~ ZHPDiag v2016.8.4.125 By Nicolas Coolman (2016/08/03) ~ Run by mezoo (Administrator) (2016/08/05 08:09:08) ~ Web: https://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version KO ~ Mode: Scan ~ Report: C:\Users\mezoo\Desktop\ZHPDiag.txt ~ Report: C:\Users\mezoo\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows 10 Pro, 64-bit (Build 10586) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v51.0.2704.103 MFIE: Mozilla Firefox 43.0.1 (x86 en-US) MSIE: Internet Explorer v11.494.10586.0 ---\\ Windows Product Information (3) - 3s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK ---\\ System protection software (2) - 4s Malwarebytes Anti-Malware version 2.2.1.1043 Windows Defender (Activate) ---\\ System protection software (Superfluous) (1) - 4s ESET Online Scanner v3 ---\\ Surveillance software (2) - 5s Adobe Flash Player 16 PPAPI Adobe Reader XI ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 8324.048 MB (64% free) System Restore: Activé (Enable) System drive C: has 165 GB () free of 463 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: MEZO ~ User Name: mezoo ~ Logged in as Administrator ---\\ Enumeration of the disk units (4) - 0s ~ Drive C: has 165 GB free of 463 GB (System) ~ Drive D: has 104 GB free of 464 GB ~ Drive I: has GB free of 4 GB ~ Drive J: has 1838 GB free of 5723 GB ---\\ State of the Windows Security Center (7) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ---\\ Search Generic System Files (24) - 1s [MD5.E396258CFD8F84E8F2C24930E6D88C67] - 01/07/2016 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [4515256] =>.Microsoft Windows® [MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 23/04/2016 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher® [MD5.1EEBC6859473037A1A671738AD083C7D] - 01/07/2016 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [3026944] =>.Microsoft Corporation [MD5.5C156EC4E44E30331BCC865A3B61D839] - 23/04/2016 - (.Microsoft Corporation - Windows Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation [MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Software Licensing Library.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation [MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 29/03/2016 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows® [MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 29/03/2016 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows® [MD5.70148EFA9A562E7185B75BBE7D376BF7] - 27/04/2016 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows® [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows® [MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation [MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation [MD5.935823F79CBEDB91637B63D37E3A5A36] - 29/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation [MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation [MD5.0B3B0C1D86050355676640488FA897D3] - 27/04/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows® [MD5.C03E926B0E7D66D68994067231DC3246] - 28/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [278528] =>.Microsoft Corporation [MD5.19BD8A88AAC580592668B070AC0727D9] - 29/03/2016 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows® [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation [MD5.E3C82823B22463BC38AA4F8ADA852624] - 27/04/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 27/04/2016 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 27/04/2016 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows® [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (10) - 0s O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe =>.Microsoft Windows Hardware Compatibility Publisher® O23 - Service: Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: (MBAMScheduler) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® O23 - Service: TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH - TeamViewer 11.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer® O23 - Service: Wondershare Application Framework Service (WsAppService) . (.Wondershare - Wondershare AppService.) - C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe =>.Wondershare ---\\ Services not Microsoft (SR=Run, SS=Stop) (28) - 11s SR - Auto [21/12/2013] [ 65432] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe =>.Adobe Systems, Incorporated® SS - Disabl [13/02/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [12/07/2015] [ 254488] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe =>.AMD SR - Auto [02/03/2016] [ 83768] Apple Mobile Device Service (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe =>.Apple Inc.® SS - Demand [29/11/2013] [ 1296728] BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) . (.www.BitComet.com.) - C:\Program Files\BitComet\tools\BitCometService.exe =>.Shanghai Comet Network Technology® SR - Auto [12/08/2015] [ 462096] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe =>.Apple Inc.® SR - Demand [21/05/2015] [ 1272560] Disc Soft Lite Bus Service (Disc Soft Lite Bus Service) . (.Disc Soft Ltd.) - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe =>.Disc Soft Ltd® SS - Disabl [23/08/2012] [ 658576] ePower Service (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe =>.Acer Incorporated® SS - Disabl [10/02/2011] [ 91432] Seagate Drive Settings Service (FreeAgentGoFlex Service) . (.Seagate Technology LLC.) - C:\Program Files (x86)\Seagate\DriveSettings\Sync\SeagateDriveSettingsService.exe =>.Seagate Technology, LLC® SS - Auto [28/02/2015] [ 107848] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [28/02/2015] [ 107848] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Disabl [13/07/2012] [ 2451456] IconMan_R (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe =>.Realsil Microelectronics Inc. SS - Demand [04/04/2005] [ 69632] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe =>.Macrovision Corporation SS - Disabl [21/04/2012] [ 635104] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe =>.Intel® Upgrade Service® SS - Demand [26/07/2016] [ 651576] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe =>.Apple Inc.® SS - Disabl [17/07/2012] [ 165760] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe =>.Intel Corporation® SS - Disabl [17/07/2012] [ 276864] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe =>.Intel Corporation® SR - Auto [10/03/2016] [ 1514464] (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® SR - Auto [10/03/2016] [ 1136608] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® SS - Demand [19/12/2015] [ 147624] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SS - Disabl [06/10/2013] [ 129424] Norton Identity Safe (NCO) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\nst.exe =>.Symantec Corporation® SS - Disabl [01/08/2013] [ 4278112] Norton Online Backup (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe =>.Symantec Corporation® SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe =>.Skype Software Sarl® SS - Disabl [19/02/2010] [ 517096] SwitchBoard (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated SR - Auto [18/07/2016] [ 7183632] TeamViewer 11 (TeamViewer) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe =>.TeamViewer® SS - Disabl [17/07/2012] [ 364416] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe =>.Intel Corporation® SR - Auto [12/07/2016] [ 417792] Wondershare Application Framework Service (WsAppService) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe =>.Wondershare ---\\ Task Planned Automatically (38) - 5s [MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.785FD0E36CA75D90DD50042E2594BC63] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [269504] (.Activate.) =>.Adobe Systems Incorporated® [MD5.F5A5DBADCD24BDF33BFDAA789E39C876] [APT] [AdobeAAMUpdater-1.0-mezo-mezoo] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496] (.Activate.) =>.Adobe Systems Incorporated® [MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] (.Activate.) =>HackTool.AutoKMS [MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002Core] (.Dropbox, Inc..) -- C:\Users\mezoo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512] (.Activate.) =>.Dropbox, Inc® [MD5.7C6D524C78A1722AD987B9E47AC1FEE2] [APT] [DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002UA] (.Dropbox, Inc..) -- C:\Users\mezoo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512] (.Activate.) =>.Dropbox, Inc® [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848] (.Activate.) =>.Google Inc® [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848] (.Activate.) =>.Google Inc® [MD5.CEC2EE3F2D7D9E14E1E1BAF0D740D860] [APT] [HPCustParticipation HP Deskjet 2540 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [5642272] (.Activate.) =>.Hewlett Packard® [MD5.00000000000000000000000000000000] [APT] [Optimize Push Notification Data File-S-1-5-21-2355463451-85381230-1253174285-1002] (...) -- COM handler (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.5659ADFFA101D3AC0C62CED889991357] [APT] [Power Management] (.Acer Incorporated.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5294736] (.Activate.) =>.Acer Incorporated® [MD5.00000000000000000000000000000000] [APT] [Reoqucultsterke Mapper] (...) -- C:\Program Files (x86)\Nevusygerwersh\ReoqucultsterkemppCdr.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{297524B9-5972-4D80-B06D-0B5345D9F317}] (...) -- C:\Users\mezoo\AppData\Roaming\sweet-page\UninstallManager.exe (.not file.) [0] (.Activate.) =>PUP.Optional.SweetPage [MD5.00000000000000000000000000000000] [APT] [{3971DA95-AEE1-41BA-A010-9406DB7D4B66}] (...) -- E:\games\red alert yuri reveng\R[1].A.II._.Y\R.A.II.&.Y\SetupReg.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{4EE7923C-0520-4855-A239-E42637F70591}] (...) -- H:\GAMES\-RED ALERT-\red alert yuri reveng\R[1].A.II._.Y\R.A.II.&.Y\SetupReg.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.00000000000000000000000000000000] [APT] [{786B7351-F3BE-432B-9C2A-0F5014AE24AC}] (...) -- D:\program\Adobe Illustrator CS2 ME\instmsiw.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.7F0E061F5B6F311013968503D4C1D052] [APT] [{89563624-49C0-4009-BE07-253D886AA016}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [392872] (.Activate.) =>.Mozilla Corporation® [MD5.7F0E061F5B6F311013968503D4C1D052] [APT] [{C6C69D8B-A4E5-428A-87EC-C53A8DFC28A0}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [392872] (.Activate.) =>.Mozilla Corporation® [MD5.00000000000000000000000000000000] [APT] [{EA673891-AA19-418A-BB26-208F8D8AE6B0}] (...) -- K:\software\ں¬¢نںéں¢\lebnan voic.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty [MD5.23985274780D27117C470AA259B79B30] [APT] [Apple] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416] (.Activate.) =>.Apple Inc.® [MD5.7720251986778B402978761589434491] [APT] [Norton Identity Safe] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\symerr.exe [54096] (.Activate.) =>.Symantec Corporation® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830] =>.Adobe Systems Incorporated® O39 - APT: AutoKMS - (...) -- C:\WINDOWS\Tasks\AutoKMS.job [210] (.Orphan.) =>HackTool.AutoKMS O39 - APT: DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002Core - (.Dropbox, Inc..) -- C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002Core.job [876] =>.Dropbox, Inc® O39 - APT: DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002UA - (.Dropbox, Inc..) -- C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002UA.job [928] =>.Dropbox, Inc® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [912] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [916] =>.Google Inc® O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater [2898] =>.Adobe Systems Incorporated® O39 - APT: AdobeAAMUpdater-1.0-mezo-mezoo - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-mezo-mezoo [2594] =>.Adobe Systems Incorporated® O39 - APT: AutoKMS - (...) -- C:\WINDOWS\System32\Tasks\AutoKMS [1790] (.Orphan.) =>HackTool.AutoKMS O39 - APT: DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002Core - (.Dropbox, Inc..) -- C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002Core [3100] =>.Dropbox, Inc® O39 - APT: DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002UA - (.Dropbox, Inc..) -- C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2355463451-85381230-1253174285-1002UA [3372] =>.Dropbox, Inc® O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3742] =>.Google Inc® O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [3974] =>.Google Inc® O39 - APT: HPCustParticipation HP Deskjet 2540 series - (.Hewlett-Packard Co..) -- C:\WINDOWS\System32\Tasks\HPCustParticipation HP Deskjet 2540 series [2494] =>.Hewlett Packard® O39 - APT: Optimize Push Notification Data File-S-1-5-21-2355463451-85381230-1253174285-1002 - (...) -- C:\WINDOWS\System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2355463451-85381230-1253174285-1002 [3208] (.Orphan.) =>.Superfluous.Orphan O39 - APT: Power Management - (.Acer Incorporated.) -- C:\WINDOWS\System32\Tasks\Power Management [2080] =>.Acer Incorporated® O39 - APT: Reoqucultsterke Mapper - (...) -- C:\WINDOWS\System32\Tasks\Reoqucultsterke Mapper [9120] (.Orphan.) =>.Superfluous.Orphan ---\\ Process running (18) - 1s [MD5.34746AB018AD9C6B0D967B795B6DCAAA] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [254488] [PID.680] =>.Microsoft Windows Hardware Compatibility Publisher® [MD5.031ADE1E25F401047703CC86BDD3B379] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [680984] [PID.1136] =>.Microsoft Windows Hardware Compatibility Publisher® [MD5.B5C2F92EE1106DFE7BB1CCE4D35B6037] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [462096] [PID.1624] =>.Apple Inc.® [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2004] =>.Adobe Systems, Incorporated® [MD5.3B3774C868868257533EC7E715BB6D53] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768] [PID.2072] =>.Apple Inc.® [MD5.9611577752E293259C7DCE19E9026362] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464] [PID.2220] =>.Malwarebytes Corporation® [MD5.DA1B697C42888BA804DD07BA49B116B1] - (.TeamViewer GmbH - TeamViewer 11.) -- C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7183632] [PID.2288] =>.TeamViewer® [MD5.F1A89A34388B5626F1548D393B23ECB1] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608] [PID.2428] =>.Malwarebytes Corporation® [MD5.5B3148291D750B03CD812DB79BD666AF] - (.Wondershare - Wondershare AppService.) -- C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792] [PID.2676] =>.Wondershare [MD5.8E98E3EC16D2641005B4748CD330FB45] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [9926112] [PID.3760] =>.Malwarebytes Corporation® [MD5.C3EF139378171D8BB852BEB6E759B7F1] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe [144384] [PID.4444] [MD5.5659ADFFA101D3AC0C62CED889991357] - (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [5294736] [PID.4856] =>.Acer Incorporated® [MD5.5881014FEADC6E65C08586D6E33CB8C7] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152] [PID.6936] =>.Tonec Inc. [MD5.34D296AFC913E302953C70463EF09A48] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [96056] [PID.948] =>.Hewlett-Packard Company® [MD5.12DDA5DE47461555B28954C6711399B4] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2086240] [PID.1152] =>.Wondershare software CO., LIMITED® [MD5.E085B7FF07EDBD8F5D2A32E447A23E9F] - (.Disc Soft Ltd - Disc Soft Bus Service.) -- C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560] [PID.6180] =>.Disc Soft Ltd® [MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.7528] =>.Tonec Inc.® [MD5.F917642759A0D7A03F23D3A82D169149] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\mezoo\Desktop\ZHPDiag3(1).exe [2278912] [PID.5484] =>.Nicolas Coolman ---\\ Google Chrome, Start,Search,Extensions (12) - 0s G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [dhigneefebkcagnpnpbibganpmfgebnk] __MSG_name__ G2 - GCE: Preference [User Data\Default] [efaidnbmnnnibpcajpcglclefindmkaj] __MSG_web2pdfExtnName__ G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [jeaohhlajejodfjadcponpnjgkiikocn] IDM Integration Module G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [nppllibpnmahfaklnpggkibhkapjkeob] Norton Security Toolbar G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (11) - 2s P2 - EXT: (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll =>.Adobe Systems, Incorporated® P2 - EXT: (. - NPAPI Extension for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppluginrichmediaplayer.dll =>.Radiocom CJSC® P2 - EXT FILE: (...) -- C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\extensions\client@anonymox.net.xpi P2 - EXT FILE: (...) -- C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi P2 - EXT FILE: (...) -- C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\extensions\{018f3160-1a6f-4650-84fd-aad8c13609c8}.xpi P2 - EXT FILE: (...) -- C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla P2 - EXT: (.BitComet - BitComet 视频下载器.) -- C:\Users\mezoo\AppData\Roaming\Mozilla\Firefox\Profiles\nj11tx8v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll =>.Adobe Systems Incorporated P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll =>.Apple Inc. P2 - FPN: [HKLM] [@meadco.com/neptune plugin,version=2.0.0.29] - (.MeadCo Corp..) -- C:\Program Files (x86)\MeadCo Neptune\npmeadax.dll ---\\ Internet Explorer Extensions, Start, Search (23) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKEY_USERS\S-1-5-21-2355463451-85381230-1253174285-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1 ---\\ Internet Explorer, Proxy Management (6) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;*.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet= ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (21) ---\\ Browser Helper Object (BHO) (7) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O2 - BHO: Norton Identity Protection [64Bits] - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.6.0.27\coieplg.dll =>.Symantec Corporation® O2 - BHO: Adobe Acrobat Create PDF Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll =>.Adobe Systems, Incorporated® O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL =>.Microsoft Corporation® O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll =>.Adobe Systems, Incorporated® ---\\ Auto loading programs from Registry and folders (31) - 2s O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp® O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe =>.Apple Inc.® O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (.not file.) O4 - HKCU\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe O4 - HKCU\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE =>.Microsoft Corporation® O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTAgent.exe =>.Disc Soft Ltd® O4 - HKCU\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\mezoo\AppData\Local\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc® O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\mezoo\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation® O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe =>.Apple Inc.® O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe =>.Adobe Systems Incorporated® O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated® O4 - HKLM\..\Wow6432Node\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5.5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5.5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe =>.Adobe Systems Incorporated® O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\SysWOW64\OneDriveSetup.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (.not file.) O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [BitComet] . (.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [OfficeSyncProcess] . (.Microsoft Corporation - Microsoft Office Document Cache.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [DAEMON Tools Lite Automount] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTAgent.exe =>.Disc Soft Ltd® O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [Dropbox Update] . (.Dropbox, Inc. - Dropbox Update.) -- C:\Users\mezoo\AppData\Local\Dropbox\Update\DropboxUpdate.exe =>.Dropbox, Inc® O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\mezoo\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation® O4 - HKUS\S-1-5-21-2355463451-85381230-1253174285-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. ---\\ Global shortcuts Startup (85) - 5s O4 - GS\Desktop [Administrator]: Adobe Illustrator CS5.lnk . (.Adobe Systems Inc. - Adobe Illustrator CS5.) C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\Desktop [Administrator]: DIC32 - Shortcut.lnk . (...) D:\Ahmed\DIC2 القاموس\DIC32.EXE O4 - GS\Desktop [Administrator]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) C:\Users\mezoo\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox, Inc® O4 - GS\Desktop [Administrator]: FairStars Audio Converter.lnk . (.FairStars Soft - FairStars Audio Converter--Professional Aud.) C:\Program Files (x86)\FairStars Audio Converter\AudioConverter.exe =>.FairStars Soft O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - GS\Desktop [Administrator]: Recover My Photos.lnk . (.GetData Pty Ltd - Recover My Photos.) C:\Program Files (x86)\GetData\Recover My Photos\RecoverMyPhotos.exe {658470B3E52D78E75A6148679E706353} =>.GetData Pty Ltd O4 - GS\Desktop [Administrator]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe =>.Cedric Le Bozec® O4 - GS\Desktop [Administrator]: النحو العربى.LNK . (.TOSHIBA - .) C:\Program Files (x86)\Project1\النحو العربى.exe =>.TOSHIBA O4 - GS\Quicklaunch [Administrator]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.® O4 - GS\Quicklaunch [Administrator]: EaseUS Partition Master 9.3.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\epm0.exe =>.EaseUS O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrator]: Wondershare Video Converter Ultimate.lnk . (.Wondershare - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Wondershare O4 - GS\Quicklaunch [Administrator]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - GS\sendTo [Administrator]: Dropbox.lnk . (...) C:\Users\mezoo\Dropbox O4 - GS\sendTo [Administrator]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\sendTo [Administrator]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\TaskBar [Administrator]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Administrator]: DIC32 - Shortcut.lnk . (...) D:\Ahmed\DIC2 القاموس\DIC32.EXE O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Administrator]: HP Deskjet 2540 series.lnk . (.Hewlett-Packard Co. - .) C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe =>.Hewlett-Packard Co. O4 - GS\TaskBar [Administrator]: Microsoft Word 2010.lnk . (...) C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [Guest]: Adobe Illustrator CS5.lnk . (.Adobe Systems Inc. - Adobe Illustrator CS5.) C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\Desktop [Guest]: DIC32 - Shortcut.lnk . (...) D:\Ahmed\DIC2 القاموس\DIC32.EXE O4 - GS\Desktop [Guest]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) C:\Users\mezoo\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox, Inc® O4 - GS\Desktop [Guest]: FairStars Audio Converter.lnk . (.FairStars Soft - FairStars Audio Converter--Professional Aud.) C:\Program Files (x86)\FairStars Audio Converter\AudioConverter.exe =>.FairStars Soft O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - GS\Desktop [Guest]: Recover My Photos.lnk . (.GetData Pty Ltd - Recover My Photos.) C:\Program Files (x86)\GetData\Recover My Photos\RecoverMyPhotos.exe {658470B3E52D78E75A6148679E706353} =>.GetData Pty Ltd O4 - GS\Desktop [Guest]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe =>.Cedric Le Bozec® O4 - GS\Desktop [Guest]: النحو العربى.LNK . (.TOSHIBA - .) C:\Program Files (x86)\Project1\النحو العربى.exe =>.TOSHIBA O4 - GS\Quicklaunch [Guest]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.® O4 - GS\Quicklaunch [Guest]: EaseUS Partition Master 9.3.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\epm0.exe =>.EaseUS O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Guest]: Wondershare Video Converter Ultimate.lnk . (.Wondershare - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Wondershare O4 - GS\Quicklaunch [Guest]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - GS\sendTo [Guest]: Dropbox.lnk . (...) C:\Users\mezoo\Dropbox O4 - GS\sendTo [Guest]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\sendTo [Guest]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\TaskBar [Guest]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [Guest]: DIC32 - Shortcut.lnk . (...) D:\Ahmed\DIC2 القاموس\DIC32.EXE O4 - GS\TaskBar [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [Guest]: HP Deskjet 2540 series.lnk . (.Hewlett-Packard Co. - .) C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe =>.Hewlett-Packard Co. O4 - GS\TaskBar [Guest]: Microsoft Word 2010.lnk . (...) C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\Desktop [mezoo]: Adobe Illustrator CS5.lnk . (.Adobe Systems Inc. - Adobe Illustrator CS5.) C:\Program Files (x86)\Adobe\Adobe Illustrator CS5\Support Files\Contents\Windows\Illustrator.exe =>.Adobe Systems Incorporated® O4 - GS\Desktop [mezoo]: DIC32 - Shortcut.lnk . (...) D:\Ahmed\DIC2 القاموس\DIC32.EXE O4 - GS\Desktop [mezoo]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) C:\Users\mezoo\AppData\Roaming\Dropbox\bin\Dropbox.exe =>.Dropbox, Inc® O4 - GS\Desktop [mezoo]: FairStars Audio Converter.lnk . (.FairStars Soft - FairStars Audio Converter--Professional Aud.) C:\Program Files (x86)\FairStars Audio Converter\AudioConverter.exe =>.FairStars Soft O4 - GS\Desktop [mezoo]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc. O4 - GS\Desktop [mezoo]: Recover My Photos.lnk . (.GetData Pty Ltd - Recover My Photos.) C:\Program Files (x86)\GetData\Recover My Photos\RecoverMyPhotos.exe {658470B3E52D78E75A6148679E706353} =>.GetData Pty Ltd O4 - GS\Desktop [mezoo]: UsbFix.lnk . (...) C:\UsbFix\UsbFix.exe =>.Cedric Le Bozec® O4 - GS\Desktop [mezoo]: النحو العربى.LNK . (.TOSHIBA - .) C:\Program Files (x86)\Project1\النحو العربى.exe =>.TOSHIBA O4 - GS\Quicklaunch [mezoo]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.® O4 - GS\Quicklaunch [mezoo]: EaseUS Partition Master 9.3.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\epm0.exe =>.EaseUS O4 - GS\Quicklaunch [mezoo]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [mezoo]: Wondershare Video Converter Ultimate.lnk . (.Wondershare - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Wondershare O4 - GS\Quicklaunch [mezoo]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe =>.Yahoo! Inc.® O4 - GS\sendTo [mezoo]: Dropbox.lnk . (...) C:\Users\mezoo\Dropbox O4 - GS\sendTo [mezoo]: Skype.lnk . (.Skype Technologies S.A. - Skype.) C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Software Sarl® O4 - GS\sendTo [mezoo]: TeamViewer.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\TaskBar [mezoo]: Adobe Photoshop CS5 (64 Bit).lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.) C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe =>.Adobe Systems Incorporated® O4 - GS\TaskBar [mezoo]: DIC32 - Shortcut.lnk . (...) D:\Ahmed\DIC2 القاموس\DIC32.EXE O4 - GS\TaskBar [mezoo]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\TaskBar [mezoo]: HP Deskjet 2540 series.lnk . (.Hewlett-Packard Co. - .) C:\Program Files (x86)\HP\HP Deskjet 2540 series\Bin\HP Deskjet 2540 series.exe =>.Hewlett-Packard Co. O4 - GS\TaskBar [mezoo]: Microsoft Word 2010.lnk . (...) C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe =>.Microsoft Corporation® O4 - GS\CommonDesktop [Public]: Age of Empires III.lnk . (.Ensemble Studios - Age of Empires 3.) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe =>.Ensemble Studios O4 - GS\CommonDesktop [Public]: Belarc Advisor.lnk . (.Belarc, Inc. - Belarc Advisor Computer Inventory.) C:\Program Files (x86)\Belarc\BelarcAdvisor\BelarcAdvisor.exe =>.Belarc, Inc.® O4 - GS\CommonDesktop [Public]: BitComet.lnk . (.www.BitComet.com - BitComet - a BitTorrent Client.) C:\Program Files\BitComet\BitComet.exe O4 - GS\CommonDesktop [Public]: DAEMON Tools Lite.lnk . (.Disc Soft Ltd - DAEMON Tools Lite.) C:\Program Files\DAEMON Tools Lite\DTLauncher.exe =>.Disc Soft Ltd® O4 - GS\CommonDesktop [Public]: EaseUS Partition Master 9.3.0.lnk . (.EaseUS - EaseUS Partition Master Loader Application.) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\epm0.exe =>.EaseUS O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\CommonDesktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe =>.Visan Industries® O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation® O4 - GS\CommonDesktop [Public]: Portal 2.lnk . (...) C:\Program Files (x86)\Valve\Portal 2\portal2.exe O4 - GS\CommonDesktop [Public]: Pro Evolution Soccer 2016.lnk . (.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2016.) C:\Program Files (x86)\Pro Evolution Soccer 2016\PES2016.exe =>.Konami Digital Entertainment Co., Ltd. O4 - GS\CommonDesktop [Public]: Skype.lnk . (...) C:\Windows\Installer\{6A0549A9-1B96-498C-ACBC-3943001FEB19}\SkypeIcon.exe O4 - GS\CommonDesktop [Public]: TeamViewer 11.lnk . (.TeamViewer GmbH - TeamViewer 11.) C:\Program Files (x86)\TeamViewer\TeamViewer.exe =>.TeamViewer® O4 - GS\CommonDesktop [Public]: Vegas Movie Studio HD Platinum 10.0.lnk . (.Sony Creative Software Inc. - Vegas Movie Studio HD Platinum.) C:\Program Files (x86)\Sony\Vegas Movie Studio HD Platinum 10.0\VegasMovieStudioPE100.exe =>.Sony Creative Software Inc. O4 - GS\CommonDesktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.1.5.) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN O4 - GS\CommonDesktop [Public]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\WSVCUSplash.exe =>.Wondershare software CO., LIMITED® O4 - GS\Programs [Public]: Cut the Rope.lnk . (...) C:\Program Files (x86)\Foxy Games\Cut the Rope\GH-CutTheRopeApp.exe O4 - GS\Programs [Public]: Google Chrome (2).lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Programs [Public]: Google Chrome (3).lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Programs [Public]: Google Chrome (4).lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Programs [Public]: Google Chrome (5).lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Programs [Public]: Google Chrome (6).lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Programs [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® ---\\ Lop.com/Domain Hijackers (6) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = dlinkrouter O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{6baa2874-e8eb-4594-9145-9b17fa2583a9}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{aeead884-a3df-4824-8b5d-13e94dd1a9c1}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{fae6ce60-6b54-4640-851b-673c3fc29b18}: DhcpNameServer = 172.20.10.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{aeead884-a3df-4824-8b5d-13e94dd1a9c1}: DhcpDomain = dlinkrouter ---\\ Extra protocols (27) - 1s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: belarc [64Bits] - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} . (.Belarc, Inc. - Belarc VoilaX Control.) -- C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll =>.Belarc, Inc.® O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation® O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: skypec2c [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Microsoft Corporation - Skype Click to Call IE Add-on.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll =>.Skype Software Sarl® O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\SysWOW64\tbauth.dll =>.Microsoft Corporation O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Photo Gallery Album Download Protocol Handl.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll =>.Microsoft Corporation® O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll =>.Microsoft Corporation O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL =>.Microsoft Corporation® ---\\ Software installed (117) - 14s O42 - Logiciel: Acer Power Management - (.Acer Incorporated.) [HKLM][64Bits] -- {91F52DE4-B789-42B0-9311-A349F10E5479} =>.Acer Incorporated O42 - Logiciel: Acer Recovery Management - (.Acer Incorporated.) [HKLM][64Bits] -- {07F2005A-8CAC-4A4B-83A2-DA98A722CA61} =>.Acer Incorporated O42 - Logiciel: Adobe Acrobat XI Pro - (.Adobe Systems.) [HKLM][64Bits] -- {AC76BA86-1033-FFFF-7760-000000000006} =>.Adobe Systems O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {31B9D218-FED2-4C6C-B19F-7294FFC130B0} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- {3521BDBD-D453-5D9F-AA55-44B75D214629} =>.Adobe Systems Incorporated. O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated. O42 - Logiciel: Adobe Content Viewer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4E33D05D-76CF-5D3C-4D5D-7727530FA161} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Content Viewer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.dmp.contentviewer =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Creative Cloud - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Creative Cloud =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Creative Suite 6 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E15BC10F-04AA-0AFD-A6C9-476730195F8B} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.downloadassistant.AdobeDownloadAssistant =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Flash Player 16 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Illustrator CS2 - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe Illustrator CS2 =>.Adobe Systems Inc. O42 - Logiciel: Adobe Illustrator CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {728A9513-52E7-4CD3-9C64-79498F08586C} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe InDesign CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BC448016-6F11-1014-B0EA-97CEE6E26CB6} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe InDesign CS5.5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {857CC5F0-040E-1016-A173-D55ADD80C260} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {3EB745BA-194F-4475-9164-B20BB2172395} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Reader XI (11.0.06) - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM][64Bits] -- {7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} =>.Microsoft Game Studios O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM][64Bits] -- InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97} =>.Microsoft Game Studios O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM][64Bits] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} =>.Advanced Micro Devices Inc. O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM][64Bits] -- {D4B07658-F443-4445-A261-E643996E139D} =>.Apple Inc. O42 - Logiciel: Apple Application Support (64-bit) - (.Apple Inc..) [HKLM][64Bits] -- {A6B0442B-E159-444B-B49D-6B9AC531EAE3} =>.Apple Inc. O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2E4AF2A6-50EA-4260-9BA4-5E582D11879A} =>.Apple Inc. O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {56EC47AA-5813-4FF6-8E75-544026FBEA83} =>.Apple Inc. O42 - Logiciel: Belarc Advisor 8.4 - (.Belarc Inc..) [HKLM][64Bits] -- Belarc Advisor =>.Belarc Inc. O42 - Logiciel: BitComet 1.37 - (.CometNetwork.) [HKLM][64Bits] -- BitComet =>.CometNetwork O42 - Logiciel: BitComet 1.38 64-bit - (.CometNetwork.) [HKLM][64Bits] -- BitComet_x64 =>.CometNetwork O42 - Logiciel: bl - (.Your Company Name.) [HKLM][64Bits] -- {2A075BB4-E976-4278-BF3F-E5C6945D84C0} =>.Your Company Name O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {56DDDFB8-7F79-4480-89D5-25E1F52AB28F} =>.Apple Inc. O42 - Logiciel: Cisco Connect - (.Cisco Consumer Products LLC.) [HKLM][64Bits] -- Cisco Connect =>.Cisco Consumer Products LLC® O42 - Logiciel: Command & Conquer Red Alert 2 - (...) [HKLM][64Bits] -- Red Alert 2 O42 - Logiciel: Command && Conquer Red Alert 2 - Yuri's Revenge - (...) [HKLM][64Bits] -- Yuri's Revenge O42 - Logiciel: Cut the Rope - (.Foxy Games.) [HKLM][64Bits] -- Cut the Rope1.0 =>.Foxy Games O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} =>.Microsoft O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.Disc Soft Ltd® O42 - Logiciel: DirectVobSub 2.41.7259 (5d3641a) Beta - (.MPC-HC Team.) [HKLM][64Bits] -- vsfilter_is1 =>.MPC-HC Team O42 - Logiciel: Dropbox - (.Dropbox, Inc..) [HKCU][64Bits] -- Dropbox =>.Dropbox, Inc® O42 - Logiciel: EaseUS Partition Master 9.3.0 - (.EaseUS.) [HKLM][64Bits] -- EaseUS Partition Master_is1 =>.EaseUS O42 - Logiciel: EpsonNet Config V4 - (.SEIKO EPSON CORPORATION.) [HKLM][64Bits] -- {08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA} =>.SEIKO EPSON Corporation® O42 - Logiciel: ESET Online Scanner v3 - (...) [HKLM][64Bits] -- ESET Online Scanner =>.ESET, spol. s r.o.® O42 - Logiciel: FairStars Audio Converter 1.52 - (.FairStars Soft.) [HKLM][64Bits] -- FairStars Audio Converter_is1 =>.FairStars Soft O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect O42 - Logiciel: HP Deskjet 2540 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {7AF1A318-2914-41CC-9B24-041C2D4AAAD7} =>.Hewlett-Packard Co. O42 - Logiciel: HP Deskjet 2540 series Help - (.Hewlett Packard.) [HKLM][64Bits] -- {4539575D-C09D-4E71-B207-0F2D6BD74DA2} =>.Hewlett Packard O42 - Logiciel: HP Photo Creations - (.HP.) [HKLM][64Bits] -- HP Photo Creations =>.Visan Industries® O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM][64Bits] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2} =>.Hewlett-Packard O42 - Logiciel: iExplorer 3.9.7.0 - (.Macroplant LLC.) [HKLM][64Bits] -- {7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1 {7902743397B568E4BB70126340729360} =>.Macroplant LLC O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} =>.Intel Corporation® O42 - Logiciel: Intel(R) Network Connections Drivers - (.Intel.) [HKLM][64Bits] -- PROSet =>.Intel O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} =>.Intel Corporation® O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {F4404AFD-2EF3-40C1-8C09-29E5F3B6972B} =>.Intel Corporation O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {955524E7-79EB-4CA9-BA4D-FD2DF587651B} =>.Apple Inc. O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 71 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218071F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: K-Lite Mega Codec Pack 11.0.0 - (...) [HKLM][64Bits] -- KLiteCodecPack_is1 O42 - Logiciel: Leos Fortune - (...) [HKLM][64Bits] -- Leos Fortune_is1 O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes O42 - Logiciel: Microsoft Application Error Reporting - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00B9-0409-1000-0000000FF1CE} =>.Microsoft Corporation O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Mozilla Firefox 43.0.1 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 43.0.1 (x86 en-US) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} =>.Microsoft O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {7E708ADE-6575-11E2-8713-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {8AAA8780-1D35-11E2-A3A6-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT Redists - (.Sony Creative Software Inc..) [HKLM][64Bits] -- {AB085680-FE98-11E1-A232-F04DA23A5C58} =>.Sony Creative Software Inc. O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} =>.Microsoft O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77} =>.Microsoft O42 - Logiciel: Norton Identity Safe - (.Symantec Corporation.) [HKLM][64Bits] -- NST =>.Symantec Corporation® O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM][64Bits] -- {E625FCA0-E43E-4D3B-92FF-4851308A0366} =>.Symantec Corporation O42 - Logiciel: Norton Online Backup ARA - (.Symantec Corporation.) [HKLM][64Bits] -- NARA =>.Symantec Corporation® O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29} =>.NVIDIA Corporation O42 - Logiciel: PDF Settings CC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1FBAE18D-4DE4-47AA-83EC-D1B046F262DC} =>.Adobe Systems Incorporated O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392} =>.Adobe Systems Incorporated O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} =>.Adobe Systems Incorporated O42 - Logiciel: ph - (.Your Company Name.) [HKLM][64Bits] -- {185F9795-9663-4F13-9EF9-307A282ADB5A} =>.Your Company Name O42 - Logiciel: Portal 2 - (...) [HKLM][64Bits] -- Postal 2_is1 O42 - Logiciel: Pro Evolution Soccer 2016 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNg==_is1 O42 - Logiciel: Product Improvement Study for HP Deskjet 2540 series - (.Hewlett-Packard Co..) [HKLM][64Bits] -- {446CCB22-B632-4A1D-BF84-DA8DB0575F98} =>.Hewlett-Packard Co. O42 - Logiciel: Quran - Searcher 3.0 - (...) [HKLM][64Bits] -- Quran - Searcher 3.0 O42 - Logiciel: Quran in Ms Word - (.Taufiq Product, Inc..) [HKLM][64Bits] -- Quran in Ms Word_is1 O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp® O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911} =>.Realtek Semiconductor Corp® O42 - Logiciel: Recover My Photos - (.GetData Pty Ltd.) [HKLM][64Bits] -- Recover My Photos_is1 =>.GetData Pty Ltd O42 - Logiciel: Seagate Drive Settings Installer - (.Seagate Technologies LLC.) [HKLM][64Bits] -- {91DDF870-EE18-44D8-9D93-F4C122B80908} O42 - Logiciel: Seagate Drive Settings Installer - (.Seagate Technologies LLC.) [HKLM][64Bits] -- InstallShield_{91DDF870-EE18-44D8-9D93-F4C122B80908} =>.Seagate Technology, LLC® O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054} =>.McAfee O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701} =>.Microsoft Corporation O42 - Logiciel: Skype™ 7.12 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} =>.Skype Technologies S.A. O42 - Logiciel: SWF & FLV Player 3.0 (build 3.0.33.5106) - (.Eltima Software.) [HKLM][64Bits] -- SWF & FLV Player_is1 O42 - Logiciel: TeamViewer 11 - (.TeamViewer.) [HKLM][64Bits] -- TeamViewer =>.TeamViewer® O42 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM][64Bits] -- Usbfix =>.El Desaparecido - www.usbfix.net - www.sosvirus.net O42 - Logiciel: Vegas Movie Studio HD Platinum 10.0 - (.Sony.) [HKLM][64Bits] -- {40AE01BE-A290-4FFB-8DAB-C624C17DC87E} =>.Sony O42 - Logiciel: Visual Studio 2005 Tools for Office Second Edition Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Visual Studio 2005 Tools for Office Runtime =>.Microsoft Corporation® O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6} =>.Microsoft Corporation O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime - (.Microsoft Corporation.) [HKLM][64Bits] -- Visual Studio Tools for the Office system 3.0 Runtime =>.Microsoft Corporation® O42 - Logiciel: Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949 - (.Microsoft Corporation.) [HKLM][64Bits] -- {8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258 =>.Microsoft Corporation O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN O42 - Logiciel: Westwood Shared Internet Components - (...) [HKLM][64Bits] -- WOLAPI O42 - Logiciel: Windows 10 Upgrade Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {D5C69738-B486-402E-85AC-2456D98A64E4} =>.Microsoft Corporation® O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {3577E42B-3347-4EB8-BFDA-D36E8ED3C519} =>.Microsoft Corporation O42 - Logiciel: WinRAR 4.20 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH O42 - Logiciel: Wondershare Video Converter Ultimate(Build 8.7.0.5) - (.Wondershare Software.) [HKLM][64Bits] -- Wondershare Video Converter Ultimate_is1 =>.Wondershare Software O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger =>.Yahoo! Inc. O42 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1 =>.Nicolas Coolman O42 - Logiciel: النحو العربى - (...) [HKLM][64Bits] -- ST6UNST #1 O42 - Logiciel: مصحف النور - (...) [HKLM][64Bits] -- مصحف النور ---\\ HKCU & HKLM Software Keys (226) - 14s HKLM\SOFTWARE\Wow6432Node\Activision HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AdsFix HKLM\SOFTWARE\Wow6432Node\AdwCleaner HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\ArabicSP Software HKLM\SOFTWARE\Wow6432Node\ATI HKLM\SOFTWARE\Wow6432Node\Baidu Security HKLM\SOFTWARE\Wow6432Node\Baidu_Drp_pos HKLM\SOFTWARE\Wow6432Node\Belarc HKLM\SOFTWARE\Wow6432Node\Big Fish Games HKLM\SOFTWARE\Wow6432Node\CD2614266816DA107F6AEBE320D1A132 =>PUP.Optional.CrossRider HKLM\SOFTWARE\Wow6432Node\CDDB HKLM\SOFTWARE\Wow6432Node\Cisco Systems HKLM\SOFTWARE\Wow6432Node\Crytek HKLM\SOFTWARE\Wow6432Node\CyberLink HKLM\SOFTWARE\Wow6432Node\Debug HKLM\SOFTWARE\Wow6432Node\Digital River HKLM\SOFTWARE\Wow6432Node\DT Soft HKLM\SOFTWARE\Wow6432Node\DVDVideoSoft HKLM\SOFTWARE\Wow6432Node\EA Games HKLM\SOFTWARE\Wow6432Node\EASEUS HKLM\SOFTWARE\Wow6432Node\Edmark HKLM\SOFTWARE\Wow6432Node\EgisTec IPS HKLM\SOFTWARE\Wow6432Node\EgisTec MyWinLockerSuite HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\Eset HKLM\SOFTWARE\Wow6432Node\fdqoge HKLM\SOFTWARE\Wow6432Node\Fighters HKLM\SOFTWARE\Wow6432Node\FlashPeak HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\Hewlett-Packard HKLM\SOFTWARE\Wow6432Node\Icaros HKLM\SOFTWARE\Wow6432Node\illiminable HKLM\SOFTWARE\Wow6432Node\IM Providers HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\iSkysoft HKLM\SOFTWARE\Wow6432Node\iTinySoft HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Khronos HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\LogMeIn Rescue HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware (Trial) HKLM\SOFTWARE\Wow6432Node\MAXSOFT-OCRON HKLM\SOFTWARE\Wow6432Node\McAfee.com HKLM\SOFTWARE\Wow6432Node\mcafeeupdater HKLM\SOFTWARE\Wow6432Node\MeadCo HKLM\SOFTWARE\Wow6432Node\Mini-stream HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugin HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Nero HKLM\SOFTWARE\Wow6432Node\Nikon HKLM\SOFTWARE\Wow6432Node\Norton HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OEM HKLM\SOFTWARE\Wow6432Node\Pandora.TV HKLM\SOFTWARE\Wow6432Node\QATestSystem HKLM\SOFTWARE\Wow6432Node\Quark HKLM\SOFTWARE\Wow6432Node\RealNetworks HKLM\SOFTWARE\Wow6432Node\Realtek HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp. HKLM\SOFTWARE\Wow6432Node\RocketLife HKLM\SOFTWARE\Wow6432Node\Seagate HKLM\SOFTWARE\Wow6432Node\SEIKO EPSON CORPORATION HKLM\SOFTWARE\Wow6432Node\Sierra On-Line HKLM\SOFTWARE\Wow6432Node\Sierra OnLine HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\Sonic HKLM\SOFTWARE\Wow6432Node\Sony Creative Software HKLM\SOFTWARE\Wow6432Node\SOSVirus HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\Sysinternals HKLM\SOFTWARE\Wow6432Node\TeamViewer HKLM\SOFTWARE\Wow6432Node\The Learning Company HKLM\SOFTWARE\Wow6432Node\TVInstallTemp HKLM\SOFTWARE\Wow6432Node\Valve HKLM\SOFTWARE\Wow6432Node\VideoLAN HKLM\SOFTWARE\Wow6432Node\Visan HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\VST HKLM\SOFTWARE\Wow6432Node\WafCX HKLM\SOFTWARE\Wow6432Node\Westwood HKLM\SOFTWARE\Wow6432Node\WildTangent HKLM\SOFTWARE\Wow6432Node\Windows HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\WondershareSysMenuDATA HKLM\SOFTWARE\Wow6432Node\Xing Technology Corp. HKLM\SOFTWARE\Wow6432Node\yahoo =>.Yahoo! HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\4A-Games HKCU\SOFTWARE\ACE Compression Software HKCU\SOFTWARE\Activision HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AdsFix HKCU\SOFTWARE\ahead HKCU\SOFTWARE\AnchorFree HKCU\SOFTWARE\Andrei Jefremov HKCU\SOFTWARE\Anvsoft HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\ArabicSP Software HKCU\SOFTWARE\ASProtect HKCU\SOFTWARE\ATI HKCU\SOFTWARE\Baidu Security HKCU\SOFTWARE\Belarc HKCU\SOFTWARE\Big Fish Games HKCU\SOFTWARE\Big Fish Games, Inc HKCU\SOFTWARE\BitComet HKCU\SOFTWARE\Boilsoft HKCU\SOFTWARE\BugSplat HKCU\SOFTWARE\CD2614266816DA107F6AEBE320D1A132 =>PUP.Optional.CrossRider HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Conversion Helper HKCU\SOFTWARE\Cyberlink HKCU\SOFTWARE\Digital River HKCU\SOFTWARE\DirectShow HKCU\SOFTWARE\Disc Soft HKCU\SOFTWARE\DjVuLibre HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\Dropbox HKCU\SOFTWARE\DropboxUpdate HKCU\SOFTWARE\DT Soft HKCU\SOFTWARE\DVDVideoSoft HKCU\SOFTWARE\EaseUS HKCU\SOFTWARE\Electronic Arts HKCU\SOFTWARE\EMU HKCU\SOFTWARE\Epic Games HKCU\SOFTWARE\Epic MegaGames HKCU\SOFTWARE\epsxe HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Facebook HKCU\SOFTWARE\FlashPeak HKCU\SOFTWARE\FLT HKCU\SOFTWARE\GetData HKCU\SOFTWARE\GNU HKCU\SOFTWARE\GoldWave HKCU\SOFTWARE\Google HKCU\SOFTWARE\GRE HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Helix HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\HP HKCU\SOFTWARE\i-FunBox.com HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\iSkysoft HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\kde.org HKCU\SOFTWARE\Kernel For Word22ywwwwyyysg HKCU\SOFTWARE\KingArt HKCU\SOFTWARE\LAV64 HKCU\SOFTWARE\Leadertech HKCU\SOFTWARE\Licenses HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\madshi HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\Malwarebytes' Anti-Malware HKCU\SOFTWARE\MCAFEE HKCU\SOFTWARE\MediaChance HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\Mine HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Nikon HKCU\SOFTWARE\Norton HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\OEM HKCU\SOFTWARE\Pure Networks HKCU\SOFTWARE\QtProject HKCU\SOFTWARE\Quark HKCU\SOFTWARE\Real HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\roxio HKCU\SOFTWARE\Ruqayah.net HKCU\SOFTWARE\Seagate HKCU\SOFTWARE\SecuROM HKCU\SOFTWARE\Skype HKCU\SOFTWARE\SkypeRS HKCU\SOFTWARE\Sony Creative Software HKCU\SOFTWARE\SWiSHzone.com HKCU\SOFTWARE\SyncEngines HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\The Creative Assembly HKCU\SOFTWARE\TigerPlayer HKCU\SOFTWARE\Toggle HKCU\SOFTWARE\TR3 HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Tucows HKCU\SOFTWARE\TVP HKCU\SOFTWARE\Twitter HKCU\SOFTWARE\UsbFix HKCU\SOFTWARE\Valve HKCU\SOFTWARE\Visan HKCU\SOFTWARE\VS Revo Group HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WsAudio_Device HKCU\SOFTWARE\WSVCUPlugin HKCU\SOFTWARE\yahoo =>.Yahoo! HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Software\JavaSoft ---\\ Contents of the Common Files folders (462) - 20s O43 - CFD: 14/01/2013 - [] D -- C:\Program Files\Accessory Store =>.Acer Incorporated® O43 - CFD: 04/09/2012 - [] D -- C:\Program Files\Acer =>.Acer Incorporated® O43 - CFD: 25/11/2013 - [] D -- C:\Program Files\Adobe O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\AMD O43 - CFD: 29/10/2012 - [] D -- C:\Program Files\ATI =>.Advanced Micro Devices, Inc.® O43 - CFD: 11/01/2014 - [0] D -- C:\Program Files\ATI Technologies O43 - CFD: 03/05/2015 - [] AD -- C:\Program Files\BitComet O43 - CFD: 27/09/2015 - [] AD -- C:\Program Files\Bonjour =>.Apple Inc.® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\CMAK O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 26/05/2015 - [] D -- C:\Program Files\DAEMON Tools Lite =>.Disc Soft Ltd® O43 - CFD: 20/01/2013 - [0] D -- C:\Program Files\Google O43 - CFD: 07/09/2014 - [] D -- C:\Program Files\HP =>.Hewlett Packard® O43 - CFD: 29/10/2012 - [] D -- C:\Program Files\Intel =>.Intel® Upgrade Service® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 02/08/2016 - [] D -- C:\Program Files\iPod =>.Apple Inc.® O43 - CFD: 02/08/2016 - [] D -- C:\Program Files\iTunes =>.Apple Inc.® O43 - CFD: 23/01/2013 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 24/06/2016 - [] AD -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\MSBuild O43 - CFD: 29/10/2012 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 16/03/2013 - [] D -- C:\Program Files\Sony O43 - CFD: 27/04/2016 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 27/04/2016 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 27/04/2016 - [] D -- C:\Program Files\Windows Multimedia Platform O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Windows NT O43 - CFD: 21/07/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 27/04/2016 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files\Windows Sidebar O43 - CFD: 04/08/2016 - [] HD -- C:\Program Files\WindowsApps O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files\WindowsPowerShell O43 - CFD: 08/11/2014 - [] AD -- C:\Program Files\WinRAR O43 - CFD: 02/08/2016 - [] HD -- C:\Program Files (x86)\95wFBE6 O43 - CFD: 02/02/2013 - [] D -- C:\Program Files (x86)\Activision O43 - CFD: 31/08/2015 - [] AD -- C:\Program Files (x86)\Adobe O43 - CFD: 08/09/2014 - [] AD -- C:\Program Files (x86)\Adobe Media Player O43 - CFD: 16/10/2014 - [] D -- C:\Program Files (x86)\Age Of Empires 2 & The Conquerors Expansion - Full Game O43 - CFD: 31/08/2013 - [0] D -- C:\Program Files (x86)\AGEIA Technologies O43 - CFD: 21/07/2016 - [] AD -- C:\Program Files (x86)\Ahead O43 - CFD: 29/10/2012 - [] AD -- C:\Program Files (x86)\AMD APP O43 - CFD: 29/07/2016 - [0] D -- C:\Program Files (x86)\Anvsoft O43 - CFD: 12/03/2016 - [] AD -- C:\Program Files (x86)\Apple Software Update =>.Apple Inc.® O43 - CFD: 21/07/2016 - [] AD -- C:\Program Files (x86)\ATI Technologies O43 - CFD: 10/08/2014 - [] D -- C:\Program Files (x86)\Baidu Security O43 - CFD: 05/10/2014 - [] D -- C:\Program Files (x86)\Belarc =>.Belarc, Inc.® O43 - CFD: 14/03/2014 - [] AD -- C:\Program Files (x86)\BitComet O43 - CFD: 27/09/2015 - [] AD -- C:\Program Files (x86)\Bonjour =>.Apple Inc.® O43 - CFD: 28/06/2013 - [] D -- C:\Program Files (x86)\Cisco Systems =>.Cisco Consumer Products LLC® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\CMAK O43 - CFD: 27/07/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 06/09/2014 - [] AD -- C:\Program Files (x86)\DirectVobSub O43 - CFD: 15/01/2013 - [] D -- C:\Program Files (x86)\directx O43 - CFD: 28/04/2014 - [] D -- C:\Program Files (x86)\EaseUS O43 - CFD: 22/10/2014 - [] D -- C:\Program Files (x86)\Electronic Arts O43 - CFD: 19/02/2015 - [] D -- C:\Program Files (x86)\Eltima Software O43 - CFD: 29/01/2013 - [] D -- C:\Program Files (x86)\EpsonNet =>.SEIKO EPSON Corporation® O43 - CFD: 09/12/2014 - [] D -- C:\Program Files (x86)\ESET =>.ESET, spol. s r.o.® O43 - CFD: 01/08/2013 - [] D -- C:\Program Files (x86)\Eutechnyx O43 - CFD: 23/08/2013 - [] AD -- C:\Program Files (x86)\FairStars Audio Converter O43 - CFD: 11/07/2014 - [] D -- C:\Program Files (x86)\Foxy Games O43 - CFD: 07/12/2013 - [0] D -- C:\Program Files (x86)\Games O43 - CFD: 10/08/2013 - [] D -- C:\Program Files (x86)\GetData {658470B3E52D78E75A6148679E706353} O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 07/09/2014 - [] D -- C:\Program Files (x86)\Hewlett-Packard =>.Hewlett-Packard Company® O43 - CFD: 07/09/2014 - [] AD -- C:\Program Files (x86)\HP =>.Hewlett-Packard Company® O43 - CFD: 07/09/2014 - [] D -- C:\Program Files (x86)\HP Photo Creations =>.Visan Industries® O43 - CFD: 19/07/2016 - [] AD -- C:\Program Files (x86)\iExplorer O43 - CFD: 26/07/2016 - [] AD -- C:\Program Files (x86)\Injustice Gods Among Us Ultimate Edition O43 - CFD: 09/04/2015 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.Macrovision Corporation® O43 - CFD: 29/10/2012 - [] D -- C:\Program Files (x86)\Intel =>.Intel Corporation® O43 - CFD: 26/07/2016 - [] D -- C:\Program Files (x86)\Internet Download Manager O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 29/07/2016 - [0] D -- C:\Program Files (x86)\iSkysoft O43 - CFD: 02/08/2016 - [] D -- C:\Program Files (x86)\iTunes O43 - CFD: 29/01/2016 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 19/03/2015 - [] AD -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 17/03/2015 - [] D -- C:\Program Files (x86)\LIMBO O43 - CFD: 04/08/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 21/09/2014 - [] D -- C:\Program Files (x86)\MeadCo Neptune O43 - CFD: 23/01/2013 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services O43 - CFD: 09/04/2015 - [] D -- C:\Program Files (x86)\Microsoft Games O43 - CFD: 23/01/2013 - [] AD -- C:\Program Files (x86)\Microsoft Office =>.Microsoft Corporation® O43 - CFD: 24/06/2016 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 24/04/2013 - [] AD -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 23/01/2013 - [] D -- C:\Program Files (x86)\Microsoft Sync Framework O43 - CFD: 23/01/2013 - [] D -- C:\Program Files (x86)\Microsoft Synchronization Services O43 - CFD: 23/01/2013 - [] AD -- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 02/08/2016 - [] AD -- C:\Program Files (x86)\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 29/01/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 21/07/2016 - [] AD -- C:\Program Files (x86)\MSBuild O43 - CFD: 20/01/2013 - [] D -- C:\Program Files (x86)\My Company Name O43 - CFD: 19/07/2016 - [] D -- C:\Program Files (x86)\NCH Software O43 - CFD: 04/08/2016 - [] D -- C:\Program Files (x86)\Nevusygerwersh O43 - CFD: 21/07/2016 - [0] D -- C:\Program Files (x86)\Nike O43 - CFD: 24/05/2013 - [0] D -- C:\Program Files (x86)\Nikon O43 - CFD: 23/08/2013 - [] AD -- C:\Program Files (x86)\Norton Identity Safe =>.Symantec Corporation® O43 - CFD: 29/10/2012 - [] AD -- C:\Program Files (x86)\Norton Online Backup ARA =>.Symantec Corporation® O43 - CFD: 25/01/2014 - [] D -- C:\Program Files (x86)\NortonInstaller =>.Symantec Corporation® O43 - CFD: 31/08/2013 - [] D -- C:\Program Files (x86)\NVIDIA Corporation =>.NVIDIA Corporation® O43 - CFD: 03/12/2015 - [] D -- C:\Program Files (x86)\Paradox Interactive O43 - CFD: 27/01/2016 - [] D -- C:\Program Files (x86)\Portable O43 - CFD: 04/08/2016 - [] AD -- C:\Program Files (x86)\Pro Evolution Soccer 2016 O43 - CFD: 17/03/2015 - [] D -- C:\Program Files (x86)\Project1 O43 - CFD: 21/07/2016 - [0] D -- C:\Program Files (x86)\Quark O43 - CFD: 05/08/2016 - [] AD -- C:\Program Files (x86)\QuickTime =>Riskware.QuickTime O43 - CFD: 29/11/2013 - [] D -- C:\Program Files (x86)\Quran 3.0 O43 - CFD: 08/09/2015 - [] AD -- C:\Program Files (x86)\Quran_in_Word O43 - CFD: 26/07/2016 - [] D -- C:\Program Files (x86)\Real O43 - CFD: 29/10/2012 - [] D -- C:\Program Files (x86)\Realtek =>.Realtek Semiconductor Corp® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 20/08/2013 - [] D -- C:\Program Files (x86)\RM to MP3 Converter O43 - CFD: 24/05/2013 - [] D -- C:\Program Files (x86)\Rockstar Games O43 - CFD: 16/03/2014 - [] D -- C:\Program Files (x86)\Seagate =>.Seagate Technology, LLC® O43 - CFD: 28/05/2016 - [] RD -- C:\Program Files (x86)\Skype =>.Skype Software Sarl® O43 - CFD: 08/07/2016 - [] AD -- C:\Program Files (x86)\Sony =>.Sony Creative Software Inc® O43 - CFD: 14/10/2013 - [] D -- C:\Program Files (x86)\Symantec =>.Symantec Corporation® O43 - CFD: 04/08/2016 - [] AD -- C:\Program Files (x86)\TeamViewer =>.TeamViewer® O43 - CFD: 29/10/2012 - [0] HD -- C:\Program Files (x86)\Temp O43 - CFD: 12/02/2015 - [0] D -- C:\Program Files (x86)\The KMPlayer O43 - CFD: 03/01/2015 - [] D -- C:\Program Files (x86)\The Learning Company O43 - CFD: 02/10/2015 - [] D -- C:\Program Files (x86)\THQ O43 - CFD: 24/08/2013 - [] D -- C:\Program Files (x86)\Total Video Converter O43 - CFD: 29/07/2016 - [] AD -- C:\Program Files (x86)\Ultra AVI Converter O43 - CFD: 04/08/2016 - [] D -- C:\Program Files (x86)\Ultra Street Fighter IV O43 - CFD: 05/12/2014 - [] D -- C:\Program Files (x86)\Valve O43 - CFD: 24/04/2013 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 24/04/2013 - [] AD -- C:\Program Files (x86)\Windows Live =>.Microsoft Corporation® O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 27/04/2016 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 27/04/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 27/04/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 30/10/2015 - [] SHD -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 30/10/2015 - [] SD -- C:\Program Files (x86)\WindowsPowerShell O43 - CFD: 08/11/2014 - [] D -- C:\Program Files (x86)\WinRAR O43 - CFD: 26/10/2013 - [] D -- C:\Program Files (x86)\WinSplit Revolution O43 - CFD: 27/07/2016 - [] D -- C:\Program Files (x86)\Wondershare O43 - CFD: 12/05/2013 - [] D -- C:\Program Files (x86)\Yahoo! O43 - CFD: 04/08/2016 - [] AD -- C:\Program Files (x86)\ZHPDiag O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\مصحف النور O43 - CFD: 21/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 21/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer O43 - CFD: 21/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 O43 - CFD: 19/02/2015 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced PDF Password Remover 5.0 O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitComet (64-bit) O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite O43 - CFD: 27/01/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daossoft PDF Password Rescuer O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub O43 - CFD: 12/08/2013 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DjVuLibre O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.3.0 O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eltima Software O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EpsonNet O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairStars Audio Converter O43 - CFD: 21/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iExplorer O43 - CFD: 26/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 02/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 01/03/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leos Fortune O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LIMBO O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Link to Nikon O43 - CFD: 30/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 04/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games O43 - CFD: 02/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup O43 - CFD: 05/07/2013 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passware O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project1 O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quran - Searcher 3.0 O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\red alert O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RM to MP3 Converter O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate O43 - CFD: 02/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony O43 - CFD: 26/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp O43 - CFD: 21/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 27/04/2016 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 30/05/2016 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teenage Mutant Ninja Turtles Mutants in Manhattan O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Teenage Mutant Ninja Turtles Out of the Shadows O43 - CFD: 15/08/2013 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unreal Development Kit O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valve O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 27/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger O43 - CFD: 04/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP O43 - CFD: 19/10/2014 - [] D -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 O43 - CFD: 03/09/2014 - [] D -- C:\ProgramData\Adobe O43 - CFD: 08/09/2014 - [0] D -- C:\ProgramData\ALM O43 - CFD: 26/01/2014 - [] D -- C:\ProgramData\Apple O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 21/07/2016 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 19/04/2015 - [] D -- C:\ProgramData\Autodesk O43 - CFD: 17/08/2014 - [] D -- C:\ProgramData\Baidu Security O43 - CFD: 19/10/2013 - [] D -- C:\ProgramData\Big Fish O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 25/09/2013 - [] D -- C:\ProgramData\Caphyon O43 - CFD: 28/06/2013 - [] D -- C:\ProgramData\Cisco Systems O43 - CFD: 14/01/2013 - [] D -- C:\ProgramData\clear.fi O43 - CFD: 29/10/2012 - [] D -- C:\ProgramData\CLSK O43 - CFD: 03/08/2013 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\Comms O43 - CFD: 24/05/2013 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 26/05/2015 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 15/01/2013 - [] D -- C:\ProgramData\DAEMON Tools Pro O43 - CFD: 21/07/2016 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 21/07/2016 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 20/06/2015 - [] D -- C:\ProgramData\Dropbox O43 - CFD: 07/08/2015 - [] D -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 O43 - CFD: 31/07/2013 - [] D -- C:\ProgramData\EA Core O43 - CFD: 04/09/2012 - [] D -- C:\ProgramData\EgisTec O43 - CFD: 25/12/2013 - [] D -- C:\ProgramData\Electronic Arts O43 - CFD: 21/05/2013 - [] D -- C:\ProgramData\EnterNHelp O43 - CFD: 09/06/2013 - [] D -- C:\ProgramData\EPSON O43 - CFD: 07/09/2014 - [] AD -- C:\ProgramData\HP O43 - CFD: 07/09/2014 - [] AD -- C:\ProgramData\HP Photo Creations O43 - CFD: 04/05/2013 - [0] D -- C:\ProgramData\IDM O43 - CFD: 29/10/2012 - [] D -- C:\ProgramData\install_clap O43 - CFD: 29/10/2012 - [] D -- C:\ProgramData\Intel O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\iSkysoft O43 - CFD: 27/07/2016 - [] D -- C:\ProgramData\iSkysoft iMedia Converter Deluxe O43 - CFD: 27/07/2016 - [] D -- C:\ProgramData\iSkysoft Video Converter Ultimate O43 - CFD: 08/05/2016 - [] D -- C:\ProgramData\KONAMI O43 - CFD: 04/08/2016 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 18/06/2013 - [] D -- C:\ProgramData\McAfee O43 - CFD: 21/07/2016 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 02/08/2016 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\Microsoft OneDrive O43 - CFD: 19/01/2013 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\NCH Software O43 - CFD: 24/05/2013 - [] D -- C:\ProgramData\Nero O43 - CFD: 26/01/2013 - [] D -- C:\ProgramData\Nike O43 - CFD: 22/05/2013 - [] D -- C:\ProgramData\Nikon O43 - CFD: 25/01/2014 - [] D -- C:\ProgramData\Norton O43 - CFD: 15/01/2013 - [] D -- C:\ProgramData\NortonInstaller O43 - CFD: 24/05/2013 - [] D -- C:\ProgramData\OEM O43 - CFD: 14/01/2013 - [] D -- C:\ProgramData\OEM_E471269A730D O43 - CFD: 17/02/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 26/07/2016 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 24/08/2013 - [] D -- C:\ProgramData\Playrix Entertainment O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\PRICache O43 - CFD: 26/07/2016 - [] D -- C:\ProgramData\Real O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft O43 - CFD: 16/03/2014 - [] D -- C:\ProgramData\Seagate O43 - CFD: 05/10/2015 - [] D -- C:\ProgramData\Skype O43 - CFD: 30/10/2015 - [0] D -- C:\ProgramData\SoftwareDistribution O43 - CFD: 08/07/2016 - [] D -- C:\ProgramData\Sony O43 - CFD: 21/07/2016 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 11/09/2013 - [] D -- C:\ProgramData\Steam O43 - CFD: 10/02/2013 - [] D -- C:\ProgramData\Sun O43 - CFD: 29/10/2012 - [] D -- C:\ProgramData\Symantec O43 - CFD: 02/03/2015 - [] AD -- C:\ProgramData\Temp O43 - CFD: 21/07/2016 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 21/05/2013 - [] D -- C:\ProgramData\Ultima_T15 O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\USOPrivate O43 - CFD: 27/04/2016 - [] D -- C:\ProgramData\USOShared O43 - CFD: 07/09/2014 - [] D -- C:\ProgramData\Visan O43 - CFD: 24/05/2013 - [] D -- C:\ProgramData\WildTangent O43 - CFD: 16/11/2013 - [0] D -- C:\ProgramData\WinZipEC O43 - CFD: 27/07/2016 - [] D -- C:\ProgramData\Wondershare O43 - CFD: 28/07/2016 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate O43 - CFD: 12/05/2013 - [] D -- C:\ProgramData\Yahoo! O43 - CFD: 25/11/2013 - [] AD -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 31/08/2015 - [] AD -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 15/05/2014 - [] AD -- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 09/11/2013 - [] HD -- C:\Program Files (x86)\Common Files\EAInstaller O43 - CFD: 21/05/2013 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 27/07/2016 - [] D -- C:\Program Files (x86)\Common Files\iSkysoft O43 - CFD: 29/01/2016 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 21/07/2016 - [] AD -- C:\Program Files (x86)\Common Files\Microsoft Shared O43 - CFD: 24/05/2013 - [] D -- C:\Program Files (x86)\Common Files\Nikon O43 - CFD: 29/10/2012 - [] D -- C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 21/01/2013 - [] AD -- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 30/10/2015 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 05/10/2015 - [] AD -- C:\Program Files (x86)\Common Files\Skype O43 - CFD: 20/01/2013 - [] D -- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 11/01/2014 - [0] D -- C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 24/04/2013 - [] D -- C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 27/07/2016 - [] D -- C:\Program Files (x86)\Common Files\Wondershare O43 - CFD: 27/08/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\Adobe O43 - CFD: 26/11/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Adobe Mini Bridge CS5.1 O43 - CFD: 27/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Anvsoft O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Apple Computer O43 - CFD: 16/07/2014 - [] D -- C:\Users\mezoo\AppData\Roaming\Artifex Mundi O43 - CFD: 19/09/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\ArtifexMundi O43 - CFD: 13/09/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Atari O43 - CFD: 04/02/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\ATI O43 - CFD: 19/04/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\Autodesk O43 - CFD: 10/08/2014 - [] D -- C:\Users\mezoo\AppData\Roaming\Baidu Security O43 - CFD: 05/08/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\BitComet O43 - CFD: 29/11/2013 - [0] D -- C:\Users\mezoo\AppData\Roaming\BitTorrent O43 - CFD: 20/08/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Boilsoft O43 - CFD: 26/10/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Boomzap O43 - CFD: 14/11/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\CDisplayEx O43 - CFD: 22/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O43 - CFD: 31/08/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\com.adobe.amp O43 - CFD: 19/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 15/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\CometPlayer O43 - CFD: 20/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\CyberLink O43 - CFD: 26/05/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 15/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\DAEMON Tools Pro O43 - CFD: 04/08/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\DMCache O43 - CFD: 12/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Dropbox O43 - CFD: 22/08/2014 - [] D -- C:\Users\mezoo\AppData\Roaming\dvdcss O43 - CFD: 13/10/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Elephant Games O43 - CFD: 19/02/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\Eltima Software O43 - CFD: 07/11/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\ERS Game Studios O43 - CFD: 17/10/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\HpUpdate O43 - CFD: 23/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Identities O43 - CFD: 27/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\IDM O43 - CFD: 08/08/2014 - [] D -- C:\Users\mezoo\AppData\Roaming\iFunbox_UserCache O43 - CFD: 29/11/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Injustice O43 - CFD: 27/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\iSkysoft iMedia Converter Deluxe O43 - CFD: 24/07/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Kalypso Media O43 - CFD: 22/06/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Leadertech O43 - CFD: 17/03/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\Macromedia O43 - CFD: 04/08/2016 - [0] D -- C:\Users\mezoo\AppData\Roaming\Malwarebytes O43 - CFD: 21/07/2016 - [] SD -- C:\Users\mezoo\AppData\Roaming\Microsoft O43 - CFD: 19/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Mozilla O43 - CFD: 29/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\MP3 Quality Modifier O43 - CFD: 19/03/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\MPC-HC O43 - CFD: 17/10/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\MumboJumbo O43 - CFD: 19/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\NCH Software O43 - CFD: 21/05/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Nikon O43 - CFD: 29/11/2013 - [0] HD -- C:\Users\mezoo\AppData\Roaming\Origin O43 - CFD: 20/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\PDAppFlex O43 - CFD: 25/09/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Playstos srl O43 - CFD: 04/08/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Profiles O43 - CFD: 14/11/2013 - [] RASHD -- C:\Users\mezoo\AppData\Roaming\Program Files O43 - CFD: 29/01/2013 - [0] D -- C:\Users\mezoo\AppData\Roaming\Publish Providers O43 - CFD: 11/03/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Quark O43 - CFD: 26/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Real O43 - CFD: 21/12/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Red Alert 3 O43 - CFD: 20/12/2013 - [] RHD -- C:\Users\mezoo\AppData\Roaming\SecuROM O43 - CFD: 12/10/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\Skype O43 - CFD: 27/07/2014 - [] D -- C:\Users\mezoo\AppData\Roaming\SlimBrowser O43 - CFD: 05/11/2014 - [] D -- C:\Users\mezoo\AppData\Roaming\SolidDocuments O43 - CFD: 09/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Sony O43 - CFD: 20/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 O43 - CFD: 01/03/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Steam O43 - CFD: 10/08/2014 - [] D -- C:\Users\mezoo\AppData\Roaming\Subtitle Edit O43 - CFD: 29/01/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Sun O43 - CFD: 23/12/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\TeamViewer O43 - CFD: 06/09/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\The Creative Assembly O43 - CFD: 27/04/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\tigerplayer O43 - CFD: 19/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\vlc O43 - CFD: 03/09/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Wayforward Technologies O43 - CFD: 24/05/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\WildTangent O43 - CFD: 15/01/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\WinRAR O43 - CFD: 24/09/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Winsplit Revolution O43 - CFD: 27/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Wondershare Video Converter Ultimate O43 - CFD: 12/05/2013 - [] D -- C:\Users\mezoo\AppData\Roaming\Yahoo! O43 - CFD: 05/08/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\ZHP O43 - CFD: 27/07/2016 - [0] D -- C:\Users\mezoo\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} O43 - CFD: 14/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\Acer O43 - CFD: 14/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\AcerCloud O43 - CFD: 21/07/2016 - [0] D -- C:\Users\mezoo\AppData\Local\ActiveSync O43 - CFD: 02/02/2013 - [] D -- C:\Users\mezoo\AppData\Local\Activision O43 - CFD: 04/08/2016 - [] D -- C:\Users\mezoo\AppData\Local\Adobe O43 - CFD: 04/02/2013 - [] D -- C:\Users\mezoo\AppData\Local\Apple O43 - CFD: 15/09/2013 - [] D -- C:\Users\mezoo\AppData\Local\Apple Computer O43 - CFD: 21/07/2016 - [0] SHD -- C:\Users\mezoo\AppData\Local\Application Data O43 - CFD: 27/06/2014 - [] D -- C:\Users\mezoo\AppData\Local\Apps O43 - CFD: 04/02/2013 - [] D -- C:\Users\mezoo\AppData\Local\ATI O43 - CFD: 23/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\bunkus.org O43 - CFD: 08/02/2014 - [] D -- C:\Users\mezoo\AppData\Local\cache O43 - CFD: 19/05/2013 - [] D -- C:\Users\mezoo\AppData\Local\Chromium O43 - CFD: 14/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\ClearfiMedia O43 - CFD: 14/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\ClearfiPhoto O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Comms O43 - CFD: 16/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\CrashDumps O43 - CFD: 24/05/2013 - [] D -- C:\Users\mezoo\AppData\Local\Cyberlink O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Diagnostics O43 - CFD: 24/09/2013 - [] D -- C:\Users\mezoo\AppData\Local\Digital_Creations_AS O43 - CFD: 14/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\Doc O43 - CFD: 16/03/2014 - [] D -- C:\Users\mezoo\AppData\Local\Downloaded Installations O43 - CFD: 22/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Dropbox O43 - CFD: 14/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\EgisTec IPS O43 - CFD: 04/08/2016 - [] D -- C:\Users\mezoo\AppData\Local\ElevatedDiagnostics O43 - CFD: 01/09/2013 - [] D -- C:\Users\mezoo\AppData\Local\EMU O43 - CFD: 11/08/2014 - [] D -- C:\Users\mezoo\AppData\Local\Facebook O43 - CFD: 11/09/2015 - [] D -- C:\Users\mezoo\AppData\Local\Google O43 - CFD: 02/08/2016 - [] D -- C:\Users\mezoo\AppData\Local\grientjerhipythojuse O43 - CFD: 21/07/2016 - [0] SHD -- C:\Users\mezoo\AppData\Local\History O43 - CFD: 22/09/2014 - [] D -- C:\Users\mezoo\AppData\Local\HP O43 - CFD: 27/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\iSkysoft O43 - CFD: 13/01/2014 - [] D -- C:\Users\mezoo\AppData\Local\LogMeIn Rescue Applet O43 - CFD: 19/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\Macromedia O43 - CFD: 01/01/2014 - [] D -- C:\Users\mezoo\AppData\Local\Macroplant_LLC O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Microsoft O43 - CFD: 11/09/2015 - [] D -- C:\Users\mezoo\AppData\Local\Microsoft Help O43 - CFD: 02/08/2016 - [] D -- C:\Users\mezoo\AppData\Local\MicrosoftEdge O43 - CFD: 06/09/2014 - [] D -- C:\Users\mezoo\AppData\Local\Mozilla O43 - CFD: 24/05/2013 - [0] D -- C:\Users\mezoo\AppData\Local\Nikon O43 - CFD: 07/12/2013 - [] D -- C:\Users\mezoo\AppData\Local\NPE O43 - CFD: 27/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Packages O43 - CFD: 21/07/2016 - [0] D -- C:\Users\mezoo\AppData\Local\PeerDistRepub O43 - CFD: 05/08/2016 - [] D -- C:\Users\mezoo\AppData\Local\Profiles O43 - CFD: 24/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\Programs O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Publishers O43 - CFD: 11/03/2013 - [] D -- C:\Users\mezoo\AppData\Local\Quark O43 - CFD: 15/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\Real O43 - CFD: 02/10/2015 - [] D -- C:\Users\mezoo\AppData\Local\SKIDROW O43 - CFD: 02/08/2014 - [] D -- C:\Users\mezoo\AppData\Local\Skype O43 - CFD: 09/06/2015 - [] D -- C:\Users\mezoo\AppData\Local\Smart_PC_Soft O43 - CFD: 08/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Sony O43 - CFD: 19/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Spoon O43 - CFD: 25/10/2015 - [] D -- C:\Users\mezoo\AppData\Local\TeamViewer O43 - CFD: 05/08/2016 - [] D -- C:\Users\mezoo\AppData\Local\Temp O43 - CFD: 21/07/2016 - [0] SHD -- C:\Users\mezoo\AppData\Local\Temporary Internet Files O43 - CFD: 18/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\THQ O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\TileDataLayer O43 - CFD: 10/03/2014 - [] D -- C:\Users\mezoo\AppData\Local\twitter O43 - CFD: 08/06/2013 - [] D -- C:\Users\mezoo\AppData\Local\VirtualStore O43 - CFD: 21/01/2013 - [] D -- C:\Users\mezoo\AppData\Local\VS Revo Group O43 - CFD: 22/05/2014 - [] D -- C:\Users\mezoo\AppData\Local\Windows Live O43 - CFD: 16/11/2013 - [] D -- C:\Users\mezoo\AppData\Local\WinZip Courier O43 - CFD: 27/07/2016 - [] D -- C:\Users\mezoo\AppData\Local\Wondershare O43 - CFD: 24/01/2013 - [0] D -- C:\Users\mezoo\AppData\Local\Programs\Common O43 - CFD: 30/10/2015 - [] RD -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility O43 - CFD: 04/08/2016 - [] RD -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 21/07/2016 - [] RD -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cut the Rope O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox O43 - CFD: 09/04/2014 - [0] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 04/08/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 26/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 30/10/2015 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mead & Company O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs O43 - CFD: 17/03/2015 - [0] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project1 O43 - CFD: 21/07/2016 - [] RD -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 30/10/2015 - [] RD -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westwood O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool O43 - CFD: 30/10/2015 - [] RSD -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell O43 - CFD: 21/07/2016 - [] D -- C:\Users\mezoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DataSharing O43 - CFD: 21/07/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Packages ---\\ ShellIconOverlayIdentifiers (SIOI) (21) - 1s O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\mezoo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\mezoo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\mezoo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\mezoo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\mezoo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll =>.Microsoft Corporation® O106 - SIOI: DropboxExt1 Class [DropboxExt1] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt2 Class [DropboxExt2] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt3 Class [DropboxExt3] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL =>.Microsoft Corporation® O106 - SIOI: DropboxExt1 Class ["DropboxExt1"] - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt2 Class ["DropboxExt2"] - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt5 Class ["DropboxExt3"] - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt6 Class ["DropboxExt4"] - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt3 Class ["DropboxExt5"] - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt7 Class ["DropboxExt6"] - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt4 Class ["DropboxExt7"] - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® O106 - SIOI: DropboxExt8 Class ["DropboxExt8"] - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B}. (.Dropbox, Inc. - Dropbox Shell Extension.) -- C:\Users\mezoo\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll =>.Dropbox, Inc® ---\\ System Drivers List (62) - 8s O58 - SDL:2015/10/30 11:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows® O58 - SDL:2012/07/17 16:59:12 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\AtihdW86.sys [98472] =>.Advanced Micro Devices, Inc.® O58 - SDL:2015/07/12 06:01:10 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [21628952] =>.Microsoft Windows Hardware Compatibility Publisher® O58 - SDL:2015/07/12 06:01:08 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [673304] =>.Microsoft Windows Hardware Compatibility Publisher® O58 - SDL:2015/10/30 11:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/10/30 11:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/10/30 11:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows® O58 - SDL:2011/10/17 03:00:00 A . (.Sonic Solutions - CDR4 64-bit CD and DVD Place Holder Driver.) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [10224] =>.Sonic Solutions® O58 - SDL:2011/10/17 03:00:00 A . (.Sonic Solutions - CDRAL 64-bit Place Holder Driver (see PxHel.) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [10224] =>.Sonic Solutions® O58 - SDL:2015/05/26 22:02:40 A . (.Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver.) -- C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264] =>.Disc Soft Ltd® O58 - SDL:2012/07/13 01:46:14 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\WINDOWS\System32\drivers\e1c63x64.sys [498032] =>.Intel Corporation® O58 - SDL:2015/10/30 11:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows® O58 - SDL:2012/08/21 13:01:20 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [33240] =>.GEAR Software Inc.® O58 - SDL:2012/07/02 11:16:02 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation® O58 - SDL:2015/10/30 11:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation O58 - SDL:2015/10/30 11:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation O58 - SDL:2015/10/30 11:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group® O58 - SDL:2015/10/30 11:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation O58 - SDL:2012/07/10 00:43:12 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorA.sys [645952] =>.Intel Corporation® O58 - SDL:2015/10/30 11:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows® O58 - SDL:2015/06/12 06:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\WINDOWS\System32\drivers\idmwfp.sys [197616] =>.Tonec Inc.® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation® O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation® O58 - SDL:2016/08/05 07:32:59 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation® O58 - SDL:2015/10/30 11:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:09:10 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [65408] =>.Malwarebytes Corporation® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows® O58 - SDL:2011/11/03 03:01:00 A . (.Rovi Corporation - Px Engine Device Driver for 64-bit Windows.) -- C:\WINDOWS\System32\drivers\PxHlpa64.sys [56208] =>.Sonic Solutions® O58 - SDL:2012/07/10 14:30:44 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4083600] =>.Realtek Semiconductor Corp® O58 - SDL:2012/07/05 07:18:06 A . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/V.) -- C:\WINDOWS\System32\drivers\RtsUStor.sys [252048] =>.Realtek Semiconductor Corp® O58 - SDL:2015/10/30 11:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows® O58 - SDL:2012/08/01 22:13:40 A . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\taphss.sys [38632] =>.AnchorFree Inc® O58 - SDL:2014/05/17 04:42:36 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\WINDOWS\System32\drivers\taphss6.sys [42184] =>.AnchorFree Inc® O58 - SDL:2012/12/05 08:27:46 A . (.Seiko Epson Corporation - EPSON USB Device Driver for TM/BA/EU Printe.) -- C:\WINDOWS\System32\drivers\TMUSB64.sys [63096] =>.Seiko Epson Corporation O58 - SDL:2015/06/10 23:08:36 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl64.sys [54784] =>.Apple, Inc. O58 - SDL:2015/10/30 11:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows® O58 - SDL:2015/10/30 11:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows® O58 - SDL:2013/03/07 09:49:18 A . (...) -- C:\WINDOWS\System32\epmntdrv.sys [17480] O58 - SDL:2013/03/07 09:49:18 A . (...) -- C:\WINDOWS\System32\EuGdiDrv.sys [9800] ---\\ Last modified or created user files (65) - 13s O61 - LFC: 2016/08/02 17:18:02 A . (..) -- C:\Users\mezoo\Downloads\Programs\Word Repair SoftwareInstaller.exe [1043776] O61 - LFC: 2016/08/01 13:19:48 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_150_0_TabletMode_Data.bin [19722932] O61 - LFC: 2016/08/01 13:19:39 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_150_0_TabletMode_Header.bin [37096] O61 - LFC: 2016/08/04 19:48:07 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192] O61 - LFC: 2016/08/05 06:48:04 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\MicrosoftEdge\UrlBlock\urlblock_636059568471566491.bin [227377] O61 - LFC: 2016/07/29 11:34:11 A . (.Copyright © 2013.) -- C:\Users\mezoo\AppData\Local\Packages\KidZoneStudios.PreSchoolPuzzles-Educationalgamesfo_jda8bcrkqkc9j\AC\Microsoft\CLR_v4.0_32\NativeImages\PreschoolPuzzles\4f35cb460aa27c19ecf316a7a111cce0\PreschoolPuzzles.ni.exe [1351680] O61 - LFC: 2016/07/28 14:13:59 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gobjcache.bin [141968] O61 - LFC: 2016/07/28 14:22:37 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Batched.bin [158] O61 - LFC: 2016/07/28 14:13:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Device.bin [236] O61 - LFC: 2016/07/28 14:13:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\InstallInfo.bin [132] O61 - LFC: 2016/07/28 14:13:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\PointcutBatched.bin [0] O61 - LFC: 2016/07/28 14:13:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\PointcutPriority.bin [0] O61 - LFC: 2016/07/28 14:13:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\PointcutStream.bin [0] O61 - LFC: 2016/07/28 14:14:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Priority.bin [0] O61 - LFC: 2016/07/28 14:13:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Sessions.bin [110] O61 - LFC: 2016/07/28 14:14:56 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Stream.bin [0] O61 - LFC: 2016/07/28 14:22:35 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Timer.bin [154] O61 - LFC: 2016/07/28 14:14:02 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Token.bin [112] O61 - LFC: 2016/07/28 14:14:01 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\LocalState\gv3\Tracking.bin [150] O61 - LFC: 2016/07/29 11:34:09 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\WCPToolkit\21e6738b91385b30447f4c51ab428e3c\WCPToolkit.ni.dll [60416] O61 - LFC: 2016/07/29 11:34:09 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\Notificatioc5a47191#\0bd17027072d0e7b398b2df2df9ec8d3\NotificationsExtensions.ni.dll [411136] O61 - LFC: 2016/07/29 11:34:09 A . (.Copyright © 2012.) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\818c9227f87f81849d67e8af31bb5527\IGPWindows8.ni.dll [222208] O61 - LFC: 2016/07/29 11:34:07 A . (.Copyright © 2012.) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\346db9b35810ba96ea61e104a9c12b48\IGPBridgeLibrary.ni.dll [194560] O61 - LFC: 2016/07/29 11:34:08 A . (.Copyright © 2014.) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds_Root\003c5080581f8306eb36d9f4d4649499\GLAds_Root.ni.dll [1297920] O61 - LFC: 2016/07/29 11:34:09 A . (.Gameloft.) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\GA\fd54b4b236b6b4647af241e228248674\GA.ni.dll [120320] O61 - LFC: 2016/07/29 11:34:08 A . (.Copyright © 2013.) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\2715037fa551603e2f2e72d11b3a5c31\FacebookRuntimeComponent.ni.dll [391680] O61 - LFC: 2016/07/29 11:34:09 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\GAMELOFTSA.Asphalt8Airborne_0pp20fcewvvtj\AC\Microsoft\CLR_v4.0_32\NativeImages\Asphalt8\4ae61bcb69aad02cc1363666eda9ca7d\Asphalt8.ni.dll [123904] O61 - LFC: 2016/07/29 11:33:52 A . (.Big Duck Games LLC.) -- C:\Users\mezoo\AppData\Local\Packages\BigDuckGamesLLC.Flow_1eenntbmr0etw\AC\Microsoft\CLR_v4.0_32\NativeImages\Flow\cf7fdcf142ee94249f7d610dbc998d9d\Flow.ni.exe [754688] O61 - LFC: 2016/07/28 14:17:53 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\B9BA84AC.CityRacing3D_3ag0hv5nd203a\LocalState\config.bin [126400] O61 - LFC: 2016/07/28 14:39:30 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gobjcache.bin [42288] O61 - LFC: 2016/07/28 16:59:19 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Batched.bin [453] O61 - LFC: 2016/07/28 14:39:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Device.bin [236] O61 - LFC: 2016/07/28 14:39:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\InstallInfo.bin [131] O61 - LFC: 2016/07/28 14:39:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\PointcutBatched.bin [0] O61 - LFC: 2016/07/28 14:39:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\PointcutPriority.bin [0] O61 - LFC: 2016/07/28 14:39:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\PointcutStream.bin [0] O61 - LFC: 2016/07/28 14:40:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Priority.bin [0] O61 - LFC: 2016/07/28 14:39:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Resume.bin [0] O61 - LFC: 2016/07/28 14:39:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Sessions.bin [109] O61 - LFC: 2016/07/28 14:42:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Stream.bin [0] O61 - LFC: 2016/07/28 14:42:06 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Timer.bin [153] O61 - LFC: 2016/07/28 14:42:06 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Token.bin [113] O61 - LFC: 2016/07/28 14:39:45 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\LocalState\gv3\Tracking.bin [151] O61 - LFC: 2016/07/29 11:33:50 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPWindows8\519702a61af2297bf13a68e52ad2a58e\IGPWindows8.ni.dll [213504] O61 - LFC: 2016/07/29 11:33:48 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\IGPBridgeLibrary\c773d2d0b2fbe616a421d54537446ed1\IGPBridgeLibrary.ni.dll [191488] O61 - LFC: 2016/07/29 11:33:49 A . (.Copyright © 2014.) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GLAds_Root\6f351dcabd8cd7e50d8104e1b49d501d\GLAds_Root.ni.dll [1309696] O61 - LFC: 2016/07/29 11:33:50 A . (.Gameloft.) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\GA\0d38cba7abf32f86c679ff72986bc58e\GA.ni.dll [128000] O61 - LFC: 2016/07/29 11:33:48 A . (.Copyright © 2013.) -- C:\Users\mezoo\AppData\Local\Packages\A278AB0D.DisneyMagicKingdoms_h6adky7gbf63m\AC\Microsoft\CLR_v4.0_32\NativeImages\FacebookRun67b5d43e#\49ebf70bad7c3e25d09e10a48c9ad668\FacebookRuntimeComponent.ni.dll [385536] O61 - LFC: 2016/08/03 06:33:39 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\7458BE2C.WorldofTanksBlitz_x4tje2y229k00\LocalState\DAVAProject\localOptions.bin [656] O61 - LFC: 2016/08/04 18:19:13 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\7458BE2C.WorldofTanksBlitz_x4tje2y229k00\LocalState\DAVAProject\optionsDevice.bin [11673] O61 - LFC: 2016/08/04 18:19:13 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\7458BE2C.WorldofTanksBlitz_x4tje2y229k00\LocalState\DAVAProject\optionsGlobal.bin [34826] O61 - LFC: 2016/08/03 08:53:24 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\7458BE2C.WorldofTanksBlitz_x4tje2y229k00\LocalState\DAVAProject\ShaderSource.bin [618464] O61 - LFC: 2016/07/29 11:34:01 A . (.© 2015.) -- C:\Users\mezoo\AppData\Local\Packages\6918E89D.TheChessLv.100_66n08swfvvka0\AC\Microsoft\CLR_v4.0\NativeImages\VungleSDK\fee98c590ac5b6dbe4f744ba6821c794\VungleSDK.ni.dll [2257920] O61 - LFC: 2016/07/29 11:34:02 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\6918E89D.TheChessLv.100_66n08swfvvka0\AC\Microsoft\CLR_v4.0\NativeImages\chess_mt_x\25e5d2c15c25b8574f8c0e1c56bd8964\chess_mt_x.ni.dll [34304] O61 - LFC: 2016/07/29 11:33:58 A . (.Copyright © 2015.) -- C:\Users\mezoo\AppData\Local\Packages\6918E89D.TheChessLv.100_66n08swfvvka0\AC\Microsoft\CLR_v4.0\NativeImages\AdDuplex.Unb1b08295#\ac4526fdcadcf2ca52964ac63f91f169\AdDuplex.Universal.Win.WinRT.ni.dll [512000] O61 - LFC: 2016/07/29 11:33:58 A . (.Copyright © 2015.) -- C:\Users\mezoo\AppData\Local\Packages\6918E89D.TheChessLv.100_66n08swfvvka0\AC\Microsoft\CLR_v4.0\NativeImages\AdDuplex.Un1b2e3881#\fcfa4fc81d64905f1838588cc2d94f6a\AdDuplex.Universal.Controls.Win.XAML.ni.dll [465408] O61 - LFC: 2016/07/29 11:33:51 A . (.Copyright © 2012.) -- C:\Users\mezoo\AppData\Local\Packages\2724ZoltnGubics.OffroadRacing_d5xggy273m32g\AC\Microsoft\CLR_v4.0\NativeImages\OpenXLive.WinRT.UI\5defaab84d08ca99b6312b5ec2e32c28\OpenXLive.WinRT.UI.ni.dll [410624] O61 - LFC: 2016/07/29 11:33:54 A . (.Copyright © 2012.) -- C:\Users\mezoo\AppData\Local\Packages\2724ZoltnGubics.OffroadRacing_d5xggy273m32g\AC\Microsoft\CLR_v4.0\NativeImages\OpenXLive\04a7e5ff73af8a134ba824d32657bd49\OpenXLive.ni.dll [1333248] O61 - LFC: 2016/07/29 11:33:53 A . (..) -- C:\Users\mezoo\AppData\Local\Packages\2724ZoltnGubics.OffroadRacing_d5xggy273m32g\AC\Microsoft\CLR_v4.0\NativeImages\OffroadRacing.Win8\a71885b030ead2ddba7b2baf25b75d87\OffroadRacing.Win8.ni.dll [279040] O61 - LFC: 2016/07/29 11:33:51 A . (.Copyright © 2013.) -- C:\Users\mezoo\AppData\Local\Packages\2724ZoltnGubics.OffroadRacing_d5xggy273m32g\AC\Microsoft\CLR_v4.0\NativeImages\OffroadRacid009db10#\5b757c067756df9e1e12f9d267d8cab4\OffroadRacing.Components.ni.dll [156672] O61 - LFC: 2016/07/29 11:33:54 A . (.Copyright © 2013.) -- C:\Users\mezoo\AppData\Local\Packages\2724ZoltnGubics.OffroadRacing_d5xggy273m32g\AC\Microsoft\CLR_v4.0\NativeImages\GoogleAnalytics\4576faf4606718ebd73fba06000115d5\GoogleAnalytics.ni.dll [451072] O61 - LFC: 2016/07/29 11:33:48 A . (.FinerCode.) -- C:\Users\mezoo\AppData\Local\Packages\10084FinerCode.ChessTactics_73behhyksgb12\AC\Microsoft\CLR_v4.0\NativeImages\The8.UI\e9e0e7b244a4c80097ebc8eb18b9dcbd\The8.UI.ni.exe [350720] O61 - LFC: 2016/07/29 11:33:50 A . (.Adam Berent.) -- C:\Users\mezoo\AppData\Local\Packages\10084FinerCode.ChessTactics_73behhyksgb12\AC\Microsoft\CLR_v4.0\NativeImages\ChessEngine\d65fe924392817139de2b46b329f62db\ChessEngine.ni.dll [120832] O61 - LFC: 2016/08/05 07:29:56 A . (..) -- C:\Users\mezoo\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148] O61 - LFC: 2016/08/03 09:53:50 A . (..) -- C:\Users\mezoo\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [419317] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S ---\\ Start Menu Internet (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation® O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation ---\\ Search Browser Infection (21) - 3s O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var1", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var10", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var2", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var3", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var4", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var5", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var6", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var7", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var8", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.Var9", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.cache.tbs_include_xml_006938", "18/12/21/2/113"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.firstlaunch", "0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.guid", "%7B89B51CD5-0861-A99D-7C9D-9EC95B67D647%7D"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.popupblockedcnt", "2"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6.userId", "%12"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("id_imbooster4web_v6_installed_version", "1.0.1018.0"); =>PUP.Optional.Boost O69 - SBI: prefs.js [mezoo - nj11tx8v.default] user_pref("keyword.URL", "http://d2ucfwpxlh3zh3.cloudfront.net/chrome.php?uid=CD2614266816DA107F6AEBE320D1A132&ptid=isr&ts=AHEqBXI[...] =>.Superfluous.CloudfrontNet O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} [DefaultScope] - (Bing) - http://www.bing.com/ O69 - SBI: SearchScopes [HKCU] {E623F50D-25EB-41B7-B965-519B2ACC12B5} - (google.com) - http://www.google.com O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/ O69 - SBI: SearchScopes [HKLM] {8F3C877D-4243-44C7-A2DF-CA7CF2195059} - (Bing) - http://www.bing.com/ ---\\ Search Svchost Services (42) - 1s O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [1339904] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [963072] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\system32\schedsvc.dll [1001472] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\WINDOWS\system32\wlidsvc.dll [2057216] =>.Microsoft Corporation O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Network Setup Service.) -- C:\WINDOWS\System32\NetSetupSvc.dll [207360] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Geolocation Service.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [456704] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\system32\wuaueng.dll [2280448] =>.Microsoft Corporation O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator Core.) -- C:\WINDOWS\system32\usocore.dll [379392] =>.Microsoft Corporation O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [200192] =>.Microsoft Corporation ---\\ Firewall Active Exception List (22) - 3s O87 - FAEL: "UDP Query User{935AD815-22AF-4DC2-A065-BE383E684295}C:\windows\kmsemulator.exe" [In-None-P17-TRUE] .(...) -- C:\windows\kmsemulator.exe (.not file.) =>HackTool.AutoKMS O87 - FAEL: "TCP Query User{406C4534-6618-4B47-9C43-463E3E51C8DB}C:\windows\kmsemulator.exe" [In-None-P6-TRUE] .(...) -- C:\windows\kmsemulator.exe (.not file.) =>HackTool.AutoKMS O87 - FAEL: "{5ADC04F1-8BC4-466C-A21B-E2A795F37C07}" [In-None-P17-TRUE] .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe O87 - FAEL: "{A5C6C6EE-48CC-4373-8230-5F0263966E49}" [In-None-P6-TRUE] .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files\BitComet\BitComet.exe O87 - FAEL: "UDP Query User{ED9F0911-5A3E-4D7B-A3A3-A71166DD481F}K:\games\dawn of war - dark crusade\darkcrusade.exe" [In-None-P17-TRUE] .(...) -- K:\games\dawn of war - dark crusade\darkcrusade.exe (.not file.) O87 - FAEL: "TCP Query User{2B10A7FA-F09A-45C5-9B57-776E267ED60B}K:\games\dawn of war - dark crusade\darkcrusade.exe" [In-None-P6-TRUE] .(...) -- K:\games\dawn of war - dark crusade\darkcrusade.exe (.not file.) O87 - FAEL: "UDP Query User{4951E243-007C-4D45-8ED2-75DFBC61CB71}C:\windows\keygen.exe" [In-None-P17-TRUE] .(...) -- C:\windows\keygen.exe (.not file.) O87 - FAEL: "TCP Query User{57E5A7A2-0A12-4A17-97BB-FF3D9DE4CA34}C:\windows\keygen.exe" [In-None-P6-TRUE] .(...) -- C:\windows\keygen.exe (.not file.) O87 - FAEL: "UDP Query User{DE3521A4-0F23-410B-885B-697D6BA6C562}C:\program files (x86)\valve\portal 2\portal2.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\valve\portal 2\portal2.exe O87 - FAEL: "TCP Query User{B93640C2-4283-4911-BD24-C60F08639D95}C:\program files (x86)\valve\portal 2\portal2.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\valve\portal 2\portal2.exe O87 - FAEL: "{6EBC551C-9567-4D8D-9BD8-F54AA8DA124B}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.) O87 - FAEL: "{59FF4F71-6DDE-4015-A14F-AE8C88605037}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (.not file.) O87 - FAEL: "{92B33477-5BC6-4383-9EB1-88E148453743}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.) O87 - FAEL: "{AD9CF3F3-E8CD-452E-B01B-04A8D4AF623C}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe (.not file.) O87 - FAEL: "UDP Query User{AFF06C9B-F4D6-48D8-878A-40679889BE4D}C:\windows\keygen.exe" [In-None-P17-TRUE] .(...) -- C:\windows\keygen.exe (.not file.) O87 - FAEL: "TCP Query User{CF0BD2AB-D374-4DB8-9741-DDDB9D101FF5}C:\windows\keygen.exe" [In-None-P6-TRUE] .(...) -- C:\windows\keygen.exe (.not file.) O87 - FAEL: "UDP Query User{6B24FBD0-75D4-41F8-8AA4-7C865DE2744B}C:\users\mezoo\appdata\local\akamai\netsession_win.exe" [In-None-P17-TRUE] .(...) -- C:\users\mezoo\appdata\local\akamai\netsession_win.exe (.not file.) O87 - FAEL: "TCP Query User{658BB231-99C4-41DE-AE8C-80C8C4AB22C2}C:\users\mezoo\appdata\local\akamai\netsession_win.exe" [In-None-P6-TRUE] .(...) -- C:\users\mezoo\appdata\local\akamai\netsession_win.exe (.not file.) O87 - FAEL: "UDP Query User{5B323FEF-8C22-4CB8-8835-7245B0B37E6A}C:\program files (x86)\bitcomet\bitcomet.exe" [In-None-P17-TRUE] .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet.exe O87 - FAEL: "TCP Query User{8A304578-FD27-45AA-A71E-975179497EAD}C:\program files (x86)\bitcomet\bitcomet.exe" [In-None-P6-TRUE] .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\program files (x86)\bitcomet\bitcomet.exe O87 - FAEL: "{D110624B-F743-41C8-9EC1-28983D0D5F96}" [In-None-P17-TRUE] .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe O87 - FAEL: "{D75B5E5F-42A0-4787-87C9-86735C98AB0F}" [In-None-P6-TRUE] .(.www.BitComet.com - BitComet - a BitTorrent Client.) -- C:\Program Files (x86)\BitComet\BitComet.exe ---\\ Additional Scan (O88) (7) - 0s C:\WINDOWS\Tasks\AutoKMS.job =>HackTool.AutoKMS C:\WINDOWS\System32\Tasks\AutoKMS =>HackTool.AutoKMS HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Heuristic.Suspect HKLM\SOFTWARE\Wow6432Node\CD2614266816DA107F6AEBE320D1A132 =>PUP.Optional.CrossRider HKCU\SOFTWARE\CD2614266816DA107F6AEBE320D1A132 =>PUP.Optional.CrossRider C:\Program Files (x86)\QuickTime =>Riskware.QuickTime ---\\ Summary of the elements found (7) - 0s https://www.anti-malware.top/2016/05/04/hacktool-autokms/ =>HackTool.AutoKMS https://www.nicolascoolman.com/fr/?p=596 =>PUP.Optional.SweetPage https://www.anti-malware.top/2016/04/22/heuristic-suspect/ =>Heuristic.Suspect https://www.anti-malware.top/2016/04/30/pup-optional-crossrider/ =>PUP.Optional.CrossRider https://www.anti-malware.top/2016/04/21/riskware-quicktime/ =>Riskware.QuickTime https://www.nicolascoolman.com/fr/repaquetage-et_infections/ =>PUP.Optional.Boost https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.CloudfrontNet ~ End of the scan, 90796 items in 00h02mn17s (1524)