~ ZHPDiag v2016.8.2.123 By Nicolas Coolman (2016/08/02)
~ Run by Bouhafsi (Administrator)  (2016/08/03 19:59:51)
~ Web: https://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version:  Version OK
~ Mode: Scan
~ Report: C:\Users\Bouhafsi\Desktop\ZHPDiag.txt
~ Report: C:\Users\Bouhafsi\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)

---\\ Internet Browsers (2) - 1s
GCIE: Google Chrome v51.0.2704.103
MSIE: Internet Explorer v8.0.7601.17514

---\\ Windows Product Information (4) - 0s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : KO

---\\ System protection software (2) - 3s
Kaspersky Anti-Virus v16.0.0.614
Malwarebytes Anti-Malware النسخة 2.2.1.1043

---\\ System optimization software (2) - 4s
CCleaner v3.26
Tweaking.com - Windows Repair v3.6.1

---\\ Surveillance software (1) - 4s
Adobe Flash Player 22 ActiveX

---\\ Sharing software PeerToPeer (1) - 4s
µTorrent v2.0.3

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 55 Stepping 3, GenuineIntel
~ Operating System:  32-bit 
~ Boot mode: Normal (Normal boot)
Total RAM: 1980.788 MB (33% free)
System Restore: Activé (Enable)
System drive C: has 121 GB () free of 176 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: BOUHAFSI-PC
~ User Name: Bouhafsi
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 121 GB free of 176 GB  (System)
~ Drive D: has 67 GB free of 148 GB
~ Drive E: has 21 GB free of 150 GB

---\\ State of the Windows Security Center (17) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (25) - 1s
[MD5.40D777B7A95E00593EB1568C68514493] - 20/11/2010 - (.Microsoft Corporation - مستكشف Windows.) -- C:\Windows\Explorer.exe [2616320]  =>.Microsoft Corporation
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - عملية مضيف Windows (Rundll32)‎.) -- C:\Windows\System32\rundll32.exe [44544]  =>.Microsoft Corporation
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) -- C:\Windows\System32\Wininit.exe [96256]  =>.Microsoft Corporation
[MD5.44214C94911C7CFB1D52CB64D5E8368D] - 20/11/2010 - (.Microsoft Corporation - ملحقات إنترنت لـ Win32.) -- C:\Windows\System32\wininet.dll [980992]  =>.Microsoft Corporation
[MD5.6D13E1406F50C66E2A95D97F22C47560] - 20/11/2010 - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) -- C:\Windows\System32\Winlogon.exe [286720]  =>.Microsoft Corporation
[MD5.E3AE23569749DE12D45BA3B489A036AE] - 20/11/2010 - (.Microsoft Corporation - مكتبة تراخيص البرامج.) -- C:\Windows\System32\sppcomapi.dll [193536]  =>.Microsoft Corporation
[MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - مكتبة الارتباط الديناميكي لواجهة برمجة تطبي.) -- C:\Windows\System32\dnsapi.dll [270336]  =>.Microsoft Corporation
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - 20/11/2010 - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\System32\fr-FR\user32.dll.mui [20480]  =>.Microsoft Corporation
[MD5.1151FD4FB0216CFED887BFDE29EBD516] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944]  =>.Microsoft Corporation
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584]  =>.Microsoft Windows®
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656]  =>.Microsoft Corporation
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544]  =>.Microsoft Corporation
[MD5.F024449C97EC1E464AAFFDA18593DB88] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336]  =>.Microsoft Corporation
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544]  =>.Microsoft Corporation
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) -- C:\Windows\System32\drivers\i8042prt.sys [80896]  =>.Microsoft Corporation
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888]  =>.Microsoft Corporation
[MD5.B272B4C3E085EA860C12F2E4FAF2FFA2] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123904]  =>.Microsoft Corporation
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904]  =>.Microsoft Corporation
[MD5.33C3093D09017CFE2E219F2472BFF6EB] - 20/11/2010 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1211264]  =>.Microsoft Windows®
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) -- C:\Windows\System32\drivers\Parport.sys [79360]  =>.Microsoft Corporation
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848]  =>.Microsoft Corporation
[MD5.B973FCFC50DC1434E1970A146F7E3885] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133632]  =>.Microsoft Corporation
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168]  =>.Microsoft Corporation
[MD5.B459575348C20E8121D6039DA063C704] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74752]  =>.Microsoft Corporation
[MD5.F497F67932C6FA693D7DE2780631CFE7] - 20/11/2010 - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوح.) -- C:\Windows\System32\drivers\volsnap.sys [245632]  =>.Microsoft Windows®

---\\ Non Microsoft non disabled Windows Services (8) - 2s
O23 - Service: avast! Antivirus (avast! Antivirus) . (...) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (.not file.)
O23 - Service: avast! Firewall (avast! Firewall) . (...) - C:\Program Files\AVAST Software\Avast\afwServ.exe (.not file.)
O23 - Service: Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe  =>.Kaspersky Lab®
O23 - Service: ESET Service (ekrn) . (...) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (.not file.)
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2013 - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe  =>.Huawei Technologies Co., Ltd.®
O23 - Service: MobiConnect. OUC (MobiConnect. RunOuc) . (...) - C:\Program Files\MobiConnect\UpdateDog\ouc.exe  =>.Huawei Technologies Co., Ltd.®
O23 - Service: ProductAgentService (ProductAgentService) . (...) - C:\Program Files\Bitdefender Agent\ProductAgentService.exe (.not file.)

---\\ Services not Microsoft (SR=Run, SS=Stop) (14) - 86s

SS - Disabl [27/06/2016] [  270016]  Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe  =>.Adobe Systems Incorporated®
SS - Auto   [08/12/2015] [  194000]  Kaspersky Anti-Virus Service 16.0.0 (AVP16.0.0) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe  =>.Kaspersky Lab®
SS - Auto   [28/08/2015] [  144200]  Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Demand [28/08/2015] [  144200]  Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe  =>.Google Inc®
SS - Disabl [11/06/2010] [  136120]  Google Updater Service (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe  =>.Google Inc®
SR - Auto   [10/04/2013] [  276048]  HWDeviceService.exe (HWDeviceService.exe) . (.Copyright (C) 2013.) - C:\ProgramData\DatacardService\HWDeviceService.exe  =>.Huawei Technologies Co., Ltd.®
SS - Disabl [08/06/2015] [  509424]  Lenovo EasyPlus Hotspot (Lenovo EasyPlus Hotspot) . (.Lenovo.) - C:\Program Files\Common Files\LENOVO\easyplussdk\bin\EPHotspot.exe  =>.LENOVO®
SS - Auto   [14/11/2013] [  656976]  MobiConnect. OUC (MobiConnect. RunOuc) . (...) - C:\Program Files\MobiConnect\UpdateDog\ouc.exe  =>.Huawei Technologies Co., Ltd.®
SS - Disabl [20/08/2014] [  242256]  Mobile Broadband HL Service (Mobile Broadband HL Service) . (.Copyright (C) 2014.) - C:\ProgramData\MobileBrServ\mbbservice.exe  =>.Huawei Technologies Co., Ltd.®
SS - Disabl [04/01/2013] [  115776]  Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe {3CB130EC2013E7B980771F031E0A4115}  =>.Mozilla Foundation
SS - Disabl [04/02/2016] [   31176]   (ShareItSvc) . (.SHAREit Technologies Co.Ltd.) - C:\Program Files\SHAREit\SHAREit\Shareit.Service.exe  =>.LENOVO®
SS - Disabl [15/12/2014] [ 5426448]  TeamViewer 10 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\TeamViewer_Service.exe  =>.TeamViewer®
SS - Disabl [06/11/2013] [  427264]  ZDServ (ZDServ) . (.Copyright (C) 2013.) - C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe  =>.ZTE CORPORATION®

---\\ Task Planned Automatically (29) - 8s
[MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.E324D38B6CCF843ED4F6D521908AEE5B] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe   [270016] (.Activate.)  =>.Adobe Systems Incorporated®
[MD5.00000000000000000000000000000000] [APT] [avast! Emergency Update] (...) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864] (...) -- C:\Program Files\Bitdefender Agent\WatchDog.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.74660C1E9139D95F4E006E8E49EA4986] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe   [3273136] (.Activate.)  =>.Piriform Ltd®
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core] (.Facebook Inc..) -- C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe   [138096] (.Activate.)  =>.Facebook, Inc.®
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA] (.Facebook Inc..) -- C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe   [138096] (.Activate.)  =>.Facebook, Inc.®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [144200] (.Activate.)  =>.Google Inc®
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe   [144200] (.Activate.)  =>.Google Inc®
[MD5.A66CEFC096E3512416C8244C1620F3BD] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files\Maxthon\Bin\MxUp.exe   [1799448] (.Activate.)  =>.Maxthon (Asia) Limited.®
[MD5.00000000000000000000000000000000] [APT] [{02DD9659-373D-435A-9F16-9DE2F0646EF2}] (...) -- D:\Users\Abdelghani Bouhafsi\Saved Games\ںéمں \GTA.III.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [{315C967B-5FFD-4A71-B8F3-B2EC89C79535}] (...) -- E:\Camera\¤يî ںéںمں \Gta San Andreas UP By IsSaM GfX\setup.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [{49930226-118D-485B-88EF-A8E4A6444CCD}] (...) -- D:\ ©ںê¤\QQPlayer_Setup_1.0.280.202.p1.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [{CB7CD008-F57B-4144-B937-6B949E9DF670}] (...) -- D:\ ©ںê¤\QQPlayer_Setup_Arabic_2.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Lenovo] (...) -- C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (.not file.)   [0] (.Activate.)  =>.Superfluous.Empty
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job  [830]   =>.Adobe Systems Incorporated®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core.job  [918]   =>.Facebook, Inc.®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA.job  [940]   =>.Facebook, Inc.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job  [1052]   =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job  [1056]   =>.Google Inc®
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater  [3768]   =>.Adobe Systems Incorporated®
O39 - APT: avast! Emergency Update - (...) -- C:\Windows\System32\Tasks\avast! Emergency Update  [4182]  (.Orphan.)  =>.Superfluous.Orphan
O39 - APT: Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 - (...) -- C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864  [3640]  (.Orphan.)  =>.Superfluous.Orphan
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC  [2778]   =>.Piriform Ltd®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core  [3554]   =>.Facebook, Inc.®
O39 - APT: FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA  [3922]   =>.Facebook, Inc.®
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore  [3800]   =>.Google Inc®
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA  [4052]   =>.Google Inc®
O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update  [3584]   =>.Maxthon (Asia) Limited.®

---\\ Process running (14) - 2s
[MD5.65F6EF551C90B648E0307CEE1342670F] - (.Copyright (C) 2013 - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService.exe [276048] [PID.1860]  =>.Huawei Technologies Co., Ltd.®
[MD5.29DF2514FCED0B7F8E449933EF6E6918] - (...) -- C:\ProgramData\MobiConnect\OnlineUpdate\ouc.exe [656976] [PID.484]  =>.Huawei Technologies Co., Ltd.®
[MD5.C8A0145CA371A09BB46136FD722C8549] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [238160] [PID.808]  =>.Huawei Technologies Co., Ltd.®
[MD5.2285EFF09C752C8EE5235A0DF1B1A176] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_22_0_0_192_ActiveX.exe [1203392] [PID.2416]  =>.Adobe Systems Incorporated®
[MD5.ED254570323BB31DD0BFEB2434D175C9] - (.TechSmith Corporation - Snagit.) -- C:\Program Files\TechSmith\Snagit 10\Snagit32.exe [7067464] [PID.3944]  =>.TechSmith Corporation®
[MD5.38971D3E7F196D1B97EF935061ED5B53] - (.TechSmith Corporation - TechSmith HTML Help Helper.) -- C:\Program Files\TechSmith\Snagit 10\TscHelp.exe [94024] [PID.1536]  =>.TechSmith Corporation®
[MD5.4F8879D0BA69C3632A481FAB5245F88A] - (.TechSmith Corporation - Snagit RPC Helper.) -- C:\Program Files\TechSmith\Snagit 10\SnagPriv.exe [89928] [PID.1740]  =>.TechSmith Corporation®
[MD5.6F487CD41FA0D9B8B2A7F69D6FD7FB80] - (.TechSmith Corporation - Snagit Editor.) -- C:\Program Files\TechSmith\Snagit 10\snagiteditor.exe [7396680] [PID.2668]  =>.TechSmith Corporation®
[MD5.F91E33B1F78C72B5368C5B793365B009] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe [79160] [PID.2608]  =>.Maxthon (Asia) Limited.®
[MD5.F91E33B1F78C72B5368C5B793365B009] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe [79160] [PID.1684]  =>.Maxthon (Asia) Limited.®
[MD5.F91E33B1F78C72B5368C5B793365B009] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe [79160] [PID.1940]  =>.Maxthon (Asia) Limited.®
[MD5.F91E33B1F78C72B5368C5B793365B009] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe [79160] [PID.1956]  =>.Maxthon (Asia) Limited.®
[MD5.F91E33B1F78C72B5368C5B793365B009] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe [79160] [PID.880]  =>.Maxthon (Asia) Limited.®
[MD5.DDC9918EF56150D04C8D1130203CF0F0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\Bouhafsi\Desktop\ZHPDiag3.exe [2235392] [PID.1444]  =>.Nicolas Coolman

---\\ Google Chrome, Start,Search,Extensions (11) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [eahebamiopdhefndnmappcihfajigkka] __MSG_ExtensionName__
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest  =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (9) - 2s
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
P2 - EXT: (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(T.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeploytk.dll  =>.Sun Microsystems, Inc.®
P2 - EXT: (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll {25CC3735E9EC1FC971670E73E369C791}  =>.mozilla.org
P2 - EXT: (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL  =>.Microsoft Corporation®
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32.dll  =>.Adobe Systems Incorporated®
P2 - EXT: (.Adobe Systems, Inc. - Adobe Flash Player Helper 10.0 r45.) -- C:\Program Files\Mozilla Firefox\Plugins\NPSWF32_FlashUtil.exe  =>.Adobe Systems Incorporated®
P2 - EXT FILE: (...) -- C:\Users\Bouhafsi\AppData\Roaming\Mozilla\Firefox\Profiles\x1c7tlrg.default\extensions\testpilot@labs.mozilla.com.xpi
P2 - EXT: (...) -- C:\Users\Bouhafsi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}  =>PUP.Optional.Wajam

---\\ Internet Explorer Extensions, Start, Search (13) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan  =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (8) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)  =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.)  =>.Microsoft Corporation

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (3) - 0s
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} . (.TechSmith Corporation - Snagit Browser Helper Object for Internet E.) -- C:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll  =>.TechSmith Corporation®
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} . (.AO Kaspersky Lab - Kaspersky Protection plugins.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll  =>.Kaspersky Lab®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll  =>.Sun Microsystems, Inc.®

---\\ Global shortcuts Startup (32) - 6s
O4 - GS\Desktop [Administrateur]: 360x180° Mekan.lnk . (.3DMekanlar.com - 360x180° Mekan (Site) Viewer.) C:\Windows\System32\mekanlar\360x180° Mekan.exe
O4 - GS\Desktop [Administrateur]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe  =>.Superfluous.Tencent
O4 - GS\Desktop [Administrateur]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Bouhafsi\AppData\Roaming\ZHP\ZHPDiag3.exe  =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrateur]: Chedot.lnk . (.The Chedot Authors - Chedot.) C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe  =>PUP.Optional.ChedotBrowser
O4 - GS\Quicklaunch [Administrateur]: Foxit Reader.lnk . (...) C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe  =>.Foxit Corporation®
O4 - GS\Quicklaunch [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\Quicklaunch [Administrateur]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe  =>.Mooii Tech®
O4 - GS\Quicklaunch [Administrateur]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files\Google\Picasa3\Picasa3.exe  =>.Google Inc®
O4 - GS\Quicklaunch [Administrateur]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe  =>.Superfluous.Tencent
O4 - GS\Quicklaunch [Administrateur]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files\uTorrent\uTorrent.exe  =>.BitTorrent Inc®
O4 - GS\sendTo [Administrateur]: Adobe Audition 1.5.lnk . (.Adobe Systems®, Incorporated - Adobe Audition.) C:\Program Files\Adobe\Audition 1.5\Audition.exe
O4 - GS\sendTo [Administrateur]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe  =>.Free Time
O4 - GS\TaskBar [Administrateur]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\Desktop [Bouhafsi]: 360x180° Mekan.lnk . (.3DMekanlar.com - 360x180° Mekan (Site) Viewer.) C:\Windows\System32\mekanlar\360x180° Mekan.exe
O4 - GS\Desktop [Bouhafsi]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe  =>.Superfluous.Tencent
O4 - GS\Desktop [Bouhafsi]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\Bouhafsi\AppData\Roaming\ZHP\ZHPDiag3.exe  =>.Nicolas Coolman
O4 - GS\Quicklaunch [Bouhafsi]: Chedot.lnk . (.The Chedot Authors - Chedot.) C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe  =>PUP.Optional.ChedotBrowser
O4 - GS\Quicklaunch [Bouhafsi]: Foxit Reader.lnk . (...) C:\Program Files\Foxit Software\Foxit Reader\Foxit Reader.exe  =>.Foxit Corporation®
O4 - GS\Quicklaunch [Bouhafsi]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\Quicklaunch [Bouhafsi]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe  =>.Mooii Tech®
O4 - GS\Quicklaunch [Bouhafsi]: Picasa 3.lnk . (.Google Inc. - Picasa.) C:\Program Files\Google\Picasa3\Picasa3.exe  =>.Google Inc®
O4 - GS\Quicklaunch [Bouhafsi]: QQPlayer.lnk . (.Tencent Technology Company limited - QQ Player.) C:\Program Files\Tencent\QQPlayer\QQPlayer.exe  =>.Superfluous.Tencent
O4 - GS\Quicklaunch [Bouhafsi]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.) C:\Program Files\uTorrent\uTorrent.exe  =>.BitTorrent Inc®
O4 - GS\sendTo [Bouhafsi]: Adobe Audition 1.5.lnk . (.Adobe Systems®, Incorporated - Adobe Audition.) C:\Program Files\Adobe\Audition 1.5\Audition.exe
O4 - GS\sendTo [Bouhafsi]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe  =>.Free Time
O4 - GS\TaskBar [Bouhafsi]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Adobe Audition 1.5.lnk . (.Adobe Systems®, Incorporated - Adobe Audition.) C:\Program Files\Adobe\Audition 1.5\Audition.exe
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe  =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: DLL-Files.com Client.lnk . (.DLL-files.com - DLL-files.com Client.) C:\Program Files\DLL-Files.com Client\DLLFilesClient.exe {72C23F70C1A11BC0}  =>PUP.Optional.DllFilesFixer
O4 - GS\CommonDesktop [Public]: Kaspersky Anti-Virus.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe  =>.Kaspersky Lab®
O4 - GS\CommonDesktop [Public]: MobiConnect.lnk . (...) C:\Program Files\MobiConnect\MobiConnect.exe
O4 - GS\Programs [Public]: Messenger.lnk . (...) C:\Messenger for Desktop\Messenger.exe

---\\ Lop.com/Domain Hijackers (10) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{037C5E21-8673-4CC4-BB66-1730BDE82C12}: NameServer = 209.244.0.3,209.244.0.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{18BCC017-74F4-4DC9-B733-DBF984230518}: NameServer = 192.168.4.220 209.244.0.3
O17 - HKLM\System\CCS\Services\Tcpip\..\{037C5E21-8673-4CC4-BB66-1730BDE82C12}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{27FC7266-381E-4A27-9E64-3C4437763677}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3FC8CA3E-80B8-49AF-BE28-3DFDC46D9965}: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{64BF9585-E79F-4A5F-8F52-513C9DFCCE02}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FD3D4C0-00C2-43C6-8832-C7DEF199E6B9}: DhcpNameServer = 192.168.8.1 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{93F8ECAF-0547-4DCE-AA76-DCC1F49EF35E}: DhcpNameServer = 192.168.0.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3F48772-9896-4024-AAE3-5CE9A5CEA9B3}: DhcpNameServer = 192.168.8.1 192.168.8.1

---\\ Extra protocols (25) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll  =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll  =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll  =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - عنصر تحكم ActiveX للفيديو المتدفق.) -- C:\Windows\System32\MSVidCtl.dll  =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll  =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - ملحقات OLE32 لـ Win32.) -- C:\Windows\System32\urlmon.dll  =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL  =>.Microsoft Corporation®

---\\ Software installed (75) - 35s
O42 - Logiciel: «Euro Truck Simulator 2» v.1.4.8s - (...) [HKLM] -- «Euro Truck Simulator 2»_is1
O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent  =>.BitTorrent Inc®
O42 - Logiciel: 3alam arriyadiat 1.2 - (...) [HKLM] -- 3alam arriyadiat
O42 - Logiciel: 7-Zip 4.65 - (...) [HKLM] -- 7-Zip
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {34927EBC-98D4-4D53-98BE-510DF5999F50}  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR  =>.Adobe Systems Incorporated
O42 - Logiciel: Adobe Audition 1.5 - (.Adobe Systems.) [HKLM] -- {86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}  =>.Adobe Systems
O42 - Logiciel: Adobe Flash Player 22 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX  =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc.) [HKLM] -- {9A9F7268-3899-4443-B071-B332493925AA}  =>.Adobe Systems, Inc
O42 - Logiciel: Assistant GT v1 - (...) [HKLM] -- Assistant GT_is1
O42 - Logiciel: Aurora 19.0a2 (x86 ar) - (.Mozilla.) [HKLM] -- Aurora 19.0a2 (x86 ar) {3CB130EC2013E7B980771F031E0A4115}  =>.Mozilla
O42 - Logiciel: AutoPlay Media Studio 8 - (.Indigo Rose Corporation.) [HKLM] -- AutoPlay Media Studio 8 {45A3E17188EBAEB6B157ECF6147E0A74}
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM] -- {41E2E6F7-F831-A443-D7D8-3B164D6B936F}
O42 - Logiciel: Ayat - (.UNKNOWN.) [HKLM] -- sa.edu.ksa.ayat
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner  =>.Piriform Ltd®
O42 - Logiciel: Chedot - (.Chedot Publisher.) [HKCU] -- Chedot  =>PUP.Optional.ChedotBrowser
O42 - Logiciel: Creative Pack Volume 1 - (.Corel Corporation.) [HKLM] -- {05181A78-3BA6-4B63-BCE8-888A4BCAACFA}  =>.Corel Corporation
O42 - Logiciel: Daum PotPlayer 1.5.34665 - (...) [HKLM] -- PotPlayer
O42 - Logiciel: Dazzle Video Capture DVC100 X86 Driver 1.08 - (.Pinnacle.) [HKLM] -- {42CDC6B7-1B50-44A8-83AD-1351FDDF175A}  =>.Pinnacle
O42 - Logiciel: DLL-Files.com Client - (.DLL-Files.com Client.) [HKLM] -- DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1 {72C23F70C1A11BC0}  =>PUP.Optional.DllFilesFixer
O42 - Logiciel: Euro Truck Simulator 2 - (.SCS Software.) [HKLM] -- {1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1  =>.SCS Software s.r.o.®
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}  =>.Skype Limited
O42 - Logiciel: Fly on Desktop Screensaver 1.2 - (.Drive Software Company.) [HKLM] -- Fly on Desktop Screensaver_is1  =>.Drive Software Company
O42 - Logiciel: FormatFactory 2.20 - (.Free Time.) [HKLM] -- FormatFactory  =>.Free Time
O42 - Logiciel: Foxit Reader - (.Foxit Corporation.) [HKLM] -- Foxit Reader_is1  =>.Foxit Corporation®
O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- Free PDF to Word Doc Converter_is1  =>.www.hellopdf.com
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM] -- Google Chrome  =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}  =>.Google Inc.
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}  =>Heuristic.Suspect
O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {6F545E5E-4595-11E2-93B6-B8AC6F97B88E}  =>.Google
O42 - Logiciel: GT 7 OrbChanger v1 - (...) [HKLM] -- GT 7 OrbChanger_is1
O42 - Logiciel: Hollywood FX Volumes 1-3 - (.Corel Corporation.) [HKLM] -- {E3D181F8-246B-497F-945E-6DB98CBA6677}  =>.Corel Corporation
O42 - Logiciel: HSPA USB Modem - (.اسم شركتك.) [HKLM] -- {06ADE2A0-E46A-4A84-A211-64CF50520185}
O42 - Logiciel: HSPA USB Modem - (.اسم شركتك.) [HKLM] -- InstallShield_{06ADE2A0-E46A-4A84-A211-64CF50520185}
O42 - Logiciel: iZotope Music & Speech Cleaner - (.iZotope, Inc..) [HKLM] -- iZotope Music & Speech Cleaner_is1  =>.iZotope, Inc.
O42 - Logiciel: Java(TM) 6 Update 18 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216018FF}  =>.Sun Microsystems, Inc.
O42 - Logiciel: Kaspersky Anti-Virus - (.Kaspersky Lab.) [HKLM] -- {77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}  =>.Kaspersky Lab
O42 - Logiciel: Kaspersky Anti-Virus - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}  =>.Kaspersky Lab
O42 - Logiciel: Malwarebytes Anti-Malware النسخة 2.2.1.1043 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1  =>.Malwarebytes
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM] -- Maxthon3  =>.Maxthon (Asia) Limited.®
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}  =>.Lenovo Group Limited
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}  =>.Microsoft Corporation
O42 - Logiciel: MobiConnect - (.Huawei Technologies Co.,Ltd.) [HKLM] -- MobiConnect  =>.Huawei Technologies Co.,Ltd
O42 - Logiciel: MOBICONNECT - (.ZTE Corporation.) [HKLM] -- {BCE97917-E58C-41FA-9B53-859E3FDCE924}  =>.ZTE CORPORATION®
O42 - Logiciel: Mobile Broadband HL Service - (.Huawei Technologies Co.,Ltd.) [HKLM] -- Mobile Broadband HL Service  =>.Huawei Technologies Co., Ltd.®
O42 - Logiciel: Mozilla Firefox (fr) - (.FrontMotion.) [HKLM] -- {64A22291-279E-4050-BABD-C44E61FA4226}
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService  =>.Mozilla
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}  =>.Microsoft Corporation
O42 - Logiciel: NewBlue Effects - (.Corel Corporation.) [HKLM] -- {B2609714-EECB-43B8-9DFC-3CBF34C5F92D}  =>.Corel Corporation
O42 - Logiciel: Package de pilotes Windows - Qualcomm Atheros Communications Inc. (athr) Ne - (.Qualcomm Atheros Communications Inc..) [HKLM] -- 3B5A3D28E20A4A5A273A03F80EE99DFA1B1CFDE7  =>.Qualcomm Atheros Communications Inc.
O42 - Logiciel: Package de pilotes Windows - Realtek (RTL8167) Net  (07/16/2014 7.089.0716. - (.Realtek.) [HKLM] -- 24CA17BAB3F954B1A833B29A63A2948537742F75  =>.Realtek
O42 - Logiciel: Paint.NET v3.5.4 - (.dotPDN LLC.) [HKLM] -- {053B3DA8-91B5-4682-A130-715412A1A252}  =>.dotPDN LLC
O42 - Logiciel: PhotoScape - (...) [HKLM] -- PhotoScape
O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3  =>.Google Inc®
O42 - Logiciel: Pinnacle Studio 19 - (.Corel Corporation.) [HKLM] -- {CF91A83C-B84F-43CE-BCCE-7247E6137173}  =>.Corel Corporation
O42 - Logiciel: Pinnacle Studio 19 - Install Manager - (.Corel Corporation.) [HKLM] -- {891ED714-E54D-4BE1-8DE8-4EE54D9BB402}  =>.Corel Corporation
O42 - Logiciel: Pinnacle Studio 19 - Standard Content Pack - (.Corel Corporation.) [HKLM] -- {37D4E0DC-B765-4915-86D8-A39433A87B75}  =>.Corel Corporation
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}  =>.Realtek Semiconductor Corp®
O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva  =>.Piriform Ltd®
O42 - Logiciel: RogueKiller version 12 - (.Adlice Software.) [HKLM] -- 8B3D7924-ED89-486B-8322-E8594065D5CB_is1  =>.Adlice®
O42 - Logiciel: ScoreFitter Volumes 1-2 - (.Corel Corporation.) [HKLM] -- {0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}  =>.Corel Corporation
O42 - Logiciel: SHAREit - (.Lenovo.) [HKLM] -- SHAREit_is1  =>.Lenovo
O42 - Logiciel: Snagit 10.0.1 - (.TechSmith Corporation.) [HKLM] -- {22FC7536-BE5C-4E88-8069-C24689D34EC5}  =>.TechSmith Corporation
O42 - Logiciel: SuperCopier2 - (...) [HKLM] -- SuperCopier2
O42 - Logiciel: TeamViewer 10 - (.TeamViewer.) [HKLM] -- TeamViewer  =>.TeamViewer®
O42 - Logiciel: Title Extreme - (.Corel Corporation.) [HKLM] -- {F7214014-27EE-4237-9978-2F9D1551559B}  =>.Corel Corporation
O42 - Logiciel: Tweaker GT v1 - (...) [HKLM] -- Tweaker GT_is1
O42 - Logiciel: Tweaking.com - Windows Repair - (.Tweaking.com.) [HKLM] -- Tweaking.com - Windows Repair  =>.Tweaking.com
O42 - Logiciel: Tweaks.com Logon Changer - (.Advanced PC Media LLC.) [HKLM] -- {12F8EFF0-5C16-473B-99AD-67AB866C3E07}
O42 - Logiciel: Uninstall Tool - (.CrystalIDEA Software, Inc..) [HKLM] -- Uninstall Tool_is1  =>.CrystalIDEA Software, Inc.
O42 - Logiciel: VLC media player 2.0.3 - (.VideoLAN.) [HKLM] -- VLC media player  =>.VideoLAN
O42 - Logiciel: WebcamMax - (...) [HKLM] -- WebcamMax
O42 - Logiciel: WinHTTrack Website Copier 3.44-1 - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1  =>.HTTrack
O42 - Logiciel: WinRAR archiver - (.win.rar GmbH.) [HKLM] -- WinRAR archiver  =>.win.rar GmbH
O42 - Logiciel: ZDServer - (.ZTE Corporation.) [HKLM] -- {C8197F5F-E0DC-44f1-8AF2-1AA5A84F695D}  =>.ZTE CORPORATION®

---\\ HKCU & HKLM Software Keys (153) - 35s
HKLM\SOFTWARE\7-Zip
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\amzwfzdxrn
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\Avid
HKLM\SOFTWARE\AviSynth
HKLM\SOFTWARE\Bitdefender Agent
HKLM\SOFTWARE\Corel Corporation
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\DFXCT
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\DLL-Files.com  =>PUP.Optional.DllFilesFixer
HKLM\SOFTWARE\Dolby
HKLM\SOFTWARE\DTS
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Foxit Software
HKLM\SOFTWARE\GN2
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\HSPA
HKLM\SOFTWARE\Huawei technologies
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\KasperskyLab
HKLM\SOFTWARE\Kaydara
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\Knowles
HKLM\SOFTWARE\Lenovo
HKLM\SOFTWARE\LICEcap
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Mooii
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\Mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nahimic
HKLM\SOFTWARE\NeoSmart Technologies
HKLM\SOFTWARE\Nuance
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Paint.NET
HKLM\SOFTWARE\Pegasus Imaging
HKLM\SOFTWARE\Pinnacle
HKLM\SOFTWARE\Pinnacle Systems
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\SCS Software
HKLM\SOFTWARE\SHAREit
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SonicFocus
HKLM\SOFTWARE\SoundResearch
HKLM\SOFTWARE\SRS Labs
HKLM\SOFTWARE\Swearware
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\Tencent  =>.Superfluous.Tencent
HKLM\SOFTWARE\The Silicon Realms Toolworks
HKLM\SOFTWARE\Ulead Systems
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\VMware, Inc.
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\Waves Audio
HKLM\SOFTWARE\WebcamMax
HKLM\SOFTWARE\Westwood
HKLM\SOFTWARE\WinHTTrack Website Copier
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\7-ZIP
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Advanced PC Media LLC
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Avant Browser
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\Avid
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Bomers
HKCU\SOFTWARE\Camfrog
HKCU\SOFTWARE\Chedot  =>PUP.Optional.ChedotBrowser
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\CoreAAC
HKCU\SOFTWARE\Corel
HKCU\SOFTWARE\CrystalIdea Software
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\Daum
HKCU\SOFTWARE\DFXCT
HKCU\SOFTWARE\DLL-Files.com  =>PUP.Optional.DllFilesFixer
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DSP-worx
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\FlyOnDesktopScreen
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Froggie
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GN2
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\IDeskSoft
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\iZotope
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\Lenovo
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Maxthon3
HKCU\SOFTWARE\MediaChance
HKCU\SOFTWARE\Microsof
HKCU\SOFTWARE\Mooii
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NewBlue
HKCU\SOFTWARE\NextUpTech
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Paint.NET
HKCU\SOFTWARE\Pinnacle Systems
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\proDAD
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\SamLab.ws
HKCU\SOFTWARE\SFX TEAM
HKCU\SOFTWARE\SHAREit
HKCU\SOFTWARE\Sony
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\Tencent  =>.Superfluous.Tencent
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VOB
HKCU\SOFTWARE\WinHTTrack Website Copier
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wintertree
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\Yahoo  =>.Yahoo!
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\SOFTWARE
HKCU\SOFTWARE\AppDataLow\TextAloudIEToolbar
HKCU\SOFTWARE\AppDataLow\Software\ThinPrint

---\\ Contents of the Common Files folders (274) - 62s
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\7-Zip
O43 - CFD: 29/05/2016 - [] D -- C:\Program Files\Adobe  =>.Adobe Systems Incorporated®
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Advanced PC Media LLC {008CD8631D935B113E4F8FC651791DE148}
O43 - CFD: 25/03/2016 - [] D -- C:\Program Files\Aurora {3CB130EC2013E7B980771F031E0A4115}
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files\AutoPlay Media Studio 8 {45A3E17188EBAEB6B157ECF6147E0A74}
O43 - CFD: 21/03/2016 - [] D -- C:\Program Files\AVAST Software
O43 - CFD: 21/06/2016 - [] D -- C:\Program Files\Ayat
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Big Mutha Truckers 2
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Big Rigs Over The Road Racing
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Bitdefender Agent
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\CCleaner  =>.Piriform Ltd®
O43 - CFD: 13/06/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Crazy Taxi 1
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Crazy Taxi 3
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\Daum {7FC96B68D1B84F29F8BCBFF36E694051}
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\DIFX
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files\DLL-Files.com Client {72C23F70C1A11BC0}  =>PUP.Optional.DllFilesFixer
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Driver 1
O43 - CFD: 02/08/2015 - [] D -- C:\Program Files\Driver Identifier
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Ducati World 1
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 10/09/2015 - [] D -- C:\Program Files\Euro Truck Simulator 2  =>.SCS Software s.r.o.®
O43 - CFD: 22/07/2015 - [0] SHD -- C:\Program Files\Fichiers communs
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\FlatOut
O43 - CFD: 25/03/2016 - [] D -- C:\Program Files\Fly on Desktop Screensaver
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Ford Racing 2
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Ford Racing 3
O43 - CFD: 12/08/2015 - [] D -- C:\Program Files\Foxit Software  =>.Foxit Corporation®
O43 - CFD: 20/03/2016 - [] D -- C:\Program Files\Free PDF to Word Doc Converter
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\FreeTime
O43 - CFD: 20/05/2016 - [] D -- C:\Program Files\Google  =>.Google Inc®
O43 - CFD: 19/06/2016 - [] D -- C:\Program Files\Grand Theft Auto III
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Hard Truck 18 Wheels of Steel
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Hostless Modem  =>.ZTE CORPORATION®
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\HSPA USB Modem
O43 - CFD: 27/02/2016 - [] HD -- C:\Program Files\InstallJammer Registry
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\Intel
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 14/06/2016 - [] D -- C:\Program Files\iZotope
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Java  =>.Sun Microsystems, Inc.®
O43 - CFD: 28/06/2016 - [] D -- C:\Program Files\Kaspersky Lab  =>.Kaspersky Lab®
O43 - CFD: 11/02/2016 - [0] D -- C:\Program Files\Lenovo
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\LICEcap
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\London Racer Destruction Madness
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\London Racer II
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware  =>.Malwarebytes Corporation®
O43 - CFD: 01/01/2016 - [] D -- C:\Program Files\Maxthon  =>.Maxthon (Asia) Limited.®
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Microsoft Office  =>.Microsoft Corporation®
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Microsoft Silverlight  =>.Microsoft Corporation®
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 02/08/2016 - [] D -- C:\Program Files\MobiConnect  =>.HUAWEI Technologies Co., Ltd.®
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Mozilla Firefox {25CC3735E9EC1FC971670E73E369C791}
O43 - CFD: 25/03/2016 - [] D -- C:\Program Files\Mozilla Maintenance Service {3CB130EC2013E7B980771F031E0A4115}
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 27/06/2016 - [0] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 20/10/2015 - [] D -- C:\Program Files\naja7math
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Notepad++
O43 - CFD: 12/08/2015 - [] D -- C:\Program Files\Paint.NET  =>.dotPDN LLC®
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\PhotoScape  =>.Mooii Tech®
O43 - CFD: 25/07/2015 - [] D -- C:\Program Files\R.G. Catalyst
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Realtek  =>.Andrea Electronics®
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\Recuva  =>.Piriform Ltd®
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\RogueKiller  =>.Adlice®
O43 - CFD: 11/02/2016 - [] D -- C:\Program Files\SHAREit  =>.LENOVO®
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\SuperCopier2
O43 - CFD: 24/02/2016 - [] D -- C:\Program Files\TeamViewer
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files\TechSmith  =>.TechSmith Corporation®
O43 - CFD: 03/07/2016 - [] D -- C:\Program Files\Tencent  =>.Superfluous.Tencent
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\The KMPlayer
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Tweaking.com
O43 - CFD: 19/04/2010 - [] D -- C:\Program Files\TweaksLogon
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Uninstall Tool
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\uTorrent  =>.BitTorrent Inc®
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 10/04/2016 - [] D -- C:\Program Files\WebcamMax
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 24/12/2015 - [] D -- C:\Program Files\Windows GT
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 22/07/2015 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Windows Photo Viewer  =>.Microsoft Corporation®
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 27/06/2016 - [] D -- C:\Program Files\WinHTTrack
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 14/09/2015 - [] D -- C:\Program Files\WWE Raw vs Smackdown 2007
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 06/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibilité
O43 - CFD: 06/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 06/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Systems, Inc
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
O43 - CFD: 03/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client  =>PUP.Optional.DllFilesFixer
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dépannage
O43 - CFD: 27/06/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
O43 - CFD: 10/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
O43 - CFD: 25/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fly on Desktop Screensaver
O43 - CFD: 12/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
O43 - CFD: 20/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
O43 - CFD: 06/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 20/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HSPA USB Modem
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Indigo Rose Corporation
O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
O43 - CFD: 28/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
O43 - CFD: 27/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LICEcap
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Menu de connexion
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MOBICONNECT
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\naja7math
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 06/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils d'administration système
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
O43 - CFD: 09/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
O43 - CFD: 06/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programmes Windows
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Catalyst
O43 - CFD: 27/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Réseau
O43 - CFD: 12/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snagit 10
O43 - CFD: 27/06/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 06/08/2015 - [] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaks.com Logon Changer
O43 - CFD: 27/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall Tool
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebcamMax
O43 - CFD: 24/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows GT
O43 - CFD: 06/08/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 27/02/2016 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 21/03/2016 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 27/06/2016 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 27/06/2016 - [] D -- C:\ProgramData\Bitdefender Agent
O43 - CFD: 22/07/2015 - [0] SHD -- C:\ProgramData\Bureau
O43 - CFD: 13/06/2016 - [] D -- C:\ProgramData\Corel
O43 - CFD: 29/12/2015 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 02/08/2016 - [] D -- C:\ProgramData\DatacardService
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 27/06/2016 - [] D -- C:\ProgramData\Doctor Web
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 21/03/2016 - [] D -- C:\ProgramData\ESET
O43 - CFD: 22/07/2015 - [0] SHD -- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 06/08/2015 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\IndigoRose
O43 - CFD: 03/08/2016 - [] D -- C:\ProgramData\Kaspersky Lab
O43 - CFD: 11/02/2016 - [] D -- C:\ProgramData\Lenovo
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 22/07/2015 - [0] SHD -- C:\ProgramData\Menu Démarrer
O43 - CFD: 29/12/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 11/04/2016 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
O43 - CFD: 02/08/2016 - [] D -- C:\ProgramData\MobiConnect
O43 - CFD: 15/02/2016 - [] D -- C:\ProgramData\MobileBrServ
O43 - CFD: 22/07/2015 - [0] SHD -- C:\ProgramData\Modèles
O43 - CFD: 25/03/2016 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 27/06/2016 - [] D -- C:\ProgramData\RogueKiller
O43 - CFD: 14/06/2016 - [] D -- C:\ProgramData\Roxio Log Files
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 29/10/2015 - [] D -- C:\ProgramData\TechSmith
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\Temp
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 13/06/2016 - [] D -- C:\ProgramData\UniqueId
O43 - CFD: 31/10/2015 - [] D -- C:\ProgramData\VMware
O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\WebcamMax
O43 - CFD: 06/08/2015 - [] D -- C:\ProgramData\ZDSupport
O43 - CFD: 21/06/2016 - [] D -- C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Common Files\Intel
O43 - CFD: 06/01/2016 - [] D -- C:\Program Files\Common Files\LENOVO
O43 - CFD: 06/08/2015 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 13/06/2016 - [] D -- C:\Program Files\Common Files\Pegasus Imaging
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 29/12/2015 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 29/10/2015 - [] D -- C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 29/05/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Adobe
O43 - CFD: 29/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Avant Downloader
O43 - CFD: 29/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Avant Profiles
O43 - CFD: 21/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\AVAST Software
O43 - CFD: 27/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\CrystalIdea Software
O43 - CFD: 24/07/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\CyberLink
O43 - CFD: 03/08/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\DFXCT
O43 - CFD: 03/08/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\DLL-files.com  =>PUP.Optional.DllFilesFixer
O43 - CFD: 28/02/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\DMCache
O43 - CFD: 25/07/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\driveridentifier
O43 - CFD: 28/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\dvdcss
O43 - CFD: 24/12/2015 - [0] D -- C:\Users\Bouhafsi\AppData\Roaming\EncryptStick
O43 - CFD: 21/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\ESET
O43 - CFD: 05/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Foxit Software
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\HaiYuInst
O43 - CFD: 22/07/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Identities
O43 - CFD: 29/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\IndigoRose
O43 - CFD: 22/07/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Macromedia
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Maxthon3
O43 - CFD: 14/07/2009 - [0] D -- C:\Users\Bouhafsi\AppData\Roaming\Media Center Programs
O43 - CFD: 27/06/2016 - [] SD -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Mozilla
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Notepad++
O43 - CFD: 20/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Opera
O43 - CFD: 29/12/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\PhotoScape
O43 - CFD: 30/11/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\PotPlayerMini
O43 - CFD: 27/02/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\sa.edu.ksa.ayat
O43 - CFD: 31/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\TeamViewer
O43 - CFD: 03/07/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Tencent  =>.Superfluous.Tencent
O43 - CFD: 27/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\uTorrent
O43 - CFD: 31/07/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\vlc
O43 - CFD: 31/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\VMware
O43 - CFD: 22/07/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\WinRAR
O43 - CFD: 03/08/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\ZHP
O43 - CFD: 27/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Adobe
O43 - CFD: 22/07/2015 - [0] SHD -- C:\Users\Bouhafsi\AppData\Local\Application Data
O43 - CFD: 25/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Chedot
O43 - CFD: 28/07/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\CrashDumps
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\CyberLink
O43 - CFD: 30/11/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\Daum
O43 - CFD: 03/08/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Diagnostics
O43 - CFD: 13/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Downloaded Installations
O43 - CFD: 21/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\ESET
O43 - CFD: 25/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Facebook
O43 - CFD: 20/05/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Google
O43 - CFD: 22/07/2015 - [0] SHD -- C:\Users\Bouhafsi\AppData\Local\Historique
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\http___www.julien-manici
O43 - CFD: 06/01/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Lenovo
O43 - CFD: 02/08/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Messenger
O43 - CFD: 29/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Microsoft
O43 - CFD: 22/07/2015 - [0] D -- C:\Users\Bouhafsi\AppData\Local\Microsoft Help
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\Mozilla
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\NeoSmart_Technologies
O43 - CFD: 29/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\NextUp
O43 - CFD: 20/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Opera
O43 - CFD: 14/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Paint.NET
O43 - CFD: 25/07/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\Programs
O43 - CFD: 11/02/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\SHAREit
O43 - CFD: 29/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\TechSmith
O43 - CFD: 03/08/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\Temp
O43 - CFD: 22/07/2015 - [0] SHD -- C:\Users\Bouhafsi\AppData\Local\Temporary Internet Files
O43 - CFD: 02/08/2016 - [] D -- C:\Users\Bouhafsi\AppData\Local\VirtualStore
O43 - CFD: 30/10/2015 - [] D -- C:\Users\Bouhafsi\AppData\Local\VMware
O43 - CFD: 30/10/2015 - [0] D -- C:\Users\Bouhafsi\AppData\Local\WMTools Downloaded Files
O43 - CFD: 25/07/2015 - [0] D -- C:\Users\Bouhafsi\AppData\Local\Programs\Common
O43 - CFD: 06/08/2015 - [] RD -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/06/2016 - [] RD -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 25/03/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chedot
O43 - CFD: 29/12/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daum
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 26/06/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 27/06/2016 - [0] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LICEcap
O43 - CFD: 06/08/2015 - [] RD -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 01/01/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 20/10/2015 - [0] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\naja7math
O43 - CFD: 29/12/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recuva
O43 - CFD: 27/06/2016 - [] RD -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 06/08/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SuperCopier2
O43 - CFD: 03/07/2016 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent  =>.Superfluous.Tencent
O43 - CFD: 29/12/2015 - [] D -- C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 21/03/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\ESET
O43 - CFD: 26/07/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft

---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 0s
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - مكتبة DLL الخاصة بملحق Shell للتخزين المحسّ.) -- C:\Windows\System32\EhStorShell.dll  =>.Microsoft Corporation
O106 - SIOI:  [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - واجهة مستخدم ذاكرة التخزين المؤقت من جانب ا.) -- C:\Windows\System32\cscui.dll  =>.Microsoft Corporation
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - امتداد Shell الخاص بالمشاركة.) -- C:\Windows\System32\ntshrui.dll  =>.Microsoft Corporation

---\\ ShareTools MSconfig StartupReg (10) - 1s
O53 - SMSR:HKLM\...\startupreg\amzwfzdxrn  [Key] . (...) -- C:\Users\Bouhafsi\AppData\Local\Temp\amzwfzdxrn.vbs (.not file.)
O53 - SMSR:HKLM\...\startupreg\AntiUsbWorm  [Key] . (...) -- C:\Google\AutoIt3.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\DesktopIconToy  [Key] . (...) -- C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe (.not file.)  =>PUP.Optional.ADON
O53 - SMSR:HKLM\...\startupreg\MxDock  [Key] . (...) -- C:\Program Files\Maxthon\Modules\MxDock\MxDock.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\RTHDVCPL  [Key] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe  =>.Realtek Semiconductor
O53 - SMSR:HKLM\...\startupreg\Speech Recognition  [Key] . (.Microsoft Corporation - Speech Recognition.) -- C:\Windows\Speech\Common\sapisvr.exe  =>.Microsoft Corporation
O53 - SMSR:HKLM\...\startupreg\SuperCopier2.exe  [Key] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe  =>.SFX TEAM
O53 - SMSR:HKLM\...\startupreg\UCam_Menu  [Key] . (...) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\vmware-tray.exe  [Key] . (...) -- C:\Program Files\VMware\VMware Workstation\vmware-tray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\YouCam Mirror Tray icon  [Key] . (...) -- C:\Program Files\CyberLink\YouCam\YouCamTray.exe (.not file.)

---\\ System Drivers List (120) - 16s
O58 - SDL:2016/01/21 01:06:17 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\1FD23A07.sys   [170200]  =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys   [422976]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys   [297552]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys   [146512]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys   [14400]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 14:29:13 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys   [80256]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys   [159312]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 14:29:15 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys   [22400]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys   [76368]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys   [86608]  =>.Microsoft Windows®
O58 - SDL:2016/03/21 12:00:46 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys   [26136]  =>.AVAST Software a.s.®
O58 - SDL:2016/03/21 12:02:00 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys   [67824]  =>.AVAST Software a.s.®
O58 - SDL:2016/03/21 12:00:10 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys   [264560]  =>.AVAST Software a.s.®
O58 - SDL:2016/03/21 12:01:59 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys   [79720]  =>.AVAST Software a.s.®
O58 - SDL:2016/03/21 12:02:00 A . (...) -- C:\Windows\System32\drivers\aswRvrt.sys   [49944]  =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2016/03/21 12:02:02 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys   [775952]  =>.AVAST Software a.s.®
O58 - SDL:2016/03/21 12:02:02 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys   [410528]  =>.AVAST Software a.s.®
O58 - SDL:2016/03/21 12:05:23 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswstm.sys   [64168]  =>.AVAST Software a.s.®
O58 - SDL:2016/03/21 12:02:02 A . (...) -- C:\Windows\System32\drivers\aswVmm.sys   [180248]  =>.AVAST Software a.s.® (ALWIL Software)
O58 - SDL:2014/03/31 15:58:40 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\Windows\System32\drivers\athr.sys   [3260416]  =>.Qualcomm Atheros Communications, Inc.
O58 - SDL:2009/07/14 00:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys   [229888]  =>.Broadcom Corporation
O58 - SDL:2009/07/14 00:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys   [13568]  =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 00:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys   [5248]  =>.Brother Industries, Ltd.
O58 - SDL:2009/07/14 02:57:25 A . (.Brother Industries Ltd. - برنامج تشغيل I/F التسلسلي لـ Brotehr (WDM)‎.) -- C:\Windows\System32\drivers\BrSerId.sys   [272128]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 00:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys   [62336]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 00:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys   [12160]  =>.Brother Industries Ltd.
O58 - SDL:2009/07/14 00:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys   [11904]  =>.Brother Industries Ltd.
O58 - SDL:2015/01/04 06:14:34 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\Windows\System32\drivers\btfilter.sys   [510248]  =>.Qualcomm Atheros®
O58 - SDL:2009/07/14 00:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys   [430080]  =>.Broadcom Corporation
O58 - SDL:2014/08/07 02:08:26 A . (.CrystalIdea Software - Uninstall Tool 3 Driver.) -- C:\Windows\System32\drivers\CisUtMonitor.sys   [27600] {4215F7F5CEF90386A8D495F93DEEDF9C}  =>.CrystalIdea Software
O58 - SDL:2009/07/14 03:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys   [15952]  =>.Microsoft Windows®
O58 - SDL:2008/08/29 18:54:40 A . (.Mobile Connector - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\cmusbser.sys   [103552]  =>.Mobile Connector
O58 - SDL:2015/07/06 00:10:20 A . (.Kaspersky Lab ZAO - Cryptographic Module Driver x86 (Weak).) -- C:\Windows\System32\drivers\cm_km.sys   [201912]  =>.Kaspersky Lab®
O58 - SDL:2009/07/14 03:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys   [70720]  =>.Microsoft Windows®
O58 - SDL:2013/09/17 16:17:38 A . (.ESET - Amon monitor.) -- C:\Windows\System32\drivers\eamonm.sys   [188808]  =>.ESET, spol. s r.o.®
O58 - SDL:2013/09/17 16:17:38 A . (.ESET - ESET Helper driver.) -- C:\Windows\System32\drivers\ehdrv.sys   [134248]  =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/14 03:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys   [453712]  =>.Microsoft Windows®
O58 - SDL:2013/09/17 16:17:38 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfw.sys   [174400]  =>.ESET, spol. s r.o.®
O58 - SDL:2013/09/17 16:17:38 A . (.ESET - Epfw NDIS LightWeight Filter.) -- C:\Windows\System32\drivers\EpfwLWF.sys   [37416]  =>.ESET, spol. s r.o.®
O58 - SDL:2013/09/17 16:17:38 A . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\System32\drivers\epfwwfp.sys   [49240]  =>.ESET, spol. s r.o.®
O58 - SDL:2009/07/14 00:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys   [3100160]  =>.Broadcom Corporation
O58 - SDL:2013/11/14 11:39:03 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys   [25856]  =>.Huawei Tech. Co., Ltd.
O58 - SDL:2013/11/14 11:39:06 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys   [199168]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ewusbwwan.sys   [381952]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - ew_cdcacm Driver.) -- C:\Windows\System32\drivers\ew_cdcacm.sys   [108032]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys   [19200]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:05 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys   [95232]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\drivers\ew_jubusenum.sys   [77824]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys   [101248]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:05 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys   [70528]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\drivers\ew_juextctrl.sys   [27776]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys   [208384]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:04 A . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys   [11904]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2013/11/14 11:39:05 A . (.Huawei Technologies Co., Ltd. - ew_cdcndis Driver.) -- C:\Windows\System32\drivers\ew_wwanecm.sys   [315520]  =>.Huawei Technologies Co., Ltd.
O58 - SDL:2009/09/09 11:23:38 A . (.Intel Corporation - BIOS Update Driver.) -- C:\Windows\System32\drivers\flashud.sys   [42496]  =>.Intel Corporation
O58 - SDL:2009/07/14 00:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys   [26624]  =>.Hauppauge Computer Works, Inc.
O58 - SDL:2009/07/14 03:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys   [67152]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 14:29:54 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys   [332160]  =>.Microsoft Windows®
O58 - SDL:2015/03/30 13:49:48 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys   [3026360]  =>.Intel Corporation - pGFX®
O58 - SDL:2009/07/14 03:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys   [41040]  =>.Microsoft Windows®
O58 - SDL:2014/09/26 16:23:30 A . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\drivers\IntcDAud.sys   [368912]  =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/01/27 07:32:42 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\Windows\System32\drivers\iusb3xhc.sys   [808720]  =>.Intel Corporation - Client Components Group®
O58 - SDL:2015/06/22 20:40:04 A . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\System32\drivers\kl1.sys   [153784]  =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:50:18 A . (.Kaspersky Lab ZAO - Backup Disk Filter [fre_wnet_x86].) -- C:\Windows\System32\drivers\klbackupdisk.sys   [46776]  =>.Kaspersky Lab®
O58 - SDL:2015/06/27 01:30:00 A . (.Kaspersky Lab ZAO - Backup File Filter [fre_wlh_x86].) -- C:\Windows\System32\drivers\klbackupflt.sys   [58224]  =>.Kaspersky Lab®
O58 - SDL:2016/06/28 01:22:14 A . (.AO Kaspersky Lab - Virtual Disk [fre_wnet_x86].) -- C:\Windows\System32\drivers\kldisk.sys   [66976]  =>.Kaspersky Lab®
O58 - SDL:2015/12/08 01:24:14 A . (.AO Kaspersky Lab - Filter Core [fre_wlh_x86].) -- C:\Windows\System32\drivers\klflt.sys   [147328]  =>.Kaspersky Lab®
O58 - SDL:2016/06/28 01:20:06 A . (.AO Kaspersky Lab - klhk [fre_wlh_x86].) -- C:\Windows\System32\drivers\klhk.sys   [53168]  =>.Kaspersky Lab®
O58 - SDL:2016/06/28 01:22:14 A . (.AO Kaspersky Lab - Core System Interceptors [fre_wlh_x86].) -- C:\Windows\System32\drivers\klif.sys   [785328]  =>.Kaspersky Lab®
O58 - SDL:2016/06/28 01:22:15 A . (.AO Kaspersky Lab - Kaspersky Lab Intermediate Network Driver [.) -- C:\Windows\System32\drivers\klim6.sys   [44120]  =>.Kaspersky Lab®
O58 - SDL:2015/06/06 08:31:42 A . (.Kaspersky Lab ZAO - Keyboard Device Filter [fre_wlh_x86].) -- C:\Windows\System32\drivers\klkbdflt.sys   [37048]  =>.Kaspersky Lab®
O58 - SDL:2015/06/07 01:50:04 A . (.Kaspersky Lab ZAO - Mouse Device Filter [fre_wlh_x86].) -- C:\Windows\System32\drivers\klmouflt.sys   [38072]  =>.Kaspersky Lab®
O58 - SDL:2015/12/08 01:24:14 A . (.AO Kaspersky Lab - Format Recognizer [fre_wnet_x86].) -- C:\Windows\System32\drivers\klpd.sys   [39304]  =>.Kaspersky Lab®
O58 - SDL:2015/06/11 15:52:38 A . (.Kaspersky Lab ZAO - Network filtering component [fre_wxp_x86].) -- C:\Windows\System32\drivers\kltdi.sys   [54328]  =>.Kaspersky Lab®
O58 - SDL:2015/06/16 21:59:18 A . (.Kaspersky Lab ZAO - WFP Network Connection Filter Driver [fre_w.) -- C:\Windows\System32\drivers\klwtp.sys   [87736]  =>.Kaspersky Lab®
O58 - SDL:2015/06/23 18:30:50 A . (.Kaspersky Lab ZAO - Network Processor [fre_wnet_x86].) -- C:\Windows\System32\drivers\kneps.sys   [156856]  =>.Kaspersky Lab®
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys   [95824]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys   [89168]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys   [54864]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys   [96848]  =>.Microsoft Windows®
O58 - SDL:2016/03/10 14:08:52 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys   [24448]  =>.Malwarebytes Corporation®
O58 - SDL:2016/03/10 14:08:56 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys   [126336]  =>.Malwarebytes Corporation®
O58 - SDL:2016/07/23 14:56:32 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys   [170200]  =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys   [30800]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys   [235584]  =>.Microsoft Windows®
O58 - SDL:2013/11/14 11:39:06 A . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\drivers\mod7700.sys   [861696]  =>.DiBcom SA
O58 - SDL:2016/03/10 14:09:04 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys   [53120]  =>.Malwarebytes Corporation®
O58 - SDL:2009/07/14 03:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys   [44624]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 14:30:06 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys   [117120]  =>.Microsoft Windows®
O58 - SDL:2010/11/20 14:30:06 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys   [143744]  =>.Microsoft Windows®
O58 - SDL:2004/04/01 16:30:46 A . (.Padus, Inc. - Padus(R) ASPI Shell.) -- C:\Windows\System32\drivers\pfc.sys   [10368]  =>.Padus, Inc.
O58 - SDL:2009/07/14 03:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys   [1383488]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys   [106064]  =>.Microsoft Windows®
O58 - SDL:2014/07/16 05:06:16 A . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys   [719064]  =>.Realtek Semiconductor Corp®
O58 - SDL:2015/04/09 19:30:40 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys   [3675672]  =>.Realtek Semiconductor Corp®
O58 - SDL:2014/11/06 17:54:08 A . (.Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vi.) -- C:\Windows\System32\drivers\RtsBaStor.sys   [235736]  =>.Realtek Semiconductor Corp®
O58 - SDL:2009/07/13 22:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys   [20480]  =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2009/07/14 03:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys   [40016]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys   [77888]  =>.Microsoft Windows®
O58 - SDL:2015/07/22 13:46:13 A . (...) -- C:\Windows\System32\drivers\sptd.sys   [691696]
O58 - SDL:2009/07/14 03:19:04 A . (.Promise Technology - Promise  SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys   [21072]  =>.Microsoft Windows®
O58 - SDL:2016/06/27 03:50:30 A . (...) -- C:\Windows\System32\drivers\TrueSight.sys   [24688]  =>.Adlice®
O58 - SDL:2009/07/14 03:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys   [16976]  =>.Microsoft Windows®
O58 - SDL:2009/07/14 03:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys   [141904]  =>.Microsoft Windows®
O58 - SDL:2012/04/15 23:32:14 A . (.Windows (R) Win 7 DDK provider - WebcamMax Capture.) -- C:\Windows\System32\drivers\wcmvcam.sys   [1068216] {6E0A5E2C7C789BDA175F577FFD554961}  =>.Windows (R) Win 7 DDK provider
O58 - SDL:2009/07/13 23:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
O58 - SDL:2009/07/13 23:40:44 A . (...) -- C:\Windows\System32\country.sys   [27097]
O58 - SDL:2009/07/13 23:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS   [4768]
O58 - SDL:2009/07/13 23:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS   [42809]
O58 - SDL:2009/07/13 23:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS   [42537]
O58 - SDL:2009/07/13 23:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS   [27866]
O58 - SDL:2009/07/13 23:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS   [29146]
O58 - SDL:2009/07/13 23:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS   [29370]
O58 - SDL:2009/07/13 23:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS   [29274]
O58 - SDL:2009/07/13 23:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS   [29146]
O58 - SDL:2009/07/13 23:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS   [33952]
O58 - SDL:2009/07/13 23:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS   [34672]
O58 - SDL:2009/07/13 23:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS   [35776]
O58 - SDL:2009/07/13 23:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS   [35536]
O58 - SDL:2009/07/13 23:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS   [34672]

---\\ Last modified or created user files (3) - 15s
O61 - LFC: 2016/08/03 19:31:59 A . (.DLL-Files.com Client.) -- C:\Users\Bouhafsi\AppData\Roaming\DLL-files.com\DLL-files.com Client\update\client_update_2.1.1000.4243.exe   [3785560] {72C23F70C1A11BC0}  =>PUP.Optional.DllFilesFixer
O61 - LFC: 2016/08/03 19:36:20 A . (..) -- C:\Users\Bouhafsi\AppData\Roaming\DFXCT\backup3.bin   [700]
O61 - LFC: 2016/08/03 19:36:20 A . (..) -- C:\Users\Bouhafsi\AppData\Roaming\DFXCT\backup6.bin   [655]

---\\ File Associations Shell Spawning (11) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - ‎‎مشغل الأداة الإضافية لعارض الأحداث.) -- C:\Windows\System32\eventvwr.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKLM\..\open\Command] (.Mozilla Corporation - Aurora.) -- C:\Program Files\Aurora\firefox.exe {3CB130EC2013E7B980771F031E0A4115}  =>.Mozilla Corporation
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - ‎‎محرر التسجيل.) -- C:\Windows\regedit.exe  =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> <Max3.Association.HTML>[HKCU\..\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe  =>.Maxthon (Asia) Limited.®

---\\ Start Menu Internet (20) - 1s
O68 - StartMenuInternet: <Chedot.IH4JCTTGCT6ZVLF6XKLPWUWF4A> <Chedot>[HKLM\..\Shell\open\Command] (.The Chedot Authors - Chedot.) -- C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe 
O68 - StartMenuInternet: <FIREFOX.EXE> <Aurora>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Aurora.) -- C:\Program Files\Aurora\firefox.exe  {3CB130EC2013E7B980771F031E0A4115}  =>.Mozilla Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   =>.Google Inc®
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   =>.Microsoft Corporation®
O68 - StartMenuInternet: <Maxthon3> <Maxthon Cloud Browser>[HKLM\..\Shell\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe   =>.Maxthon (Asia) Limited.®
O68 - StartMenuInternet: <Chedot.IH4JCTTGCT6ZVLF6XKLPWUWF4A> <Chedot>[HKLM\..\InstallInfo\ShowIconsCommand] (.The Chedot Authors - Chedot.) -- C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe  =>PUP.Optional.ChedotBrowser
O68 - StartMenuInternet: <FIREFOX.EXE> <Aurora>[HKLM\..\InstallInfo\ShowIconsCommand] (.mozilla.org - Aurora Helper.) -- C:\Program Files\Aurora\uninstall\helper.exe  =>.mozilla.org
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Maxthon3> <Maxthon Cloud Browser>[HKLM\..\InstallInfo\ShowIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe  =>.Maxthon International ltd.
O68 - StartMenuInternet: <Chedot.IH4JCTTGCT6ZVLF6XKLPWUWF4A> <Chedot>[HKLM\..\InstallInfo\ReinstallCommand] (.The Chedot Authors - Chedot.) -- C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe  =>PUP.Optional.ChedotBrowser
O68 - StartMenuInternet: <FIREFOX.EXE> <Aurora>[HKLM\..\InstallInfo\ReinstallCommand] (.mozilla.org - Aurora Helper.) -- C:\Program Files\Aurora\uninstall\helper.exe  =>.mozilla.org
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Maxthon3> <Maxthon Cloud Browser>[HKLM\..\InstallInfo\ReinstallCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe  =>.Maxthon International ltd.
O68 - StartMenuInternet: <Chedot.IH4JCTTGCT6ZVLF6XKLPWUWF4A> <Chedot>[HKLM\..\InstallInfo\HideIconsCommand] (.The Chedot Authors - Chedot.) -- C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe  =>PUP.Optional.ChedotBrowser
O68 - StartMenuInternet: <FIREFOX.EXE> <Aurora>[HKLM\..\InstallInfo\HideIconsCommand] (.mozilla.org - Aurora Helper.) -- C:\Program Files\Aurora\uninstall\helper.exe  =>.mozilla.org
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe  =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe  =>.Microsoft Corporation
O68 - StartMenuInternet: <Maxthon3> <Maxthon Cloud Browser>[HKLM\..\InstallInfo\HideIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files\Maxthon\Bin\Maxthon.exe  =>.Maxthon International ltd.

---\\ Search Browser Infection (4) - 10s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - http://www.google.com/
O69 - SBI: SearchScopes [HKCU] {9B1DA960-E39E-4B51-951E-7800FAA09207} [DefaultScope] - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/

---\\ Search Svchost Services (33) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll   [62464]  =>.Microsoft Corporation
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]  =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]  =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة الخادم.) -- C:\Windows\System32\srvsvc.dll   [168960]  =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll   [593408]  =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL   [674304]  =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - خدمة صوت Windows.) -- C:\Windows\System32\audiosrv.dll   [473600]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - إدارة الطلب التلقائي للوصول عن بُعد.) -- C:\Windows\System32\rasauto.dll   [90624]  =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll   [286208]  =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll   [75264]  =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - خدمة الإعلام بأحداث النظام (SENS).) -- C:\Windows\System32\Sens.dll   [49664]  =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll   [300544]  =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll   [242176]  =>.Microsoft Corporation
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll   [521216]  =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1933848]  =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - خدمة النقل الذكي في الخلفية.) -- C:\Windows\System32\qmgr.dll   [585728]  =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll   [328192]  =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll   [499712]  =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\System32\seclogon.dll   [21504]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - خدمة معلومات التطبيقات.) -- C:\Windows\System32\appinfo.dll   [47104]  =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - خدمة اكتشاف iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [114688]  =>.Microsoft Corporation
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - خدمة جدولة فئات تعدد الوسائط.) -- C:\Windows\System32\mmcss.dll   [49664]  =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll   [61440]  =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll   [98304]  =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164352]  =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\System32\schedsvc.dll   [750592]  =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL   [71168]  =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - خدمة تكوين سطح المكتب البعيد.) -- C:\Windows\System32\SessEnv.dll   [113664]  =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]  =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمة مستعرض الكم.) -- C:\Windows\System32\browser.dll   [102400]  =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات نُسق Windo.) -- C:\Windows\System32\themeservice.dll   [37376]  =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - خدمة BDE.) -- C:\Windows\System32\bdesvc.dll   [76800]  =>.Microsoft Corporation
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll   [149504]  =>.Microsoft Corporation

---\\ Firewall Active Exception List (7) - 4s
O87 - FAEL: "{2CB27974-43D2-4CF3-ABC2-371344CAE213}" [In-None-P17-TRUE] .(.The Chedot Authors - Chedot.) -- C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe  =>PUP.Optional.ChedotBrowser
O87 - FAEL: "{7927BD9B-76B0-468A-A8D0-720CC3C6F62E}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Pinnacle\Studio 19\programs\RM.exe (.not file.)
O87 - FAEL: "{47956894-8E61-4E51-B018-EA58DB524331}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Pinnacle\Studio 19\programs\RM.exe (.not file.)
O87 - FAEL: "{828C112A-AF83-446A-81FF-26FC737AF1B4}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe (.not file.)
O87 - FAEL: "{C4011BE1-E33A-4130-A807-999EEE184433}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe (.not file.)
O87 - FAEL: "{F8E1742D-D60F-44FC-85CB-CE9DC4D049EB}" [In-None-P6-TRUE] .(...) -- C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe (.not file.)
O87 - FAEL: "{536DA596-65A3-42D6-B73F-3A1F3DCC30DC}" [In-None-P17-TRUE] .(...) -- C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe (.not file.)

---\\ Additional Scan (O88) (19) - 0s
C:\Users\Bouhafsi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}  =>PUP.Optional.Wajam
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1  =>PUP.Optional.DllFilesFixer
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}  =>Heuristic.Suspect
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1  =>PUP.Optional.DllFilesFixer
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}  =>Heuristic.Suspect
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Chedot  =>PUP.Optional.ChedotBrowser
HKLM\SOFTWARE\DLL-Files.com  =>PUP.Optional.DllFilesFixer
HKLM\SOFTWARE\Tencent  =>.Superfluous.Tencent
HKCU\SOFTWARE\Chedot  =>PUP.Optional.ChedotBrowser
HKCU\SOFTWARE\DLL-Files.com  =>PUP.Optional.DllFilesFixer
HKCU\SOFTWARE\Tencent  =>.Superfluous.Tencent
C:\Program Files\DLL-Files.com Client  =>PUP.Optional.DllFilesFixer
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client  =>PUP.Optional.DllFilesFixer
C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
C:\Users\Bouhafsi\AppData\Roaming\DLL-files.com  =>PUP.Optional.DllFilesFixer
C:\Users\Bouhafsi\AppData\Roaming\Tencent  =>.Superfluous.Tencent
C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent  =>.Superfluous.Tencent
C:\Users\Bouhafsi\AppData\Roaming\DLL-files.com\DLL-files.com Client\update\client_update_2.1.1000.4243.exe  =>PUP.Optional.DllFilesFixer
C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe  =>PUP.Optional.ChedotBrowser

---\\ Summary of the elements found (8) - 0s
https://www.nicolascoolman.fr/?p=263  =>PUP.Optional.Wajam
https://www.nicolascoolman.fr/pup-optional-chedotbrowser/  =>PUP.Optional.ChedotBrowser
https://www.nicolascoolman.fr/pup-optional-dllfilesfixer/  =>PUP.Optional.DllFilesFixer
https://www.anti-malware.top/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect
https://www.nicolascoolman.fr/?p=368  =>.Superfluous.Tencent
https://www.anti-malware.top/2016/05/04/hacktool-autokms/  =>HackTool.AutoKMS
https://www.nicolascoolman.fr/?p=960  =>PUP.Optional.ADON
https://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Chedot

~ End of the scan, 31875 items in 00h04mn33s (1077)