DC.lnk . (.Adobe Systems Incorporated - Adobe Acrobat Reader DC.) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe =>.Adobe Systems, Incorporated® O4 - GS\CommonDesktop [Public]: Alcohol 120%.lnk . (.Alcohol Soft Development Team - Alcohol 120%.) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Alcohol.exe =>.Alcohol Soft® O4 - GS\CommonDesktop [Public]: Bitdefender 2016.lnk . (.Bitdefender - .) C:\Program Files (x86)\Bitdefender\Bitdefender 2016\bdagent.exe =>.BitDefender O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd® O4 - GS\CommonDesktop [Public]: Fast And Furious Showdown.lnk . (...) C:\Program Files (x86)\Fast And Furious Showdown\Fast and Furious Showdown.exe O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation® O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: Nokia PC Suite.lnk . (.Nokia - Nokia Launch Application.) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe =>.Nokia O4 - GS\CommonDesktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) C:\Program Files\Opera x64\opera.exe =>.Opera Software ASA® O4 - GS\CommonDesktop [Public]: Pro Evolution Soccer 2015.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2015.) C:\Program Files (x86)\Pro Evolution Soccer 2015\PES2015.exe =>.Konami Digital Entertainment Co., Ltd. O4 - GS\CommonDesktop [Public]: Revo Uninstaller Pro.lnk . (.VS Revo Group - Revo Uninstaller Pro.) C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe =>.VS Revo Group® O4 - GS\CommonDesktop [Public]: RogueKiller.lnk . (...) C:\Program Files (x86)\RogueKiller\RogueKiller64.exe O4 - GS\CommonDesktop [Public]: Samsung AllShare.lnk . (.Samsung Electronics Co., Ltd. - Samsung AllShare Player.) C:\Program Files (x86)\Samsung\AllShare\AllShare.exe =>.Samsung Electronics CO., LTD.® O4 - GS\CommonDesktop [Public]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe O4 - GS\CommonDesktop [Public]: Xilisoft PDF to Word Converter.lnk . (...) C:\Program Files (x86)\Xilisoft\PDF to Word Converter\SplashScreen.exe O4 - GS\CommonDesktop [Public]: Zemana AntiMalware.lnk . (.Zemana Ltd. - ZAM.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe =>.Zemana Ltd.® O4 - GS\Programs [Public]: Windows Install Clean Up.lnk . (...) C:\Users\Mohamed\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe ---\\ Lop.com/Domain Hijackers (8) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 86.51.34.24 86.51.35.24 O17 - HKLM\System\CCS\Services\Tcpip\..\{3F7A78CC-F34B-43E9-8600-BBE3FF6D7C5A}: DhcpNameServer = 192.168.100.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{696565F5-D214-4772-AA50-552A7A5FFC1E}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{A1A36A13-9A4A-46C5-9D01-A74E879DFB38}: DhcpNameServer = 86.51.34.24 86.51.35.24 O17 - HKLM\System\CCS\Services\Tcpip\..\{C949AF4A-B54A-44AB-AB56-0E5D11D79BFD}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{FB2EE1DA-A99F-4110-BB0A-FA5CDA2731F7}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{C949AF4A-B54A-44AB-AB56-0E5D11D79BFD}: DhcpDomain = hi.link O17 - HKLM\System\CCS\Services\Tcpip\..\{FB2EE1DA-A99F-4110-BB0A-FA5CDA2731F7}: DhcpDomain = hi.link ---\\ Extra protocols (24) - 0s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation® O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation® O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (94) - 26s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-0804-1033-1959-001824166751} =>.Adobe Systems Incorporated O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} =>.Advanced Micro Devices Inc. O42 - Logiciel: Bitdefender Agent - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender Agent =>.Bitdefender SRL® O42 - Logiciel: Bitdefender Total Security 2016 - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender =>.Bitdefender SRL® O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: CyberLink LabelPrint 2.5 - (.CyberLink Corp..) [HKLM][64Bits] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} =>.CyberLink® O42 - Logiciel: CyberLink Media Suite 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {1FBF6C24-C1fD-4101-A42B-0C564F9E8E79} =>.CyberLink Corp.® O42 - Logiciel: CyberLink Media Suite Essentials - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7} =>.CyberLink® O42 - Logiciel: CyberLink Power2Go 8 - (.CyberLink Corp..) [HKLM][64Bits] -- {2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2} =>.CyberLink Corp.® O42 - Logiciel: CyberLink PowerDirector 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {B0B4F6D2-F2AE-451A-9496-6F2F6A897B32} =>.CyberLink Corp.® O42 - Logiciel: CyberLink PowerDVD 10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B} =>.CyberLink Corp.® O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft O42 - Logiciel: Dell Backup and Recovery - (.Dell Inc..) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04} =>.Dell Inc. O42 - Logiciel: Dell Backup and Recovery - Support Software - (.Dell Inc..) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49} =>.Dell Inc. O42 - Logiciel: Dell Data Vault - (.Dell Inc..) [HKLM][64Bits] -- {2E55EEFD-2162-4A7D-9158-EDB0305603A6} =>.Dell Inc. O42 - Logiciel: Dell SupportAssist - (.Dell.) [HKLM][64Bits] -- PC-Doctor for Windows =>.Dell Inc.® O42 - Logiciel: Dell SupportAssistAgent - (.Dell.) [HKLM][64Bits] -- {3ED468C2-2235-4747-90AD-A7A34F0FE70A} =>.Dell O42 - Logiciel: Dell System Detect - (.Dell.) [HKCU][64Bits] -- 58d94f3ce2c27db0 =>.Dell Inc.® O42 - Logiciel: Dell Touchpad - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated O42 - Logiciel: Dell WLAN and Bluetooth Client Installation - (.Dell Inc..) [HKLM][64Bits] -- {28006915-2739-4EBE-B5E8-49B25D32EB33} =>.Dell Inc. O42 - Logiciel: Fast And Furious Showdown (c) Activision version 1 - (...) [HKLM][64Bits] -- RmFzdCBBbmQgRnVyaW91cyBTaG93ZG93biAoYykgQWN0aXZpc2lvbg==_is1 O42 - Logiciel: Fotoğraf Galerisi - (.Microsoft Corporation.) [HKLM][64Bits] -- {DB7B6508-2AAB-4F26-99D4-74559A2F5E42} =>.Microsoft Corporation O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {446CC8CE-0E90-44F7-ADD0-774B243EF090} =>.Microsoft Corporation O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} =>.Google Inc. O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM][64Bits] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} =>.Intel Corporation - Software and Firmware Products® O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140} =>.Intel Corporation O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {5EB368A4-562A-41B6-A5B3-06054A27F5A6} =>.Intel Corporation O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573} =>.Intel Corporation O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {89AFB053-A343-46EF-97E4-D593AD7184E6} =>.Intel Corporation O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: IPTInstaller - (.HTC.) [HKLM][64Bits] -- {08208143-777D-4A06-BB54-71BF0AD1BB70} =>.HTC O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Sun Microsystems, Inc. O42 - Logiciel: Java(TM) 6 Update 22 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216022FF} =>.Oracle O42 - Logiciel: K-Lite Codec Pack 11.8.4 Full - (.KLCP.) [HKLM][64Bits] -- KLiteCodecPack_is1 =>.KLCP O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: Metal Gear Rising REVENGEANCE - (.Black Box.) [HKLM][64Bits] -- {4A431390-7DB8-48FB-924A-030A78172C63} =>.Black Box O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF} =>.Microsoft Corporation O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM][64Bits] -- {67F42018-F647-4D3C-BE62-F8CB4FE2FCD5} =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- SkyDriveSetup.exe =>.Microsoft Corporation® O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM][64Bits] -- Mobile Broadband HL Service =>.Huawei Technologies Co., Ltd.® O42 - Logiciel: Mozilla Firefox 42.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 42.0 (x86 en-US) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: MSVC80_x64 - (.Nokia.) [HKLM][64Bits] -- {68660049-8D48-427C-9FF7-139D8340CDC0} =>.Nokia O42 - Logiciel: MSVC80_x86 - (.Nokia.) [HKLM][64Bits] -- {212748BB-0DA5-46DE-82A1-403736DC9F27} =>.Nokia O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft O42 - Logiciel: Nokia Connectivity Cable Driver - (...) [HKLM][64Bits] -- {BC4AE628-81A4-4FC6-863A-7A9BA2E2531F} O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM][64Bits] -- {52D02A2B-03D2-4E34-A358-DC5D951FD296} =>.Nokia O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM][64Bits] -- {3D39E775-DDDA-4327-B747-0BDC5F191331} =>.Nokia O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM][64Bits] -- Nokia PC Suite {7FEC0CD39F2B040AACD289EA949BFDD6} =>.Nokia O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29} =>.NVIDIA Corporation O42 - Logiciel: OpenAL - (...) [HKLM][64Bits] -- OpenAL =>.Creative Labs Inc® O42 - Logiciel: Opera 12.16 - (.Opera Software ASA.) [HKLM][64Bits] -- Opera 12.16.1860 =>.Opera Software ASA® O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM][64Bits] -- {0C973594-7DDF-4BD0-84ED-3517F7622037} =>.Nokia O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1 O42 - Logiciel: PS TO PC CONVERTER - (...) [HKLM][64Bits] -- {A483F88A-41E9-45B2-AAC9-A823DD9B4873} O42 - Logiciel: PX Profile Update - (.AMD.) [HKLM][64Bits] -- {A85474B2-30B3-2757-1958-4483E958BE9E} =>.AMD O42 - Logiciel: Qualcomm Atheros Bluetooth Suite (64) - (.Qualcomm Atheros Communications.) [HKLM][64Bits] -- {A84A4FB1-D703-48DB-89E0-68B6499D2801} =>.Qualcomm Atheros Communications O42 - Logiciel: Quickset64 - (.Dell Inc..) [HKLM][64Bits] -- {87CF757E-C1F1-4D22-865C-00C6950B5258} =>.Dell Inc. O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp® O42 - Logiciel: Revo Uninstaller Pro 3.1.4 - (.VS Revo Group, Ltd..) [HKLM][64Bits] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1 =>.VS Revo Group, Ltd. O42 - Logiciel: RogueKiller version 12 - (.Adlice Software.) [HKLM][64Bits] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1 =>.Adlice® O42 - Logiciel: Samsung AllShare - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {DF47ACA3-7C78-4C08-8007-AC682563C9F1} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung AllShare - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054} =>.McAfee O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation O42 - Logiciel: Skype™ 7.11 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} =>.Skype Technologies S.A. O42 - Logiciel: Twin USB Vibration Gamepad - (...) [HKLM][64Bits] -- {1BBDD6C0-ED6F-43C3-8A9C-84E3249A5615} O42 - Logiciel: Ubisoft Game Launcher - (.UBISOFT.) [HKLM][64Bits] -- {888F1505-C2B3-4FDE-835D-36353EBD4754} =>.Ubisoft O42 - Logiciel: UltraISO Premium V8.62 - (...) [HKLM][64Bits] -- UltraISO_is1 O42 - Logiciel: USB Force Wheel - (...) [HKLM][64Bits] -- {D5778AE9-6376-4CE6-AD4A-8712F4EC3302} O42 - Logiciel: USB Vibration Joystick - (...) [HKLM][64Bits] -- {4999B2F1-3E74-409A-B8B5-E94448AA9EA6} O42 - Logiciel: VobSub v2.23 (Remove Only) - (...) [HKLM][64Bits] -- VobSub O42 - Logiciel: Windows Driver Package - Nokia Modem (06/01/2009 4.1) - (.Nokia.) [HKLM][64Bits] -- E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84 =>.Microsoft Windows Component Publisher® O42 - Logiciel: Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3) - (.Nokia.) [HKLM][64Bits] -- F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7 =>.Microsoft Windows Component Publisher® O42 - Logiciel: Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM][64Bits] -- FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D =>.Microsoft Windows® O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM][64Bits] -- {121634B0-2F4B-11D3-ADA3-00C04F52DD52} =>.Microsoft Corporation O42 - Logiciel: WinRAR 5.00 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: WinRAR 5.20 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: Xilisoft PDF to Word Converter - (.Xilisoft.) [HKLM][64Bits] -- Xilisoft PDF to Word Converter =>.Xilisoft O42 - Logiciel: Zemana AntiMalware - (.Zemana Ltd..) [HKLM][64Bits] -- {8F0CD7D1-42F3-4195-95CD-833578D45057}_is1 =>.Zemana Ltd.® O42 - Logiciel: معرض الصور - (.Microsoft Corporation.) [HKLM][64Bits] -- {5006FD66-7E9B-4F92-BD36-275AD7712348} =>.Microsoft Corporation ---\\ HKCU & HKLM Software Keys (139) - 26s HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\Alcohol Soft HKLM\SOFTWARE\Wow6432Node\Atari HKLM\SOFTWARE\Wow6432Node\ATHEROS HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\ATI Technologies HKLM\SOFTWARE\Wow6432Node\Bethesda Softworks HKLM\SOFTWARE\Wow6432Node\Bitdefender HKLM\SOFTWARE\Wow6432Node\Bitdefender Agent HKLM\SOFTWARE\Wow6432Node\Bunndle HKLM\SOFTWARE\Wow6432Node\Chromium HKLM\SOFTWARE\Wow6432Node\Comodo HKLM\SOFTWARE\Wow6432Node\CyberLink HKLM\SOFTWARE\Wow6432Node\Deep Silver HKLM\SOFTWARE\Wow6432Node\Dell HKLM\SOFTWARE\Wow6432Node\Dell Inc. HKLM\SOFTWARE\Wow6432Node\DellBackupandRecovery HKLM\SOFTWARE\Wow6432Node\Dell_Wlan HKLM\SOFTWARE\Wow6432Node\Disc Soft HKLM\SOFTWARE\Wow6432Node\EasyBoot Systems HKLM\SOFTWARE\Wow6432Node\EnigmaSoftwareGroup HKLM\SOFTWARE\Wow6432Node\fCoder HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\HTC HKLM\SOFTWARE\Wow6432Node\Icaros HKLM\SOFTWARE\Wow6432Node\Illusion Softworks HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\Insyde HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\IObit HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\KONAMI HKLM\SOFTWARE\Wow6432Node\KONAMIPES6 HKLM\SOFTWARE\Wow6432Node\Lake HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial) HKLM\SOFTWARE\Wow6432Node\MimarSinan HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nokia HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OpenAL HKLM\SOFTWARE\Wow6432Node\PC Connectivity Solution HKLM\SOFTWARE\Wow6432Node\PC-Doctor HKLM\SOFTWARE\Wow6432Node\PCSuite HKLM\SOFTWARE\Wow6432Node\Samsung HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SoftThinks HKLM\SOFTWARE\Wow6432Node\SuppHelpDir HKLM\SOFTWARE\Wow6432Node\Sysinternals HKLM\SOFTWARE\Wow6432Node\Ubisoft HKLM\SOFTWARE\Wow6432Node\VobSub HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Waves Audio HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\Xilisoft HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKLM\SOFTWARE\Wow6432Node\VolDellBackupAndRecovery HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Akeo Consulting HKCU\SOFTWARE\Alcohol Soft HKCU\SOFTWARE\Anchorfree HKCU\SOFTWARE\APN PIP =>.Superfluous.Conduit HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Atheros HKCU\SOFTWARE\ATI HKCU\SOFTWARE\Bitdefender HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\C-motech New UI HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\CyberLink HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\DSS HKCU\SOFTWARE\EasyBoot Systems HKCU\SOFTWARE\EMU HKCU\SOFTWARE\Epic Games HKCU\SOFTWARE\Freeware HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GetData HKCU\SOFTWARE\Google HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\immersionFX Games HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\JGArcadeApp HKCU\SOFTWARE\KC Softwares HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\Malwarebytes' Anti-Malware HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Mirage HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nokia HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\ParetoLogic =>.Superfluous.Paretologic HKCU\SOFTWARE\PC-Doctor HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\Samsung HKCU\SOFTWARE\SecuROM HKCU\SOFTWARE\Skype HKCU\SOFTWARE\StarSynergy HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\Telltale Games HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Ubisoft HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VS Revo Group HKCU\SOFTWARE\Waves Audio HKCU\SOFTWARE\WinAVI HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\Xilisoft HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\Zemana HKCU\SOFTWARE\AppDataLow\Software ---\\ Contents of the Common Files folders (324) - 42s O43 - CFD: 29/08/2013 - [] D -- C:\Program Files\ATI =>.Advanced Micro Devices, Inc.® O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Bitdefender =>.Bitdefender SRL® O43 - CFD: 02/05/2016 - [] D -- C:\Program Files\Bitdefender Agent =>.Bitdefender SRL® O43 - CFD: 02/05/2016 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 18/11/2015 - [] D -- C:\Program Files\Dell =>.PC-Doctor, Inc.® O43 - CFD: 27/04/2016 - [] D -- C:\Program Files\Dell Support Center =>.PC-Doctor, Inc.® O43 - CFD: 14/09/2015 - [] D -- C:\Program Files\DIFX =>.Microsoft Windows® O43 - CFD: 14/04/2015 - [] D -- C:\Program Files\Google O43 - CFD: 29/08/2013 - [] D -- C:\Program Files\Intel =>.Intel Corporation - Intel® Rapid Storage Technology® O43 - CFD: 13/01/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 10/02/2014 - [] D -- C:\Program Files\MATLAB O43 - CFD: 03/11/2014 - [] D -- C:\Program Files\Microsoft Office O43 - CFD: 14/01/2016 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 29/08/2013 - [] D -- C:\Program Files\MSBuild O43 - CFD: 03/10/2013 - [] D -- C:\Program Files\Opera x64 =>.Opera Software ASA® O43 - CFD: 29/08/2013 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics® O43 - CFD: 29/08/2013 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 28/04/2016 - [] D -- C:\Program Files\RogueKiller =>.Adlice® O43 - CFD: 29/08/2013 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated® O43 - CFD: 26/07/2012 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 15/09/2015 - [] D -- C:\Program Files\VS Revo Group =>.VS Revo Group® O43 - CFD: 16/09/2015 - [] D -- C:\Program Files\Windows Defender =>.Microsoft Windows® O43 - CFD: 04/01/2016 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 25/10/2013 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 25/10/2013 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Multimedia Platform O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows NT O43 - CFD: 25/10/2013 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 26/07/2012 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 18/11/2014 - [] SD -- C:\Program Files\Windows Sidebar O43 - CFD: 26/04/2016 - [] D -- C:\Program Files\WindowsApps =>.Microsoft Corporation® O43 - CFD: 02/10/2013 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 21/01/2015 - [0] D -- C:\Program Files\Wondershare O43 - CFD: 02/02/2015 - [] D -- C:\Program Files\ZHPDiag O43 - CFD: 14/04/2015 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems, Incorporated® O43 - CFD: 22/09/2015 - [0] D -- C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 03/02/2014 - [] D -- C:\Program Files (x86)\Alcohol Soft O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\AMD APP O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\AMD AVT O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 17/11/2015 - [] D -- C:\Program Files (x86)\c O43 - CFD: 02/05/2016 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG® O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\CyberLink =>.CyberLink® O43 - CFD: 18/11/2015 - [] D -- C:\Program Files (x86)\Dell O43 - CFD: 02/05/2016 - [] D -- C:\Program Files (x86)\Dell Backup and Recovery =>.Dell Inc.® O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Dell Wireless O43 - CFD: 22/01/2015 - [] D -- C:\Program Files (x86)\Emsisoft Anti-Malware O43 - CFD: 22/02/2016 - [] D -- C:\Program Files (x86)\Fast And Furious Showdown O43 - CFD: 21/07/2014 - [0] D -- C:\Program Files (x86)\FreeTime O43 - CFD: 10/05/2014 - [] D -- C:\Program Files (x86)\Gabest O43 - CFD: 14/04/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 01/03/2015 - [] D -- C:\Program Files (x86)\hide.me VPN O43 - CFD: 17/09/2014 - [] D -- C:\Program Files (x86)\HTC O43 - CFD: 02/04/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 11/01/2016 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 28/10/2015 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 13/01/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 03/04/2014 - [] D -- C:\Program Files (x86)\Java =>.Sun Microsystems, Inc.® O43 - CFD: 08/01/2016 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 07/04/2014 - [0] D -- C:\Program Files (x86)\Lace Mamba Global O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 24/01/2016 - [] D -- C:\Program Files (x86)\Metal Gear Rising REVENGEANCE O43 - CFD: 08/04/2014 - [] D -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE =>.Microsoft Corporation® O43 - CFD: 18/11/2014 - [] D -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 09/10/2013 - [] D -- C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation® O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 03/11/2014 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 03/11/2014 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 13/11/2014 - [] D -- C:\Program Files (x86)\Microsoft Works O43 - CFD: 03/11/2014 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 17/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 17/11/2015 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 18/11/2014 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 23/12/2015 - [0] D -- C:\Program Files (x86)\MSECACHE O43 - CFD: 14/09/2015 - [] D -- C:\Program Files (x86)\Nokia O43 - CFD: 22/09/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\OpenAL =>.Creative Labs Inc® O43 - CFD: 10/05/2014 - [] D -- C:\Program Files (x86)\Opera O43 - CFD: 03/10/2013 - [] D -- C:\Program Files (x86)\Opera x64 O43 - CFD: 14/09/2015 - [] D -- C:\Program Files (x86)\PC Connectivity Solution =>.Microsoft Windows® O43 - CFD: 02/05/2016 - [] D -- C:\Program Files (x86)\Pro Evolution Soccer 2015 O43 - CFD: 23/09/2015 - [0] D -- C:\Program Files (x86)\R.G. Mechanics O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 14/11/2014 - [0] D -- C:\Program Files (x86)\Remedy Entertainment O43 - CFD: 24/07/2014 - [] D -- C:\Program Files (x86)\Samsung =>.Samsung Electronics CO., LTD.® O43 - CFD: 10/02/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 31/03/2016 - [] D -- C:\Program Files (x86)\Ubisoft =>.Ubisoft Massive® O43 - CFD: 27/12/2013 - [] D -- C:\Program Files (x86)\UltraISO O43 - CFD: 16/09/2015 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 24/02/2014 - [] D -- C:\Program Files (x86)\USB 7908 Wheel O43 - CFD: 24/02/2014 - [] D -- C:\Program Files (x86)\USB Vibration =>.InstallShield Software Corporation® O43 - CFD: 17/11/2015 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 16/09/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 15/09/2015 - [] D -- C:\Program Files (x86)\Windows Installer Clean Up O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation® O43 - CFD: 25/10/2013 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 25/10/2013 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 25/10/2013 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 18/11/2014 - [] SD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 04/01/2015 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH® O43 - CFD: 22/02/2014 - [] D -- C:\Program Files (x86)\XeMu360 O43 - CFD: 25/03/2015 - [] D -- C:\Program Files (x86)\Xilisoft O43 - CFD: 23/02/2016 - [] D -- C:\Program Files (x86)\Zain Connect O43 - CFD: 02/05/2016 - [] D -- C:\Program Files (x86)\Zemana AntiMalware =>.Zemana Ltd.® O43 - CFD: 28/10/2015 - [] D -- C:\Program Files (x86)\ZHPDiag O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 05/11/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 14/10/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 03/02/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120% O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atheros Smart Net O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016 O43 - CFD: 18/11/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center O43 - CFD: 02/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 21/07/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo O43 - CFD: 18/11/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite O43 - CFD: 12/04/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Davilex Games O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 11/01/2014 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HotSpot O43 - CFD: 18/11/2014 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel O43 - CFD: 28/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 08/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 26/07/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 13/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 14/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite O43 - CFD: 20/02/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PES6J Launcher O43 - CFD: 27/12/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remedy Entertainment O43 - CFD: 15/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller O43 - CFD: 24/07/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 26/07/2012 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 27/06/2013 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 26/07/2012 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO O43 - CFD: 18/11/2014 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub O43 - CFD: 04/01/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 25/03/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft O43 - CFD: 02/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware O43 - CFD: 14/04/2015 - [] D -- C:\ProgramData\Adobe O43 - CFD: 29/08/2013 - [] D -- C:\ProgramData\AMD O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 07/07/2014 - [] D -- C:\ProgramData\Atheros O43 - CFD: 01/10/2013 - [] D -- C:\ProgramData\ATI O43 - CFD: 21/01/2015 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\bdch O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\BDLogging O43 - CFD: 12/01/2016 - [] D -- C:\ProgramData\Bitdefender O43 - CFD: 11/01/2016 - [] D -- C:\ProgramData\Bitdefender Agent O43 - CFD: 29/08/2013 - [] D -- C:\ProgramData\CLSK O43 - CFD: 27/12/2013 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 03/02/2014 - [] D -- C:\ProgramData\DAEMON Tools Ultra O43 - CFD: 23/02/2016 - [] D -- C:\ProgramData\DatacardService O43 - CFD: 11/01/2016 - [] D -- C:\ProgramData\Dell O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 27/12/2013 - [] D -- C:\ProgramData\Electronic Arts O43 - CFD: 14/04/2015 - [] D -- C:\ProgramData\Google O43 - CFD: 17/09/2014 - [] D -- C:\ProgramData\HTC O43 - CFD: 01/10/2013 - [0] D -- C:\ProgramData\IDM O43 - CFD: 14/09/2015 - [] D -- C:\ProgramData\Installations O43 - CFD: 29/08/2013 - [] D -- C:\ProgramData\install_clap O43 - CFD: 29/08/2013 - [] D -- C:\ProgramData\Intel O43 - CFD: 11/01/2016 - [] D -- C:\ProgramData\IObit O43 - CFD: 20/01/2016 - [] D -- C:\ProgramData\KONAMI O43 - CFD: 04/05/2014 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 16/09/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 26/04/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 09/10/2013 - [] D -- C:\ProgramData\Microsoft SkyDrive O43 - CFD: 28/02/2016 - [] D -- C:\ProgramData\MobileBrServ O43 - CFD: 04/10/2013 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 02/05/2016 - [] D -- C:\ProgramData\Norton O43 - CFD: 09/01/2014 - [] D -- C:\ProgramData\NortonInstaller O43 - CFD: 02/10/2015 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 28/04/2016 - [] D -- C:\ProgramData\ParetoLogic =>.Superfluous.Paretologic O43 - CFD: 14/09/2015 - [] D -- C:\ProgramData\PC Suite O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\PC-Doctor for Windows O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\PCDr O43 - CFD: 01/10/2013 - [] D -- C:\ProgramData\PRICache O43 - CFD: 02/05/2016 - [] D -- C:\ProgramData\ProductData O43 - CFD: 09/10/2013 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 03/11/2014 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 28/10/2015 - [] D -- C:\ProgramData\RogueKiller O43 - CFD: 26/09/2014 - [] D -- C:\ProgramData\Samsung O43 - CFD: 30/09/2015 - [] D -- C:\ProgramData\Skype O43 - CFD: 02/05/2016 - [] D -- C:\ProgramData\softthinks O43 - CFD: 12/04/2014 - [] D -- C:\ProgramData\Solidshield O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 14/11/2014 - [] D -- C:\ProgramData\Steam O43 - CFD: 03/04/2014 - [] D -- C:\ProgramData\Sun O43 - CFD: 15/01/2014 - [] D -- C:\ProgramData\SuperHideIP O43 - CFD: 02/05/2016 - [] D -- C:\ProgramData\SupportAssistAgent O43 - CFD: 26/07/2012 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 15/09/2015 - [] D -- C:\ProgramData\VS Revo Group O43 - CFD: 09/10/2014 - [] D -- C:\ProgramData\Wondershare O43 - CFD: 02/05/2016 - [] D -- C:\ProgramData\X360CE O43 - CFD: 14/04/2015 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Common Files\Atheros O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 14/11/2014 - [] D -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 27/12/2013 - [] D -- C:\Program Files (x86)\Common Files\EZB Systems O43 - CFD: 24/02/2014 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation O43 - CFD: 03/04/2014 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 13/11/2014 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 14/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Nokia O43 - CFD: 28/04/2016 - [] D -- C:\Program Files (x86)\Common Files\ParetoLogic =>.Superfluous.Paretologic O43 - CFD: 14/09/2015 - [] D -- C:\Program Files (x86)\Common Files\PCSuite O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Common Files\QCA_Bluetooth O43 - CFD: 26/07/2012 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 30/09/2015 - [] D -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 15/08/2014 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 14/11/2014 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 29/08/2013 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 09/10/2014 - [] D -- C:\Program Files (x86)\Common Files\Wondershare O43 - CFD: 22/02/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\Activision O43 - CFD: 14/04/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\Adobe O43 - CFD: 17/07/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\AnvSoft O43 - CFD: 13/09/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\Atheros O43 - CFD: 01/10/2013 - [] D -- C:\Users\Mohamed\AppData\Roaming\ATI O43 - CFD: 12/01/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\Bitdefender O43 - CFD: 07/10/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\CyberLink O43 - CFD: 03/02/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\DAEMON Tools Ultra O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\DMCache O43 - CFD: 28/04/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\DriverCure =>.Superfluous.Paretologic O43 - CFD: 06/03/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\Hive Cluster O43 - CFD: 11/01/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\Identities O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\IDM O43 - CFD: 01/10/2013 - [] D -- C:\Users\Mohamed\AppData\Roaming\Intel Corporation O43 - CFD: 11/01/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\IObit O43 - CFD: 15/12/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\KC Softwares O43 - CFD: 01/10/2013 - [] D -- C:\Users\Mohamed\AppData\Roaming\Macromedia O43 - CFD: 19/03/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\Malwarebytes O43 - CFD: 18/11/2015 - [] SD -- C:\Users\Mohamed\AppData\Roaming\Microsoft O43 - CFD: 04/10/2013 - [] D -- C:\Users\Mohamed\AppData\Roaming\Mozilla O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\MPC-HC O43 - CFD: 14/09/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\Nokia O43 - CFD: 03/10/2013 - [] D -- C:\Users\Mohamed\AppData\Roaming\Opera O43 - CFD: 10/05/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\Opera Software O43 - CFD: 28/04/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\ParetoLogic =>.Superfluous.Paretologic O43 - CFD: 14/09/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\PC Suite O43 - CFD: 18/11/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\PCDr O43 - CFD: 21/01/2015 - [0] D -- C:\Users\Mohamed\AppData\Roaming\QuickScan O43 - CFD: 24/07/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\Samsung O43 - CFD: 08/04/2014 - [] RHD -- C:\Users\Mohamed\AppData\Roaming\SecuROM O43 - CFD: 01/01/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\Skype O43 - CFD: 15/01/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\SuperHideIP O43 - CFD: 11/10/2013 - [] D -- C:\Users\Mohamed\AppData\Roaming\UDC Profiles O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\uTorrent O43 - CFD: 07/10/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\WebApp O43 - CFD: 17/07/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\WinAVI O43 - CFD: 02/10/2013 - [] D -- C:\Users\Mohamed\AppData\Roaming\WinRAR O43 - CFD: 07/01/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\Wondershare O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\www.shadowexplorer.com O43 - CFD: 25/03/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\Xilisoft O43 - CFD: 08/01/2014 - [] D -- C:\Users\Mohamed\AppData\Roaming\Zain Connect O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\ZHP O43 - CFD: 01/10/2013 - [0] SHD -- C:\Users\Mohamed\AppData\Local\Application Data O43 - CFD: 02/11/2015 - [] D -- C:\Users\Mohamed\AppData\Local\Apps O43 - CFD: 08/04/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Atari O43 - CFD: 01/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\ATI O43 - CFD: 01/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\BMExplorer O43 - CFD: 29/09/2015 - [] D -- C:\Users\Mohamed\AppData\Local\CEF O43 - CFD: 24/09/2014 - [] D -- C:\Users\Mohamed\AppData\Local\CMO_V2_CanarGo O43 - CFD: 21/07/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Comodo O43 - CFD: 27/04/2016 - [0] D -- C:\Users\Mohamed\AppData\Local\CrashDumps O43 - CFD: 03/04/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Daedalic Entertainment O43 - CFD: 11/01/2016 - [0] D -- C:\Users\Mohamed\AppData\Local\Deployment O43 - CFD: 13/02/2016 - [0] D -- C:\Users\Mohamed\AppData\Local\Diagnostics O43 - CFD: 03/02/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Disc_Soft_Ltd O43 - CFD: 22/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\Downloaded Installations O43 - CFD: 02/11/2015 - [0] D -- C:\Users\Mohamed\AppData\Local\ElevatedDiagnostics O43 - CFD: 14/09/2015 - [] D -- C:\Users\Mohamed\AppData\Local\EMU O43 - CFD: 27/12/2013 - [] D -- C:\Users\Mohamed\AppData\Local\Game Updater O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Local\Google O43 - CFD: 01/10/2013 - [0] SHD -- C:\Users\Mohamed\AppData\Local\History O43 - CFD: 05/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\HP O43 - CFD: 22/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\Intel_Corporation O43 - CFD: 13/01/2016 - [] D -- C:\Users\Mohamed\AppData\Local\Microsoft O43 - CFD: 17/04/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Microsoft Help O43 - CFD: 09/11/2013 - [] D -- C:\Users\Mohamed\AppData\Local\Mozilla O43 - CFD: 03/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\Opera O43 - CFD: 10/05/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Opera Software O43 - CFD: 13/09/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Packages O43 - CFD: 01/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\Power2Go8 O43 - CFD: 01/10/2013 - [] D -- C:\Users\Mohamed\AppData\Local\Programs O43 - CFD: 07/07/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Qualcomm Atheros O43 - CFD: 27/12/2013 - [] D -- C:\Users\Mohamed\AppData\Local\SKIDROW O43 - CFD: 30/09/2015 - [] D -- C:\Users\Mohamed\AppData\Local\Skype O43 - CFD: 01/10/2013 - [0] D -- C:\Users\Mohamed\AppData\Local\softthinks O43 - CFD: 26/09/2015 - [] D -- C:\Users\Mohamed\AppData\Local\storage O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Local\Temp O43 - CFD: 16/09/2015 - [0] D -- C:\Users\Mohamed\AppData\Local\Temporary Internet Files O43 - CFD: 23/01/2014 - [] D -- C:\Users\Mohamed\AppData\Local\VirtualStore O43 - CFD: 15/09/2015 - [] D -- C:\Users\Mohamed\AppData\Local\VS Revo Group O43 - CFD: 17/07/2014 - [] D -- C:\Users\Mohamed\AppData\Local\WinAVI O43 - CFD: 27/09/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Windows Live O43 - CFD: 09/10/2014 - [] D -- C:\Users\Mohamed\AppData\Local\Wondershare O43 - CFD: 02/05/2016 - [] D -- C:\Users\Mohamed\AppData\Local\Zemana O43 - CFD: 01/11/2014 - [0] D -- C:\Users\Mohamed\AppData\Local\ZTEEVDO O43 - CFD: 01/10/2013 - [0] D -- C:\Users\Mohamed\AppData\Local\Programs\Common O43 - CFD: 18/11/2014 - [] RD -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 26/07/2012 - [] RD -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 18/11/2014 - [] RD -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 11/01/2016 - [] RD -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices O43 - CFD: 11/01/2016 - [] D -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell O43 - CFD: 28/10/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 26/07/2012 - [] D -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 18/11/2014 - [] RD -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 18/11/2014 - [] RD -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 10/05/2014 - [0] D -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub O43 - CFD: 04/01/2015 - [] D -- C:\Users\Mohamed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 0s O106 - SIOI: UpToDateOverlayHandler Class [ SkyDrive1] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft SkyDrive Shell Extension.) -- C:\Users\Mohamed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll =>.Microsoft Corporation® O106 - SIOI: SyncingOverlayHandler Class [ SkyDrive2] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft SkyDrive Shell Extension.) -- C:\Users\Mohamed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll =>.Microsoft Corporation® O106 - SIOI: ErrorOverlayHandler Class [ SkyDrive3] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft SkyDrive Shell Extension.) -- C:\Users\Mohamed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll =>.Microsoft Corporation® ---\\ System Drivers List (93) - 11s O58 - SDL:2014/09/22 12:12:30 A . (.360.cn - 360Box64.) -- C:\Windows\System32\drivers\360Box64.sys [311880] =>.Qihoo 360 Software (Beijing) Company Limited® O58 - SDL:2012/07/26 13:00:49 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [106736] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:49 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [492272] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:48 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [340720] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:49 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [184048] =>.Microsoft Windows® O58 - SDL:2012/09/14 21:12:38 A . (.Advanced Micro Devices, Inc. - AMD PCI Root Bus Lower Filter.) -- C:\Windows\System32\drivers\amdkmpfd.sys [36520] =>.Advanced Micro Devices, Inc.® O58 - SDL:2012/07/26 13:00:49 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [76016] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:49 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [258288] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:48 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [26352] =>.Microsoft Windows® O58 - SDL:2009/11/02 18:16:50 A . (.HTC, Corporation - ADB Interface.) -- C:\Windows\System32\drivers\ANDROIDUSB.sys [33736] O58 - SDL:2012/07/26 13:00:49 A . (.PMC-Sierra, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [104688] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:48 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [108272] =>.Microsoft Windows® O58 - SDL:2016/01/11 02:11:24 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athw8x.sys [3915264] =>.Qualcomm Atheros Communications, Inc. O58 - SDL:2013/05/06 08:54:36 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [11612672] =>.Advanced Micro Devices, Inc. O58 - SDL:2013/05/06 07:32:42 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [578048] =>.Advanced Micro Devices, Inc. O58 - SDL:2015/09/21 22:03:36 A . (...) -- C:\Windows\System32\drivers\atksgt.sys [314016] =>.Tages SA® O58 - SDL:2016/04/27 20:24:08 A . (.BitDefender - Active Virus Control filter driver.) -- C:\Windows\System32\drivers\avc3.sys [1623536] =>.Bitdefender SRL® O58 - SDL:2015/09/18 02:24:14 A . (.BitDefender - BitDefender AntiVirus Active Virus Control.) -- C:\Windows\System32\drivers\avchv.sys [282000] =>.Bitdefender SRL® O58 - SDL:2016/04/27 20:24:27 A . (.BitDefender - Active Virus Control Kernel Filtering drive.) -- C:\Windows\System32\drivers\avckf.sys [842152] =>.Bitdefender SRL® O58 - SDL:2014/04/15 15:18:46 A . (.360.cn - BAPIDRV.) -- C:\Windows\System32\drivers\BAPIDRV64.SYS [180808] =>.Qihoo 360 Software (Beijing) Company Limited® O58 - SDL:2013/09/09 00:04:56 A . (.Bitdefender - Bitdefender Early Launch Anti-Malware Drive.) -- C:\Windows\System32\drivers\bdelam.sys [23568] =>.Microsoft Windows Early Launch Anti-malware Publisher® O58 - SDL:2015/12/05 00:27:06 A . (.BitDefender - FileVault Disk Driver.) -- C:\Windows\System32\drivers\bdvedisk.sys [87912] =>.Bitdefender SRL® O58 - SDL:2013/03/01 09:59:04 A . (.Qualcomm Atheros - Qualcomm Atheros A2DP driver.) -- C:\Windows\System32\drivers\btath_a2dp.sys [346192] =>.Atheros Communications Inc.® O58 - SDL:2013/03/01 09:59:04 A . (.Qualcomm Atheros - Qualcomm Atheros Bluetooth AVDT driver.) -- C:\Windows\System32\drivers\btath_avdt.sys [115280] =>.Atheros Communications Inc.® O58 - SDL:2013/03/01 09:59:04 A . (.Qualcomm Atheros - Qualcomm Atheros BUS driver.) -- C:\Windows\System32\drivers\btath_bus.sys [34384] =>.Atheros Communications Inc.® O58 - SDL:2013/03/01 09:59:06 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\drivers\btath_flt.sys [89168] =>.Atheros Communications Inc.® O58 - SDL:2013/03/01 09:59:06 A . (.Qualcomm Atheros - Qualcomm Atheros HCRP driver.) -- C:\Windows\System32\drivers\btath_hcrp.sys [179432] =>.Atheros Communications Inc.® O58 - SDL:2013/03/01 09:59:06 A . (.Qualcomm Atheros - Qualcomm Atheros FILTER driver.) -- C:\Windows\System32\drivers\btath_lwflt.sys [77464] =>.Atheros Communications Inc.® O58 - SDL:2013/03/01 09:59:08 A . (.Qualcomm Atheros - Qualcomm Atheros AVRCP driver.) -- C:\Windows\System32\drivers\btath_rcp.sys [136424] =>.Atheros Communications Inc.® O58 - SDL:2016/01/11 02:11:40 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys [594632] =>.Qualcomm Atheros® O58 - SDL:2011/08/17 14:58:20 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\drivers\ccdcmbox64.sys [27136] =>.Nokia O58 - SDL:2011/08/17 14:58:16 A . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\System32\drivers\ccdcmbx64.sys [19968] =>.Nokia O58 - SDL:2012/06/26 01:24:50 A . (.CyberLink - It is a virtual device driver which could c.) -- C:\Windows\System32\drivers\CLVirtualDrive.sys [92536] =>.CyberLink® O58 - SDL:2007/06/08 19:32:26 A . (.C-motech Co.,Ltd - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\cmusbser.sys [112768] O58 - SDL:2015/09/11 23:53:23 A . (.Dell Computer Corporation - DDDriver.sys.) -- C:\Windows\System32\drivers\DDDriver64Dcsa.sys [32464] =>.Techporch Incorporated® O58 - SDL:2015/09/11 23:53:23 A . (.Dell Computer Corporation - DellProf.sys.) -- C:\Windows\System32\drivers\DellProf.sys [24240] =>.Techporch Incorporated® O58 - SDL:2013/01/25 10:12:08 A . (.OSR Open Systems Resources, Inc. - Airplane Mode Switch Driver.) -- C:\Windows\System32\drivers\DellRbtn.sys [10752] =>.OSR Open Systems Resources, Inc. O58 - SDL:2012/09/20 15:55:27 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3265256] =>.Microsoft Windows® O58 - SDL:2016/04/27 20:27:10 A . (.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) -- C:\Windows\System32\drivers\gzflt.sys [182936] =>.Bitdefender SRL® O58 - SDL:2012/07/26 13:00:52 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64752] =>.Microsoft Windows® O58 - SDL:2013/10/17 20:27:02 A . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\drivers\htcnprot.sys [36928] =>.HTC Corp.® O58 - SDL:2016/01/11 02:12:19 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver -.) -- C:\Windows\System32\drivers\iaStorA.sys [1462720] =>.Intel Corporation - Rapid Storage Technology® O58 - SDL:2012/07/26 13:00:52 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [411888] =>.Microsoft Windows® O58 - SDL:2015/06/12 10:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] =>.Tonec Inc.® O58 - SDL:2013/05/08 09:22:40 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [4431840] =>.Intel Corporation O58 - SDL:2016/04/27 20:27:31 A . (.Bitdefender - IGNIS filter driver.) -- C:\Windows\System32\drivers\ignis.sys [298736] =>.Bitdefender SRL® O58 - SDL:2012/07/26 13:00:52 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [45296] =>.Microsoft Windows® O58 - SDL:2016/01/11 02:11:49 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys [464144] =>.Intel Corporation - Client Components Group® O58 - SDL:2015/09/21 22:03:36 A . (...) -- C:\Windows\System32\drivers\lirsgt.sys [43680] =>.Tages SA® O58 - SDL:2012/07/26 13:00:52 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [108784] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:52 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [92400] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:52 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [116976] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:52 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [81136] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation® O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation® O58 - SDL:2016/04/28 00:52:18 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation® O58 - SDL:2012/07/26 13:00:52 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [51952] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:52 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [353008] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:55 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [64240] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:09:10 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [65408] =>.Malwarebytes Corporation® O58 - SDL:2012/07/26 13:00:55 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [52464] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150256] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:55 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168176] =>.Microsoft Windows® O58 - SDL:2008/08/28 17:44:42 A . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\drivers\pccsmcfdx64.sys [25600] =>.Nokia O58 - SDL:2009/12/30 16:21:26 A . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [31800] =>.VS Revo Group® O58 - SDL:2016/01/11 02:12:39 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.30 64-bit Dr.) -- C:\Windows\System32\drivers\Rt630x64.sys [935168] =>.Realtek Semiconductor Corp® O58 - SDL:2016/01/11 02:13:36 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4628736] =>.Realtek Semiconductor Corp® O58 - SDL:2016/01/11 02:12:28 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\Windows\System32\drivers\RtsUer.sys [404184] =>.Realtek Semiconductor Corp® O58 - SDL:2012/12/21 17:42:28 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\Windows\System32\drivers\RtsUVStor.sys [326368] =>.Realtek Semiconductor Corp® O58 - SDL:2012/07/26 16:11:43 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2012/07/26 13:00:55 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44784] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:56 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81648] =>.Microsoft Windows® O58 - SDL:2013/03/06 02:34:56 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400] =>.Synaptics Incorporated® O58 - SDL:2016/01/11 02:09:37 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\drivers\Smb_driver_Intel.sys [33448] =>.Synaptics Incorporated® O58 - SDL:2014/02/16 18:57:00 A . (.Duplex Secure Ltd. - SCSI Pass Through Direct Host.) -- C:\Windows\System32\drivers\sptd.sys [381440] =>.Disc Soft Ltd® O58 - SDL:2014/01/22 13:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [108800] =>.DEVGURU CO LTD® O58 - SDL:2014/01/22 13:52:10 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [206080] =>.DEVGURU CO LTD® O58 - SDL:2012/07/26 13:00:55 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [30960] =>.Microsoft Windows® O58 - SDL:2013/03/06 02:34:58 A . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [469232] =>.Synaptics Incorporated® O58 - SDL:2014/05/17 08:42:36 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42184] =>.AnchorFree Inc® O58 - SDL:2016/01/11 02:09:57 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverW8x64.sys [184608] =>.Intel Corporation - Embedded Subsystems and IP Blocks Group® O58 - SDL:2013/12/20 04:18:36 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288] =>.Intel Corporation - Intel® Management Engine Firmware® O58 - SDL:2016/05/02 01:50:50 A . (...) -- C:\Windows\System32\drivers\TrueSight.sys [28272] =>.Adlice® O58 - SDL:2016/04/27 20:24:02 A . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\Windows\System32\drivers\trufos.sys [511320] =>.Bitdefender SRL® O58 - SDL:2011/08/17 14:58:26 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\Windows\System32\drivers\usbser_lowerfltjx64.sys [9216] =>.Nokia O58 - SDL:2011/08/17 14:58:22 A . (.Nokia - Filter Driver for Nokia USB Phone Bus Drive.) -- C:\Windows\System32\drivers\usbser_lowerfltx64.sys [9216] =>.Nokia O58 - SDL:2012/07/26 13:00:58 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19184] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:58 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [164080] =>.Microsoft Windows® O58 - SDL:2012/07/26 13:00:58 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [322800] =>.Microsoft Windows® O58 - SDL:2008/05/06 21:06:00 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\drivers\wdcsam64.sys [14464] =>.Western Digital Technologies O58 - SDL:2016/05/02 04:17:57 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zam64.sys [202656] =>.Zemana Ltd.® O58 - SDL:2016/05/02 04:17:53 A . (.Zemana Ltd. - ZAM.) -- C:\Windows\System32\drivers\zamguard64.sys [202656] =>.Zemana Ltd.® O58 - SDL:2013/02/21 10:50:32 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\athw8x.sys [3765760] =>.Qualcomm Atheros Communications, Inc. ---\\ Last modified or created user files (5) - 13s O61 - LFC: 2016/05/02 21:23:34 A . (.{code:GDConstantCompanyName}.) -- C:\Users\Mohamed\Downloads\Programs\RecoverMyFiles-Setup.exe [34345088] {277049179431A7} O61 - LFC: 2016/05/02 03:10:22 A . (.Atribune.org.) -- C:\Users\Mohamed\Desktop\New folder\ATF-Cleaner.exe [50688] O61 - LFC: 2016/05/02 03:29:17 A . (..) -- C:\Users\Mohamed\Desktop\New folder\حذف مكونات فايروس كريبتو ول.bat [449] O61 - LFC: 2016/05/02 22:16:51 A . (..) -- C:\Users\Mohamed\AppData\Local\ATI\ACE\Manifest.Bin [28199] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (16) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- c:\program files\opera x64\opera.exe =>.Opera Software ASA® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera x64\opera.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera x64\opera.exe =>.Opera Software O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - 'Firefox' Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera x64\opera.exe =>.Opera Software ---\\ Search Browser Infection (4) - 1s O69 - SBI: SearchScopes [HKCU] {5F4FDD40-D452-47BC-94A6-D47229CADF35} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {9CF05CA2-06FD-43B5-A511-A079C1FE341A} - (google.com) - http://www.google.com O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {C3C7DC69-AD81-4745-9DCC-48EDE6B1C4DE} - (Bing) - http://www.bing.com/ ---\\ Search Svchost Services (34) - 1s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [204288] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [149504] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [305664] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1366016] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1160192] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99840] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [358400] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [107520] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [62976] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [438784] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [305664] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3286016] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [826368] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [565760] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [894464] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70144] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [151552] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [105472] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1287680] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [219648] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [80896] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [134144] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [210432] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [291328] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84992] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [190976] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1964544] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [47104] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [207872] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [161792] =>.Microsoft Corporation O83 - Search Svchost Services: SystemEventsBroker (SystemEventsBroker) . (.Microsoft Corporation - System Events Broker.) -- C:\Windows\System32\SystemEventsBrokerServer.dll [180224] =>.Microsoft Corporation ---\\ Additional Scan (O88) (8) - 0s HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKCU\SOFTWARE\APN PIP =>.Superfluous.Conduit HKCU\SOFTWARE\ParetoLogic =>.Superfluous.Paretologic C:\ProgramData\ParetoLogic =>.Superfluous.Paretologic C:\Program Files (x86)\Common Files\ParetoLogic =>.Superfluous.Paretologic C:\Users\Mohamed\AppData\Roaming\DriverCure =>.Superfluous.Paretologic C:\Users\Mohamed\AppData\Roaming\ParetoLogic =>.Superfluous.Paretologic ---\\ Summary of the elements found (3) - 0s http://www.nicolascoolman.fr/?p=5145 =>.Superfluous.Paretologic http://www.nicolascoolman.info/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect http://www.nicolascoolman.fr/?p=210 =>.Superfluous.Conduit ~ End of the scan, 71305 items in 00h05mn18s (1166)(0)