~ ZHPDiag v2016.8.10.130 By Nicolas Coolman (2016/08/10) ~ Run by mourad (Administrator) (2016/08/10 18:42:41) ~ Web: https://www.nicolascoolman.com ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: ~ Mode: Scan ~ Report: C:\Users\mourad\Desktop\ZHPDiag.txt ~ Report: C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601) ---\\ Internet Browsers (3) - 0s GCIE: Google Chrome v52.0.2743.116 MFIE: Mozilla Firefox 48.0 (x64 en-US) MSIE: Internet Explorer v8.0.7601.17514 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : KO ---\\ System protection software (2) - 11s Avira Antivirus v15.0.18.354 Avira Launcher v1.1.67.18988 ---\\ Surveillance software (1) - 15s Adobe Flash Player 22 PPAPI ---\\ Sharing software PeerToPeer (1) - 16s µTorrent v3.4.6.42094 ---\\ Information on the system (6) - 0s ~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel ~ Operating System: 64-bit ~ Boot mode: Normal (Normal boot) Total RAM: 3005.624 MB (37% free) System Restore: Activé (Enable) System drive C: has 2 GB () free of 83 GB =>Alerte espace disque inférieur à 20 Go ---\\ Connection to the system mode (3) - 0s ~ Computer Name: ANDRIOD-5437890 ~ User Name: mourad ~ Logged in as Administrator ---\\ Enumeration of the disk units (3) - 0s ~ Drive C: has 2 GB free of 83 GB (System) ~ Drive D: has 0 GB free of 68 GB ~ Drive F: has 0 GB free of 1 GB ---\\ State of the Windows Security Center (11) - 1s [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (25) - 2s [MD5.AC4C51EB24AA95B77F705AB159189E24] - 20/11/2010 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2872320] =>.Microsoft Corporation [MD5.DD81D91FF3B0763C392422865C9AC12E] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [45568] =>.Microsoft Corporation [MD5.94355C28C1970635A31B3FE52EB7CEBA] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [129024] =>.Microsoft Corporation [MD5.F6C5302E1F4813D552F41A0AC82455E5] - 20/11/2010 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1188864] =>.Microsoft Corporation [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - 20/11/2010 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [390656] =>.Microsoft Corporation [MD5.067FA52BFB59A56110A12312EF9AF243] - 20/11/2010 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [232448] =>.Microsoft Corporation [MD5.A52B6CC24063CC83C78C0E6F24DEEC01] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [357888] =>.Microsoft Corporation [MD5.59DF156711A76BCB993253EC6C9BBF41] - 20/11/2010 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\Syswow64\dnsapi.dll [270336] =>.Microsoft Corporation [MD5.D31DC7A16DEA4A9BAF179F3D6FBDB38C] - 20/11/2010 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [499712] =>.Microsoft Corporation [MD5.02062C0B390B7729EDC9E69C680A6F3C] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [24128] =>.Microsoft Windows® [MD5.B8BD2BB284668C84865658C77574381A] - 13/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [92160] =>.Microsoft Corporation [MD5.F036CE71586E93D94DAB220D7BDF4416] - 20/11/2010 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [147456] =>.Microsoft Corporation [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - 20/11/2010 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [102400] =>.Microsoft Corporation [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - 20/11/2010 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [122368] =>.Microsoft Corporation [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - 13/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [105472] =>.Microsoft Corporation [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [116224] =>.Microsoft Corporation [MD5.FAF015B07E3A2874A790A39B7D2C579F] - 20/11/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [158208] =>.Microsoft Corporation [MD5.09594D1089C523423B32A4229263F068] - 20/11/2010 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [261632] =>.Microsoft Corporation [MD5.05D78AA5CB5F3F5C31160BDB955D0B7C] - 20/11/2010 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1659776] =>.Microsoft Windows® [MD5.0086431C29C35BE1DBC43F52CC273887] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [97280] =>.Microsoft Corporation [MD5.471815800AE33E6F1C32FB1B97C490CA] - 20/11/2010 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [129536] =>.Microsoft Corporation [MD5.1B6163C503398B23FF8B939C67747683] - 20/11/2010 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [165888] =>.Microsoft Corporation [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [93184] =>.Microsoft Corporation [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - 20/11/2010 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [119296] =>.Microsoft Corporation [MD5.0D08D2F3B3FF84E433346669B5E0F639] - 20/11/2010 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [295808] =>.Microsoft Windows® ---\\ Non Microsoft non disabled Windows Services (16) - 4s O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation - LSI Soft Modem Call Progress Service.) - C:\Program Files\LSI SoftModem\agr64svc.exe =>.LSI Corporation O23 - Service: Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated - AGS Service.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® O23 - Service: Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG - Avira Service Host.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG® O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products® O23 - Service: Servicio de Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® O23 - Service: Hotspot Shield Service (hshld) . (.AnchorFree Inc. - Hotspot Shield 5.4.6.) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc® O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® O23 - Service: OpenDHCPServer (OpenDHCPServer) . (...) - C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.) O23 - Service: Microsoft32 (Service1) . (...) - C:\Windows\syswow64\dwm Service.exe (.not file.) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.® O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe =>.Intel(R) Software Development Products® ---\\ Services not Microsoft (SR=Run, SS=Stop) (26) - 248s SS - Demand [09/08/2016] [ 270016] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated® SR - Auto [27/03/2009] [ 16896] Agere Modem Call Progress Audio (AgereModemAudio) . (.LSI Corporation.) - C:\Program Files\LSI SoftModem\agr64svc.exe =>.LSI Corporation SR - Auto [05/04/2016] [ 2021592] Adobe Genuine Software Integrity Service (AGSService) . (.Adobe Systems, Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe =>.Adobe Systems Incorporated® SS - Auto [28/07/2016] [ 989696] Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [28/07/2016] [ 472112] Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [28/07/2016] [ 472112] Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe =>.Avira Operations GmbH & Co. KG® SS - Auto [28/07/2016] [ 1453696] Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe =>.Avira Operations GmbH & Co. KG® SR - Auto [11/07/2016] [ 309384] Avira Service Host (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe =>.Avira Operations GmbH & Co. KG® SS - Demand [14/12/2015] [ 432792] BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe =>.Bluestack Systems, Inc.® SS - Demand [14/12/2015] [ 412312] BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe =>.Bluestack Systems, Inc.® SS - Demand [14/12/2015] [ 854680] BlueStacks Updater Service (BstHdUpdaterSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe =>.Bluestack Systems, Inc.® SR - Auto [27/11/2013] [ 3105144] CodeMeter Runtime Server (CodeMeter.exe) . (.WIBU-SYSTEMS AG.) - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe =>.WIBU-SYSTEMS AG® SR - Auto [14/09/2015] [ 414360] Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products® SS - Auto [22/11/2015] [ 144200] Servicio de Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SS - Demand [22/11/2015] [ 144200] Servicio de Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc® SR - Auto [19/07/2016] [ 2729592] Hotspot Shield Service (hshld) . (.AnchorFree Inc..) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe =>.AnchorFree Inc® SS - Demand [19/07/2016] [ 103168] Hotspot Shield Tray Service (HssTrayService) . (...) - C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE =>.AnchorFree Inc® SS - Disabl [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation® SS - Auto [10/03/2016] [ 1136608] (MBAMService) . (.Malwarebytes.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation® SS - Demand [26/07/2016] [ 167880] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation® SR - Auto [08/01/2016] [ 754784] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe =>.Samsung Electronics CO., LTD.® SS - Demand [19/02/2010] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe =>.Adobe Systems Incorporated SS - Auto [14/09/2015] [ 112792] Intel(R) System Usage Report Service SystemUsageReportSvc_W (SystemUsageReportSvc_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe =>.Intel(R) Software Development Products® SS - Demand [14/09/2015] [ 414360] User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) . (.Copyright (C) 2015 Intel Corporation. All rights rese.) - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe =>.Intel(R) Software Development Products® SS - Demand [28/01/2016] [ 115976] Wondershare Driver Install Service (WsDrvInst) . (.Wondershare.) - C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.® ---\\ Process running (26) - 8s [MD5.BB3BAB4F1502328C4FB6CCA3C8114F39] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\sched.exe [472112] [PID.1536] =>.Avira Operations GmbH & Co. KG® [MD5.B65F8DBA54F251906BBE8611B5A0E7AB] - (.LSI Corporation - LSI Soft Modem Call Progress Service.) -- C:\Program Files\LSI SoftModem\agr64svc.exe [16896] [PID.1732] =>.LSI Corporation [MD5.C17171E63E84F5711DF23B8F1E7A100E] - (.Adobe Systems, Incorporated - AGS Service.) -- C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592] [PID.1760] =>.Adobe Systems Incorporated® [MD5.BB3BAB4F1502328C4FB6CCA3C8114F39] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\Antivirus\avguard.exe [472112] [PID.1804] =>.Avira Operations GmbH & Co. KG® [MD5.379A8E0E11D3DECE5F64A0F58DCBBC25] - (.AnchorFree Inc. - Hotspot Shield 5.4.6.) -- C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2729592] [PID.1888] =>.AnchorFree Inc® [MD5.79115ABD7B7B770BBE505D952442AA3E] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [365592] [PID.2308] =>.Intel Corporation® [MD5.AE3B44E4973E1907A86AA5290C695E94] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\System32\igfxsrvc.exe [510960] [PID.2344] =>.Intel Corporation - Software and Firmware Products® [MD5.7DB9E612A2742ACEAB080B882E83141C] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784] [PID.2508] =>.Samsung Electronics CO., LTD.® [MD5.A8F20318ECF54999E521CEB608027097] - (.TOSHIBA CORPORATION - BtMon4.) -- C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon2.exe [91464] [PID.2636] =>.TOSHIBA CORPORATION® [MD5.07F7114C29FD873E17111249F771B4A0] - (.TOSHIBA CORPORATION - BtMon4.) -- C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon64.exe [107848] [PID.2704] =>.TOSHIBA CORPORATION® [MD5.7444E0F4C9991AE3711F5FAB5DB257E1] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831064] [PID.2784] =>.Avira Operations GmbH & Co. KG® [MD5.6A9838B3761D585B28206BBB51F34516] - (...) -- C:\Program Files (x86)\DFX\DFX.exe [1328632] [PID.2792] [MD5.F719084EF96E26AAB0BE9E90BC49203E] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe [133624] [PID.3024] =>.Power Technology® [MD5.66990EF40812633B84FA0964BCA5E954] - (.Copyright © 2013 FXsound.com, a subsidiary of Power T - DFX.) -- C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe [134648] [PID.3032] =>.Power Technology® [MD5.B289C20C10B241F6016FECD92B267098] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [275512] [PID.2832] =>.Tonec Inc.® [MD5.8256846E20B6F451A4A6B2EAD057FF25] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files (x86)\Avira\Antivirus\avshadow.exe [1042232] [PID.3096] =>.Avira Operations GmbH & Co. KG® [MD5.5F0C87F2FA11C991BB93B84BD02151B3] - (.Avira Operations GmbH & Co. KG - Avira Service Host.) -- C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [309384] [PID.3744] =>.Avira Operations GmbH & Co. KG® [MD5.F97961FD74E83E3E96DB45B69B33B157] - (.WIBU-SYSTEMS AG - CodeMeter Runtime Server.) -- C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [3105144] [PID.2540] =>.WIBU-SYSTEMS AG® [MD5.9BB8368CAAB57E0431ADBA1D13DC4ED5] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe [458904] [PID.4200] =>.Intel(R) Software Development Products® [MD5.0E452B882FEEFCEFF3A8225B89393D1D] - (.Avira Operations GmbH & Co. KG - Avira Launcher.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [151776] [PID.1152] =>.Avira Operations GmbH & Co. KG® [MD5.359818737539FFA646FD8EFB75378AAF] - (.Copyright (C) 2015 Intel Corporation. All rights rese - Intel(R) System Usage Report.) -- C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [414360] [PID.1008] =>.Intel(R) Software Development Products® [MD5.B91D667649661B64063D469B06723F42] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [399816] [PID.3688] =>.Mozilla Corporation® [MD5.49B9E1A9142DB150A2F80DD46F93EA11] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3966064] [PID.5584] =>.Tonec Inc.® [MD5.E4EBD7E36C71923B336F118C55150544] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe [2285568] [PID.5496] =>.Nicolas Coolman [MD5.D49005D77A4F49F97CFD13808407A36C] - (.Microsoft Game Studios - Setup Launcher.) -- C:\Users\mourad\Desktop\AgeOfEmpire3Setupwww.download.ir\Age_Of_Empire_3_Setup_www.download.ir\AOE III DISC 1\setup.exe [311296] [PID.4960] =>.Microsoft Game Studios [MD5.1D461686B0E32F2DECB587C895A05402] - (.Macrovision Corporation - InstallShield (R) 64-bit Setup Engine.) -- C:\Users\mourad\AppData\Local\Temp\{3D7E40C0-992C-4E72-A083-840D4DF4318A}\ISBEW64.exe [120240] [PID.3968] =>.Macrovision Corporation® ---\\ Google Chrome, Start,Search,Extensions (19) - 4s G0 - GCSP: Preferences [User Data\Default][HomePage] http://icm.avira.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://api.mixpanel.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://download.avira.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://offers.avira.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://v2.auc.avira.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com G2 - GCE: Preference [User Data\Default] [ablpcikjmhamjanpibkccdmpoekjigja] __MSG_extName__ G2 - GCE: Preference [User Data\Default] [cpegcopcfajiiibidlaelhjjblpefbjk] __MSG_extName__ G2 - GCE: Preference [User Data\Default] [fdjdjkkjoiomafnihnobkinnfjnnlhdg] Советник Яндекс.Маркета G2 - GCE: Preference [User Data\Default] [flliilndjeohchalpbbcdekjklbdgfkk] Avira Browser Safety G2 - GCE: Preference [User Data\Default] [gdljkkmghdkckhaogaemgbgdfophkfco] __MSG_extName__ G2 - GCE: Preference [User Data\Default] [gidgenkbbabolejbgbpnhbimgjbffefm] Vysor G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 13s P2 - EXT FILE: (.Plebicom - Barre d'outils eBuyClub.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\ebctb@plebicom.xul.xpi P2 - EXT FILE: (.Hotspot Shield Free VPN Proxy – Unblock Sites - Unblock any blocked website or content.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\hotspot-shield@anchorfree.com.xpi P2 - EXT FILE: (.Text to Voice - .) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\text2voice@vik.josh.xpi P2 - EXT FILE: (.Ikrg - RightToClick.) -- C:\Users\mourad\AppData\Roaming\Mozilla\Firefox\Profiles\cbabaezd.default-1460330565581\extensions\{cd617375-6743-4ee8-bac4-fbf10f35729e}.xpi P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll =>.Adobe Systems Incorporated ---\\ Internet Explorer Extensions, Start, Search (8) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.babal.net/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\System32\Userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.) =>.Microsoft Corporation ---\\ Hosts file redirection (1) - 2s ~ Le fichier hôte est sain (The hosts file is clean) (51) ---\\ Browser Helper Object (BHO) (3) - 0s O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.® O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll =>.Oracle America, Inc.® O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll =>.Oracle America, Inc.® ---\\ Internet Explorer Toolbars (1) - 1s O3 - Toolbar: 0x464CB804BB5A6B47A7D740435D9AE611 - [HKCU]{04B84C46-5ABB-476B-A7D7-40435D9AE611} . (...) -- (.not file.) ---\\ Auto loading programs from Registry and folders (17) - 2s O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe =>.Intel Corporation - Software and Firmware Products® O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe =>.Intel Corporation® O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - HKCU\..\Run: [AdobeBridge] (Orphan) O4 - HKCU\..\Run: [Jump Connect] C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\4.9.8.0\JumpConnect.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [Avira SystrayStartTrigger] . (.Avira Operations GmbH & Co. KG - Avira Launcher.) -- C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe =>.Avira Operations GmbH & Co. KG® O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe =>.Avira Operations GmbH & Co. KG® O4 - HKLM\..\Wow6432Node\Run: [Antamedia DBServer] C:\Antamedia\DBServer\ADBServer.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [Antamedia DBServer AsService] (Orphan) O4 - HKLM\..\Wow6432Node\Run: [DFX] . (...) -- C:\Program Files (x86)\DFX\DFX.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [AdobeBridge] (Orphan) O4 - HKUS\S-1-5-21-454156101-2345760694-676353058-1000\..\Run: [Jump Connect] C:\Program Files (x86)\Phase Five Systems\Jump Desktop Connect\4.9.8.0\JumpConnect.exe (.not file.) ---\\ Global shortcuts Startup (102) - 68s O4 - GS\Desktop [Administrador]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd. O4 - GS\Desktop [Administrador]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L. O4 - GS\Desktop [Administrador]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies® O4 - GS\Desktop [Administrador]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc® O4 - GS\Desktop [Administrador]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe O4 - GS\Desktop [Administrador]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - GS\Desktop [Administrador]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team O4 - GS\Desktop [Administrador]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845} O4 - GS\Desktop [Administrador]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC} O4 - GS\Desktop [Administrador]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Administrador]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L. O4 - GS\Quicklaunch [Administrador]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.® O4 - GS\Quicklaunch [Administrador]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16} O4 - GS\Quicklaunch [Administrador]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies® O4 - GS\Quicklaunch [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Administrador]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe O4 - GS\Quicklaunch [Administrador]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41} O4 - GS\Quicklaunch [Administrador]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation O4 - GS\Quicklaunch [Administrador]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrador]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrador]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Administrador]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.® O4 - GS\Quicklaunch [Administrador]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.® O4 - GS\Quicklaunch [Administrador]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe O4 - GS\sendTo [Administrador]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe O4 - GS\sendTo [Administrador]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe O4 - GS\sendTo [Administrador]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.® O4 - GS\sendTo [Administrador]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.® O4 - GS\sendTo [Administrador]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.® O4 - GS\TaskBar [Administrador]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Desktop [Invitado]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd. O4 - GS\Desktop [Invitado]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L. O4 - GS\Desktop [Invitado]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies® O4 - GS\Desktop [Invitado]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc® O4 - GS\Desktop [Invitado]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe O4 - GS\Desktop [Invitado]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - GS\Desktop [Invitado]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team O4 - GS\Desktop [Invitado]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845} O4 - GS\Desktop [Invitado]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC} O4 - GS\Desktop [Invitado]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [Invitado]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L. O4 - GS\Quicklaunch [Invitado]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.® O4 - GS\Quicklaunch [Invitado]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16} O4 - GS\Quicklaunch [Invitado]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies® O4 - GS\Quicklaunch [Invitado]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [Invitado]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe O4 - GS\Quicklaunch [Invitado]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41} O4 - GS\Quicklaunch [Invitado]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation O4 - GS\Quicklaunch [Invitado]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Invitado]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Invitado]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [Invitado]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.® O4 - GS\Quicklaunch [Invitado]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.® O4 - GS\Quicklaunch [Invitado]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe O4 - GS\sendTo [Invitado]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe O4 - GS\sendTo [Invitado]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe O4 - GS\sendTo [Invitado]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.® O4 - GS\sendTo [Invitado]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.® O4 - GS\sendTo [Invitado]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.® O4 - GS\TaskBar [Invitado]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\Desktop [mourad]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe =>.Online Media Technologies Ltd. O4 - GS\Desktop [mourad]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - .) C:\Program Files (x86)\CyberGhost 6\CyberGhost.exe =>.CyberGhost S.R.L. O4 - GS\Desktop [mourad]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies® O4 - GS\Desktop [mourad]: Google Earth Pro.lnk . (.Google - Google Earth.) C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe =>.Google Inc® O4 - GS\Desktop [mourad]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\HitLeap_Viewer.exe O4 - GS\Desktop [mourad]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) C:\Program Files (x86)\Internet Download Manager\IDMan.exe =>.Tonec Inc.® O4 - GS\Desktop [mourad]: Media Player Classic.lnk . (.MPC-HC Team - MPC-HC x64.) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe =>.MPC-HC Team O4 - GS\Desktop [mourad]: WhatsApp.lnk . (...) C:\Users\mourad\AppData\Local\WhatsApp\Update.exe {046660C4A56E0FD7E8FAC0B7BA03A845} O4 - GS\Desktop [mourad]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC} O4 - GS\Desktop [mourad]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\mourad\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman O4 - GS\Quicklaunch [mourad]: CyberGhost 6.lnk . (.CyberGhost S.R.L. - CyberGhost.) C:\Program Files\CyberGhost 6\CyberGhost.exe {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L. O4 - GS\Quicklaunch [mourad]: EaseUS Partition Master 10.8.lnk . (...) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EPMStartLoader.exe =>.CHENGDU YIWO Tech Development Co., Ltd.® O4 - GS\Quicklaunch [mourad]: EveryonePiano.lnk . (.EveryonePiano Inc. - EveryonePiano.com.) C:\Program Files (x86)\EveryonePiano\EveryonePiano.exe {5BBACF0F21A9FD49D7052465D8766E16} O4 - GS\Quicklaunch [mourad]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies® O4 - GS\Quicklaunch [mourad]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O4 - GS\Quicklaunch [mourad]: Kat MP3 Recorder.lnk . (.Copyright © 2008 GoodKatShare.com - Kat MP3 Recorder.) C:\Program Files (x86)\Kat MP3 Recorder\Kat MP3 Recorder.exe O4 - GS\Quicklaunch [mourad]: LeapFTP.lnk . (.LeapWare - Secure File Transfer Client.) C:\Program Files (x86)\LeapFTP 3.0\LeapFTP.exe {7A8AE6A6E5FD53D9195B8B38590E5F41} O4 - GS\Quicklaunch [mourad]: Oracle VM VirtualBox.lnk . (.Oracle Corporation - .) C:\Program Files (x86)\Oracle\VirtualBox\VirtualBox.exe =>.Oracle Corporation O4 - GS\Quicklaunch [mourad]: Samsung Kies (Lite).lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [mourad]: Samsung Kies 3.lnk . (.Samsung - Kies.) C:\Program Files (x86)\Samsung\Kies3\Kies3.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [mourad]: Samsung Kies.lnk . (...) C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe =>.Samsung Electronics CO., LTD.® O4 - GS\Quicklaunch [mourad]: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSGuide.exe =>.SAMSUNG ELECTRONICS CO.,LTD.® O4 - GS\Quicklaunch [mourad]: Wondershare Video Converter Ultimate.lnk . (.Wondershare Software - Wondershare Video Converter Ultimate.) C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe =>.Shenzhen Wondershare Information Technology Co., Ltd.® O4 - GS\Quicklaunch [mourad]: Xilisoft Video Converter Platinum.lnk . (...) C:\Program Files (x86)\Xilisoft\Video Converter Platinum\vcloader.exe O4 - GS\sendTo [mourad]: Advanced JPEG Compressor (open).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe O4 - GS\sendTo [mourad]: Advanced JPEG Compressor (process...).lnk . (.WinSoftMagic Inc. - Advanced JPEG Compressor for Windows.) C:\Program Files (x86)\Advanced JPEG Compressor\ajc.exe O4 - GS\sendTo [mourad]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe =>.Online Media Technologies Ltd.® O4 - GS\sendTo [mourad]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe =>.Online Media Technologies Ltd.® O4 - GS\sendTo [mourad]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe =>.Online Media Technologies Ltd.® O4 - GS\TaskBar [mourad]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: Avira Launcher.lnk . (.Avira Operations GmbH & Co. KG - Avira Launcher.) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe =>.Avira Operations GmbH & Co. KG® O4 - GS\CommonDesktop [Public]: Bighits4U Viewer 3.0.lnk . (.Copyright © 2015 - Bighits4U Viewer.) C:\Program Files (x86)\Bighits4U Viewer 3.0\Bighits4U Viewer.exe O4 - GS\CommonDesktop [Public]: BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks App Player.) C:\ProgramData\BlueStacksGameManager\BlueStacks.exe =>.Bluestack Systems, Inc.® O4 - GS\CommonDesktop [Public]: FastStone Capture.lnk . (.FastStone Soft - FastStone Capture.) C:\Program Files (x86)\FastStone Capture\FSCapture.exe =>.FastStone Soft O4 - GS\CommonDesktop [Public]: Genymotion.lnk . (...) C:\Program Files (x86)\Genymobile\Genymotion\genymotion.exe O4 - GS\CommonDesktop [Public]: Hotspot Shield.lnk . (.AnchorFree Inc. - Hotspot Shield 5.4.6.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe =>.AnchorFree Inc® O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O4 - GS\CommonDesktop [Public]: WiFi HotSpot Creator.lnk . (.DanuSoft - WiFi HotSpot Creator.) C:\Program Files (x86)\DanuSoft\WiFi HotSpot Creator\WiFi HotSpot Creator.exe O4 - GS\Startup [Public]: Bluetooth Monitor.lnk . (.TOSHIBA CORPORATION - BtMon4.) C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe =>.TOSHIBA CORPORATION® O4 - GS\Programs [Public]: GameRanger.lnk . (.GameRanger Technologies - GameRanger.) C:\Users\mourad\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe =>.GameRanger Technologies® O4 - GS\Programs [Public]: HitLeap Viewer.lnk . (...) C:\Users\mourad\AppData\Roaming\Microsoft\Installer\{31B12C11-AE4E-479F-8D6D-242DC265368D}\favicon.exe O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) C:\Windows\system32\taskschd.msc ---\\ Lop.com/Domain Hijackers (3) - 1s O17 - HKLM\System\CCS\Services\Tcpip\..\{F6022B23-CFA9-455A-A514-E928E65E7A09}: NameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{08B1291A-1623-40D7-AC20-2EBA71FEC140}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{BE9E45B3-5A5F-41F6-BED6-1F6254ABE04C}: DhcpNameServer = 192.168.3.1 192.168.3.1 ---\\ Extra protocols (22) - 1s O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll =>.Microsoft Corporation O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll =>.Microsoft Corporation O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll =>.Microsoft Corporation O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll =>.Microsoft Corporation O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation® O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll =>.Microsoft Corporation ---\\ Software installed (77) - 202s O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>.BitTorrent Inc® O42 - Logiciel: 7-Data Recovery Suite version 3.6.0 - (.SharpNight Co,Ltd.) [HKLM][64Bits] -- {02386A56-080B-485c-941D-AF96B29140DD}_is1 =>.SharpNight Co,Ltd O42 - Logiciel: Adobe After Effects CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4817D846-700B-474E-A31B-80892B3E92E3} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {FE23D063-934D-4829-A0D8-00634CE79B4A} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 22 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 22 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Flash Player 22 PPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player PPAPI =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 =>.Adobe Systems Incorporated O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} =>.Adobe Systems Incorporated® O42 - Logiciel: Adobe Photoshop CS6 patch by zaxo7 1.00 - (...) [HKLM][64Bits] -- Adobe Photoshop CS6 patch by zaxo7 1.00 O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player =>.Adobe Systems, Inc. O42 - Logiciel: Avira Antivirus v15.0.18.354 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- Avira Antivirus =>.Avira Operations GmbH & Co. KG® O42 - Logiciel: Avira Launcher v1.1.67.18988 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {92a7fd6b-31e5-472f-862e-79214c5032ef} =>.Avira Operations GmbH & Co. KG® O42 - Logiciel: Avira Launcher v1.1.67.18988 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- {A6634D1D-EA57-45DE-AF8F-0EDD35B912C3} =>.Avira Operations GmbH & Co. KG O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {EFA0FC40-7D96-4515-9715-7C0C5D872326} =>.BlueStack Systems, Inc. O42 - Logiciel: Bluetooth Monitor 4 - (.TOSHIBA.) [HKLM][64Bits] -- {61539202-097E-487E-9237-B291AB56D54C} =>.Macrovision Corporation® O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>.Piriform Ltd® O42 - Logiciel: CyberGhost 6 - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost 6_is1 {008A83DCBD56B8AF121E8A95157494BCFB} =>.CyberGhost S.R.L. O42 - Logiciel: DFX - (.Power Technology.) [HKLM][64Bits] -- DFX =>.Power Technology O42 - Logiciel: FastStone Capture 7.4 - (.FastStone Soft.) [HKLM][64Bits] -- FastStone Capture =>.FastStone Soft O42 - Logiciel: GameRanger - (.GameRanger Technologies.) [HKCU][64Bits] -- GameRanger =>.GameRanger Technologies® O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc® O42 - Logiciel: Google Earth Pro - (.Google.) [HKLM][64Bits] -- {35DAA04C-1720-4BE3-A920-A03731EC6A1D} =>.Google O42 - Logiciel: Google Talk Plugin - (.Google.) [HKLM][64Bits] -- {F9B579C2-D854-300A-BE62-A09EB9D722E4} =>.Google O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc. O42 - Logiciel: HitLeap Viewer 2.8 - (.HitLeap Ltd..) [HKLM][64Bits] -- {31B12C11-AE4E-479F-8D6D-242DC265368D} =>.HitLeap Ltd. O42 - Logiciel: Hotspot Shield 5.4.6 - (.AnchorFree Inc..) [HKLM][64Bits] -- HotspotShield =>.AnchorFree Inc® O42 - Logiciel: Hotspot Shield 5.4.6 Embedded - (.Buildbot.) [HKLM][64Bits] -- {AF599C42-A2E5-4251-B7EE-4925A1670923} =>.Buildbot O42 - Logiciel: IDMActivator-mrelhlawany25.12 25.12 - (.mrelhlawany.com.) [HKLM][64Bits] -- IDMActivator-mrelhlawany25.12 25.12 O42 - Logiciel: Intel(R) Driver Update Utility 2.2.0.5 - (.Intel.) [HKLM][64Bits] -- {C4FB3CF4-C845-4746-A9F5-476908266433} =>.Intel O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- HDMI =>.Intel Corporation® O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager =>.Tonec Inc.® O42 - Logiciel: Java 8 Update 65 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218065F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 65 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418065F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 66 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218066F0} =>.Oracle Corporation O42 - Logiciel: Java 8 Update 66 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86418066F0} =>.Oracle Corporation O42 - Logiciel: Java Auto Updater - (.Oracle Corporation.) [HKLM][64Bits] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Oracle Corporation O42 - Logiciel: Java SE Development Kit 8 Update 65 (64-bit) - (.Oracle Corporation.) [HKLM][64Bits] -- {64A3A4F4-B792-11D6-A78A-00B0D0180650} =>.Oracle Corporation O42 - Logiciel: Kat MP3 Recorder - (.GoodKatShare LLC.) [HKLM][64Bits] -- Kat MP3 Recorder O42 - Logiciel: Lagarith lossless video codec (Remove Only) - (...) [HKLM][64Bits] -- LAGARITH O42 - Logiciel: Mediatek RT2870 Wireless LAN Card - (.MediatekWiFi.) [HKLM][64Bits] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} =>.Microsoft Corporation O42 - Logiciel: Mozilla Firefox 48.0 (x64 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 48.0 (x64 en-US) =>.Mozilla Corporation® O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService =>.Mozilla O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} =>.Microsoft Corporation O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} =>.Microsoft Corporation O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM][64Bits] -- Notepad++ =>.Notepad++ Team O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA} =>.NVIDIA Corporation O42 - Logiciel: Oracle VM VirtualBox 5.0.4 - (.Oracle Corporation.) [HKLM][64Bits] -- {FC191F32-1A67-4231-91D0-0059A57C99A8} =>.Oracle Corporation O42 - Logiciel: PCSX2 - Playstation 2 Emulator - (...) [HKLM][64Bits] -- pcsx2 O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} =>.Adobe Systems Incorporated O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM][64Bits] -- PowerISO =>.Power Software Ltd O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp® O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A} =>.Samsung Electronics Co., Ltd. O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} =>.SAMSUNG ELECTRONICS CO.,LTD.® O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM][64Bits] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} =>.Samsung Electronics CO., LTD.® O42 - Logiciel: SliQ Submitter Plus - (.SliQTools.) [HKLM][64Bits] -- {37146DD2-013F-4344-82B6-F6D1F99C6F3E} O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} =>.Adobe Systems, Inc O42 - Logiciel: TAP-Windows 9.21.1 - (...) [HKLM][64Bits] -- TAP-Windows O42 - Logiciel: Unity Web Player - (.Unity Technologies ApS.) [HKCU][64Bits] -- UnityWebPlayer =>.Unity Technologies ApS O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {C0E08D8D-6076-4117-B644-2AF34F35B757} =>.ClockworkMod O42 - Logiciel: Universal Adb Driver - (.ClockworkMod.) [HKLM][64Bits] -- {D9C4202E-6D51-4B06-A8F1-22316E654BCA} =>.ClockworkMod O42 - Logiciel: UnLock Root Pro 3.36 - (.Unlcokroot.) [HKLM][64Bits] -- UnLock Root Pro O42 - Logiciel: WhatsApp - (.WhatsApp.) [HKCU][64Bits] -- WhatsApp {046660C4A56E0FD7E8FAC0B7BA03A845} O42 - Logiciel: WiFi HotSpot Creator - (.DanuSoft.) [HKLM][64Bits] -- {C37344E7-A9A9-4E1F-993C-73AEF17BFDC0} O42 - Logiciel: WinDirStat 1.1.2 - (...) [HKCU][64Bits] -- WinDirStat O42 - Logiciel: Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/2 - (.Google, Inc..) [HKLM][64Bits] -- 092555911492C6959D2596D612F52DCA71881CA2 =>.Google, Inc. O42 - Logiciel: WinRAR 5.11 (32-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: WinRAR 5.30 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver =>.win.rar GmbH® O42 - Logiciel: ZTE USB Driver - (.ZTE Corporation.) [HKLM][64Bits] -- ZTE USB Driver =>.ZTE Corporation ---\\ HKCU & HKLM Software Keys (234) - 202s HKLM\SOFTWARE\Wow6432Node\Act-3D HKLM\SOFTWARE\Wow6432Node\Adobe HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies HKLM\SOFTWARE\Wow6432Node\Akella Games HKLM\SOFTWARE\Wow6432Node\Antamedia HKLM\SOFTWARE\Wow6432Node\AppDataLow HKLM\SOFTWARE\Wow6432Node\Apple Inc. HKLM\SOFTWARE\Wow6432Node\Ashampoo HKLM\SOFTWARE\Wow6432Node\Atari HKLM\SOFTWARE\Wow6432Node\AVAST Software HKLM\SOFTWARE\Wow6432Node\Avira HKLM\SOFTWARE\Wow6432Node\AVS4YOU HKLM\SOFTWARE\Wow6432Node\Baidu HKLM\SOFTWARE\Wow6432Node\BlueStacks HKLM\SOFTWARE\Wow6432Node\BlueStacksGameManager HKLM\SOFTWARE\Wow6432Node\Cygwin HKLM\SOFTWARE\Wow6432Node\DanuSoft HKLM\SOFTWARE\Wow6432Node\DC-Unlocker HKLM\SOFTWARE\Wow6432Node\DFX HKLM\SOFTWARE\Wow6432Node\EA Games HKLM\SOFTWARE\Wow6432Node\EaseUS HKLM\SOFTWARE\Wow6432Node\Electronic Arts HKLM\SOFTWARE\Wow6432Node\Forward Development HKLM\SOFTWARE\Wow6432Node\fv HKLM\SOFTWARE\Wow6432Node\fwc HKLM\SOFTWARE\Wow6432Node\Garmin HKLM\SOFTWARE\Wow6432Node\GNU HKLM\SOFTWARE\Wow6432Node\Google HKLM\SOFTWARE\Wow6432Node\HaaliMkx HKLM\SOFTWARE\Wow6432Node\honestech HKLM\SOFTWARE\Wow6432Node\HotspotShield HKLM\SOFTWARE\Wow6432Node\HotspotShield MSI HKLM\SOFTWARE\Wow6432Node\Huawei technologies HKLM\SOFTWARE\Wow6432Node\Icaros HKLM\SOFTWARE\Wow6432Node\Innovative Solutions HKLM\SOFTWARE\Wow6432Node\InstallShield HKLM\SOFTWARE\Wow6432Node\Intel HKLM\SOFTWARE\Wow6432Node\Internet Download Manager HKLM\SOFTWARE\Wow6432Node\IObit HKLM\SOFTWARE\Wow6432Node\JavaSoft HKLM\SOFTWARE\Wow6432Node\JreMetrics HKLM\SOFTWARE\Wow6432Node\Kat MP3 Recorder HKLM\SOFTWARE\Wow6432Node\KLCodecPack HKLM\SOFTWARE\Wow6432Node\LAV HKLM\SOFTWARE\Wow6432Node\Lavasoft HKLM\SOFTWARE\Wow6432Node\LeapWare HKLM\SOFTWARE\Wow6432Node\LG Electronics HKLM\SOFTWARE\Wow6432Node\Licenses HKLM\SOFTWARE\Wow6432Node\Macromedia HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware HKLM\SOFTWARE\Wow6432Node\MarkAny HKLM\SOFTWARE\Wow6432Node\Mediatek HKLM\SOFTWARE\Wow6432Node\MediatekWiFi HKLM\SOFTWARE\Wow6432Node\Mozilla HKLM\SOFTWARE\Wow6432Node\mozilla.org HKLM\SOFTWARE\Wow6432Node\MozillaPlugins HKLM\SOFTWARE\Wow6432Node\Myfree Codec HKLM\SOFTWARE\Wow6432Node\NCH Software HKLM\SOFTWARE\Wow6432Node\Notepad++ HKLM\SOFTWARE\Wow6432Node\Nuance HKLM\SOFTWARE\Wow6432Node\ODBC HKLM\SOFTWARE\Wow6432Node\OpenVPN HKLM\SOFTWARE\Wow6432Node\Opera Software HKLM\SOFTWARE\Wow6432Node\PATHPILOT HKLM\SOFTWARE\Wow6432Node\PCSX2 HKLM\SOFTWARE\Wow6432Node\PowerISO HKLM\SOFTWARE\Wow6432Node\PowerTechnology HKLM\SOFTWARE\Wow6432Node\Rocket Division Software HKLM\SOFTWARE\Wow6432Node\RTWS2012 HKLM\SOFTWARE\Wow6432Node\Samsung HKLM\SOFTWARE\Wow6432Node\Skype HKLM\SOFTWARE\Wow6432Node\SoftEther Project HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft HKLM\SOFTWARE\Wow6432Node\Sony Corporation HKLM\SOFTWARE\Wow6432Node\SRS Labs HKLM\SOFTWARE\Wow6432Node\Steganos HKLM\SOFTWARE\Wow6432Node\Symantec HKLM\SOFTWARE\Wow6432Node\TeamViewer HKLM\SOFTWARE\Wow6432Node\TechSmith HKLM\SOFTWARE\Wow6432Node\ThinPrint HKLM\SOFTWARE\Wow6432Node\TOSHIBA HKLM\SOFTWARE\Wow6432Node\TrueSoftware HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia HKLM\SOFTWARE\Wow6432Node\VMware, Inc. HKLM\SOFTWARE\Wow6432Node\Volatile HKLM\SOFTWARE\Wow6432Node\Vstep HKLM\SOFTWARE\Wow6432Node\Web Solution Mart HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS HKLM\SOFTWARE\Wow6432Node\WinRAR HKLM\SOFTWARE\Wow6432Node\Wondershare HKLM\SOFTWARE\Wow6432Node\WondershareSysMenuDATA HKLM\SOFTWARE\Wow6432Node\Wow6432Node HKLM\SOFTWARE\Wow6432Node\X-AVCSD HKLM\SOFTWARE\Wow6432Node\Xilisoft HKLM\SOFTWARE\Wow6432Node\Yahoo =>.Yahoo! HKLM\SOFTWARE\Wow6432Node\ZTE Corporation HKLM\SOFTWARE\Wow6432Node\ZTEUSBDriverFlag HKLM\SOFTWARE\Wow6432Node\RegisteredApplications HKCU\SOFTWARE\8322898 HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\AI_RecycleBin HKCU\SOFTWARE\AnchorFree HKCU\SOFTWARE\Antamedia HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Apple Computer, Inc. HKCU\SOFTWARE\Apple Inc. HKCU\SOFTWARE\Ashampoo HKCU\SOFTWARE\astragon Software GmbH HKCU\SOFTWARE\Avira HKCU\SOFTWARE\AVS4YOU HKCU\SOFTWARE\Baidu HKCU\SOFTWARE\BitTorrent HKCU\SOFTWARE\BugSplat HKCU\SOFTWARE\BVRP Software HKCU\SOFTWARE\Camfrog HKCU\SOFTWARE\CatDaddyGames HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\ClockworkMod HKCU\SOFTWARE\csastats HKCU\SOFTWARE\CyberGhost HKCU\SOFTWARE\DFX HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\drpsu HKCU\SOFTWARE\EaseUS HKCU\SOFTWARE\EFD Software HKCU\SOFTWARE\ej-technologies HKCU\SOFTWARE\EpmNewsInfo HKCU\SOFTWARE\eSellerate HKCU\SOFTWARE\FastStone HKCU\SOFTWARE\FlashBoot HKCU\SOFTWARE\Forward Development HKCU\SOFTWARE\FreeAudioVideo HKCU\SOFTWARE\fv HKCU\SOFTWARE\fwc HKCU\SOFTWARE\GameRanger HKCU\SOFTWARE\GameSpy HKCU\SOFTWARE\Genymobile HKCU\SOFTWARE\GetData HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GRETECH HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Hetman Software HKCU\SOFTWARE\HitLeap HKCU\SOFTWARE\HmelyoffLabs HKCU\SOFTWARE\Hola HKCU\SOFTWARE\Icaros HKCU\SOFTWARE\IGA HKCU\SOFTWARE\Innovative Solutions HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\Jingling HKCU\SOFTWARE\join.me HKCU\SOFTWARE\Jump Desktop HKCU\SOFTWARE\JumpDesktop HKCU\SOFTWARE\Kungsoft HKCU\SOFTWARE\Lagarith HKCU\SOFTWARE\LG Electronics HKCU\SOFTWARE\Lightrock Entertainment HKCU\SOFTWARE\Local AppWizard-Generated Applications HKCU\SOFTWARE\LowRegistry HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Macrovision HKCU\SOFTWARE\madshi HKCU\SOFTWARE\Magicbit HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MediaChance HKCU\SOFTWARE\MediaInfo HKCU\SOFTWARE\MiniTool Solution Ltd. HKCU\SOFTWARE\Mobileleader HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\MPC-HC HKCU\SOFTWARE\MTK HKCU\SOFTWARE\Myfree Codec HKCU\SOFTWARE\NCH Software HKCU\SOFTWARE\none HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Oracle HKCU\SOFTWARE\PalTalk HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\PowerISO HKCU\SOFTWARE\pth264 HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\RegisteredApplications HKCU\SOFTWARE\RootGenius HKCU\SOFTWARE\RSUPPORT HKCU\SOFTWARE\Samsung HKCU\SOFTWARE\SCS Software HKCU\SOFTWARE\Seifert HKCU\SOFTWARE\SharpNight HKCU\SOFTWARE\SightSpeed Inc HKCU\SOFTWARE\SimpleTV by SergeyVS#3 HKCU\SOFTWARE\SoftEther Project HKCU\SOFTWARE\Sony Corporation HKCU\SOFTWARE\Sony Ericsson HKCU\SOFTWARE\SplitmediaLabs HKCU\SOFTWARE\Steganos HKCU\SOFTWARE\TAdvCheckList HKCU\SOFTWARE\TeamViewer HKCU\SOFTWARE\TechSmith HKCU\SOFTWARE\Telestream HKCU\SOFTWARE\thriXXX HKCU\SOFTWARE\TrafficTravisv4 HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\undefined =>.Superfluous.Downloader HKCU\SOFTWARE\Unity HKCU\SOFTWARE\URSoft HKCU\SOFTWARE\Valusoft HKCU\SOFTWARE\Valve HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\Web Solution Mart HKCU\SOFTWARE\Wi-Fi Hotspot HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\WinSoftMagic HKCU\SOFTWARE\Wireshark HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Wow6432Node HKCU\SOFTWARE\WsAudio_Device HKCU\SOFTWARE\WSVCUPlugin HKCU\SOFTWARE\Xenocode HKCU\SOFTWARE\Xilisoft HKCU\SOFTWARE\XperiFirm HKCU\SOFTWARE\Yahoo =>.Yahoo! HKCU\SOFTWARE\Yandex HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Yandex HKCU\SOFTWARE\AppDataLow\Software\Adobe HKCU\SOFTWARE\AppDataLow\Software\JavaSoft HKCU\SOFTWARE\AppDataLow\Software\MarkAny HKCU\SOFTWARE\AppDataLow\Software\ThinPrint HKCU\SOFTWARE\AppDataLow\Software\Unity ---\\ Contents of the Common Files folders (420) - 353s O43 - CFD: 22/03/2016 - [] D -- C:\Program Files\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 26/11/2015 - [0] D -- C:\Program Files\Apoint2K O43 - CFD: 04/10/2014 - [0] SHD -- C:\Program Files\Archivos comunes O43 - CFD: 05/10/2014 - [] D -- C:\Program Files\AuthenTec =>.AuthenTec, Inc.® O43 - CFD: 22/07/2016 - [] D -- C:\Program Files\ByteFence =>.Superfluous.ByteFence O43 - CFD: 04/12/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd® O43 - CFD: 27/03/2016 - [] D -- C:\Program Files\CodeMeter O43 - CFD: 29/05/2016 - [] D -- C:\Program Files\Common Files O43 - CFD: 04/11/2015 - [] D -- C:\Program Files\CPUID O43 - CFD: 05/08/2016 - [] D -- C:\Program Files\CyberGhost 6 {008A83DCBD56B8AF121E8A95157494BCFB} O43 - CFD: 23/07/2016 - [] D -- C:\Program Files\DIFX O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\DVD Maker O43 - CFD: 30/07/2016 - [] D -- C:\Program Files\EaseUS O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Farming Simulator 2009 Gold O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files\FlashBoot O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Genymobile O43 - CFD: 20/11/2015 - [] D -- C:\Program Files\Intel =>.Intel(R) Software Development Products® O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 27/12/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.® O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\LSI SoftModem O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 29/07/2016 - [] D -- C:\Program Files\MiniTool Partition Wizard Free 9.1 =>.MiniTool Solution Ltd® O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Mozilla Firefox =>.Mozilla Corporation® O43 - CFD: 10/04/2016 - [0] D -- C:\Program Files\MPC-HC O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\MSBuild O43 - CFD: 10/12/2015 - [] D -- C:\Program Files\NetPanel {411290C3B6985D1DD4202A51727A340B} O43 - CFD: 09/04/2016 - [] D -- C:\Program Files\OBS O43 - CFD: 09/02/2016 - [] D -- C:\Program Files\Oracle =>.Oracle Corporation® O43 - CFD: 07/11/2015 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics® O43 - CFD: 27/03/2016 - [0] D -- C:\Program Files\Recuva O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 07/04/2016 - [] D -- C:\Program Files\Samsung =>.Samsung Electronics CO., LTD.® O43 - CFD: 05/08/2016 - [] D -- C:\Program Files\SoftEther VPN Client Manager =>.SoftEther K.K.® O43 - CFD: 10/02/2016 - [] D -- C:\Program Files\TAP-Windows O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 17/07/2016 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 25/12/2015 - [] D -- C:\Program Files\Windows NT O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Portable Devices O43 - CFD: 08/12/2015 - [] D -- C:\Program Files\Windows Service O43 - CFD: 16/07/2016 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH® O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files\Wireshark O43 - CFD: 28/02/2016 - [] D -- C:\Program Files (x86)\3G ALWA O43 - CFD: 31/07/2016 - [] D -- C:\Program Files (x86)\7-Data Recovery Suite {658AA5BAA389249FEED00D4D30FA1167} O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\Adobe =>.Adobe Systems Incorporated® O43 - CFD: 14/01/2016 - [] D -- C:\Program Files (x86)\Adobe Media Player O43 - CFD: 08/11/2015 - [] D -- C:\Program Files (x86)\Advanced JPEG Compressor O43 - CFD: 08/08/2016 - [0] D -- C:\Program Files (x86)\Age of Empires II HD The Forgotten O43 - CFD: 23/07/2016 - [0] D -- C:\Program Files (x86)\ALMzor-G O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Android Data Recovery O43 - CFD: 15/01/2016 - [] D -- C:\Program Files (x86)\Ashampoo =>.Ashampoo GmbH & Co. KG® O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\AthTek O43 - CFD: 14/10/2015 - [0] D -- C:\Program Files (x86)\AutoHideIP O43 - CFD: 10/10/2015 - [] D -- C:\Program Files (x86)\Avira =>.Avira Operations GmbH & Co. KG® O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\AVS4YOU =>.Online Media Technologies Ltd.® O43 - CFD: 22/01/2016 - [] D -- C:\Program Files (x86)\awsd O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\baidu O43 - CFD: 04/05/2016 - [] D -- C:\Program Files (x86)\Bighits4U Viewer 3.0 O43 - CFD: 28/12/2015 - [] D -- C:\Program Files (x86)\BlueStacks O43 - CFD: 03/01/2016 - [0] D -- C:\Program Files (x86)\BusCableCarSimulator O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\ClockworkMod O43 - CFD: 20/11/2015 - [] D -- C:\Program Files (x86)\CodeMeter =>.WIBU-SYSTEMS AG® O43 - CFD: 29/05/2016 - [] D -- C:\Program Files (x86)\Common Files O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\DanuSoft O43 - CFD: 22/01/2016 - [0] D -- C:\Program Files (x86)\Demolition Company Demo O43 - CFD: 01/04/2016 - [] D -- C:\Program Files (x86)\Devolutions O43 - CFD: 16/02/2016 - [] D -- C:\Program Files (x86)\DFX O43 - CFD: 21/03/2016 - [] HD -- C:\Program Files (x86)\DrFoneAndroid_Temp O43 - CFD: 26/11/2015 - [] D -- C:\Program Files (x86)\DriverPack Notifier {257BEAC53AA38B99FD1B541811F6EE8F} O43 - CFD: 04/12/2015 - [] D -- C:\Program Files (x86)\EaseUS =>.CHENGDU YIWO Tech Development Co., Ltd.® O43 - CFD: 12/05/2016 - [] D -- C:\Program Files (x86)\Euro Truck Simulator 2 O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\EveryonePiano {5BBACF0F21A9FD49D7052465D8766E16} O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Fake Voice 7.0 O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Fake Webcam 7.4 {08C9327273D02B7091C71CD09C8A7D1A} O43 - CFD: 25/05/2016 - [] D -- C:\Program Files (x86)\Farming Simulator 2013 =>.GIANTS Software GmbH® O43 - CFD: 09/12/2015 - [] D -- C:\Program Files (x86)\FastStone Capture O43 - CFD: 19/05/2016 - [0] D -- C:\Program Files (x86)\Flash Memory Toolkit O43 - CFD: 15/10/2015 - [] D -- C:\Program Files (x86)\Forward Development O43 - CFD: 27/03/2016 - [] D -- C:\Program Files (x86)\GetData =>.GetData Pty Ltd® O43 - CFD: 22/11/2015 - [] D -- C:\Program Files (x86)\Google =>.Google Inc® O43 - CFD: 18/09/2015 - [] D -- C:\Program Files (x86)\GUM50E0.tmp =>.Google Inc® O43 - CFD: 10/11/2015 - [] D -- C:\Program Files (x86)\HitLeap =>.HitLeap Ltd.® O43 - CFD: 23/07/2016 - [] D -- C:\Program Files (x86)\honestech O43 - CFD: 21/07/2016 - [] D -- C:\Program Files (x86)\Hotspot Shield =>.AnchorFree Inc® O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\HSPA USB MODEM O43 - CFD: 19/02/2016 - [] D -- C:\Program Files (x86)\IDMActivator-mrelhlawany25.12 O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\Innovative Solutions O43 - CFD: 09/08/2016 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information =>.SAMSUNG ELECTRONICS CO.,LTD.® O43 - CFD: 27/11/2015 - [] D -- C:\Program Files (x86)\Intel O43 - CFD: 27/11/2015 - [] D -- C:\Program Files (x86)\Intel Driver Update Utility =>.Intel(R) Software Development Products® O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Internet Download Manager =>.Tonec Inc.® O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Internet Explorer O43 - CFD: 16/11/2015 - [] D -- C:\Program Files (x86)\IObit O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Java =>.Oracle America, Inc.® O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 23/07/2016 - [] D -- C:\Program Files (x86)\Kat MP3 Recorder O43 - CFD: 22/07/2016 - [0] D -- C:\Program Files (x86)\Kingo Android ROOT O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\LeapFTP 3.0 {7A8AE6A6E5FD53D9195B8B38590E5F41} O43 - CFD: 08/09/2015 - [] D -- C:\Program Files (x86)\LG Electronics O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Lightrock Entertainment O43 - CFD: 01/05/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation® O43 - CFD: 10/12/2015 - [] D -- C:\Program Files (x86)\MarkAny O43 - CFD: 16/03/2016 - [0] D -- C:\Program Files (x86)\mHotspot O43 - CFD: 10/08/2016 - [] D -- C:\Program Files (x86)\Microsoft Games O43 - CFD: 25/12/2015 - [] D -- C:\Program Files (x86)\Microsoft Silverlight =>.Microsoft Corporation® O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\Mobile Partner O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\Money Robot {0098D4F9B401AA7FB70AE7DC9C056354A7} O43 - CFD: 18/07/2016 - [] D -- C:\Program Files (x86)\Movistar Internet Movil =>.ZTE CORPORATION® O43 - CFD: 09/08/2016 - [0] D -- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service =>.Mozilla Corporation® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\MSBuild O43 - CFD: 06/12/2015 - [0] D -- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 19/11/2015 - [] D -- C:\Program Files (x86)\MyFree Codec O43 - CFD: 16/03/2016 - [0] D -- C:\Program Files (x86)\MyPublicWiFi O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\NCH Software O43 - CFD: 17/04/2016 - [] D -- C:\Program Files (x86)\Notepad++ =>.Notepad++® O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 09/04/2016 - [0] D -- C:\Program Files (x86)\OBS O43 - CFD: 22/07/2016 - [] D -- C:\Program Files (x86)\One Click Root O43 - CFD: 11/02/2016 - [] D -- C:\Program Files (x86)\PCSX2 1.4.0 O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Portable O43 - CFD: 10/05/2016 - [] D -- C:\Program Files (x86)\PowerISO =>.Power Software Ltd® O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 08/04/2016 - [0] D -- C:\Program Files (x86)\RSUPPORT O43 - CFD: 07/04/2016 - [] D -- C:\Program Files (x86)\Samsung =>.SAMSUNG ELECTRONICS CO.,LTD.® O43 - CFD: 03/04/2016 - [] D -- C:\Program Files (x86)\SliQTools {427848125931D57EC4B61C5D117A9E34} O43 - CFD: 09/11/2015 - [] D -- C:\Program Files (x86)\Sony {25BB963B3E935A88A62D1DD09CF34997} O43 - CFD: 29/10/2015 - [0] D -- C:\Program Files (x86)\Sony Mobile O43 - CFD: 16/04/2016 - [] D -- C:\Program Files (x86)\SplitmediaLabs O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files (x86)\Tanker Truck Simulator 2011 O43 - CFD: 20/04/2016 - [] D -- C:\Program Files (x86)\TechSmith O43 - CFD: 22/07/2016 - [] D -- C:\Program Files (x86)\Thinix O43 - CFD: 20/03/2016 - [] D -- C:\Program Files (x86)\thriXXX O43 - CFD: 08/08/2016 - [] D -- C:\Program Files (x86)\Toshiba =>.TOSHIBA CORPORATION® O43 - CFD: 06/11/2015 - [0] D -- C:\Program Files (x86)\Trucks & Trailers O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files (x86)\Uninstall Information O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Unlockroot Pro O43 - CFD: 19/04/2016 - [] D -- C:\Program Files (x86)\VideoLAN O43 - CFD: 29/05/2016 - [] D -- C:\Program Files (x86)\VMware O43 - CFD: 11/01/2016 - [0] D -- C:\Program Files (x86)\Vstep O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Web Solution Mart O43 - CFD: 10/09/2015 - [] D -- C:\Program Files (x86)\WiFi HotSpot Creator O43 - CFD: 03/05/2016 - [] D -- C:\Program Files (x86)\WinDirStat O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Windows Defender O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Mail O43 - CFD: 17/07/2016 - [] D -- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Windows NT O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation® O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 16/07/2016 - [] D -- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 16/01/2016 - [0] D -- C:\Program Files (x86)\WinPcap O43 - CFD: 05/10/2014 - [] D -- C:\Program Files (x86)\WinRAR =>.win.rar GmbH® O43 - CFD: 02/06/2016 - [] D -- C:\Program Files (x86)\Wondershare O43 - CFD: 15/03/2016 - [] D -- C:\Program Files (x86)\Xilisoft O43 - CFD: 17/08/2015 - [] D -- C:\Program Files (x86)\Your Uninstaller! 7 O43 - CFD: 31/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Data Recovery Suite O43 - CFD: 08/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/07/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 14/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe O43 - CFD: 15/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo O43 - CFD: 28/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU O43 - CFD: 04/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bighits4U Viewer O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 05/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6 O43 - CFD: 15/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driving Simulator 2012 O43 - CFD: 04/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8 O43 - CFD: 11/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2 O43 - CFD: 23/03/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EveryonePiano O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013 O43 - CFD: 09/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Genymotion O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility O43 - CFD: 19/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java O43 - CFD: 27/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 23/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kat MP3 Recorder O43 - CFD: 14/07/2009 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 01/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 25/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Free 9.1 O43 - CFD: 03/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Money Robot O43 - CFD: 18/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movistar Internet Movil O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec O43 - CFD: 22/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nav-u tool O43 - CFD: 17/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ O43 - CFD: 09/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox O43 - CFD: 11/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2 O43 - CFD: 10/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO O43 - CFD: 07/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung O43 - CFD: 10/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio O43 - CFD: 08/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 10/02/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voic Changer O43 - CFD: 30/07/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WiFi HotSpot Creator O43 - CFD: 03/05/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat O43 - CFD: 06/12/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare O43 - CFD: 17/08/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7 O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\Adobe O43 - CFD: 08/04/2016 - [] D -- C:\ProgramData\Apple O43 - CFD: 19/11/2015 - [] D -- C:\ProgramData\Apple Computer O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 15/01/2016 - [] D -- C:\ProgramData\ashampoo O43 - CFD: 14/10/2015 - [] D -- C:\ProgramData\AutoHideIP O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 10/10/2015 - [] D -- C:\ProgramData\Avira O43 - CFD: 27/05/2016 - [] D -- C:\ProgramData\AVS4YOU O43 - CFD: 06/04/2016 - [0] D -- C:\ProgramData\Babylon =>PUP.Optional.Babylon O43 - CFD: 17/08/2015 - [] D -- C:\ProgramData\Baidu O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\BlueStacks O43 - CFD: 28/12/2015 - [] D -- C:\ProgramData\BlueStacksGameManager O43 - CFD: 25/07/2016 - [] D -- C:\ProgramData\BlueStacksSetup O43 - CFD: 29/07/2016 - [] D -- C:\ProgramData\CodeMeter O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Database Server O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Datos de programa O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Documentos O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Escritorio O43 - CFD: 16/04/2016 - [] D -- C:\ProgramData\eSellerate O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Favoritos O43 - CFD: 07/01/2016 - [0] D -- C:\ProgramData\Garmin O43 - CFD: 21/07/2016 - [] D -- C:\ProgramData\Hotspot Shield O43 - CFD: 05/10/2014 - [0] D -- C:\ProgramData\IDM O43 - CFD: 23/07/2016 - [] D -- C:\ProgramData\InstallShield O43 - CFD: 20/11/2015 - [] D -- C:\ProgramData\Intel O43 - CFD: 16/11/2015 - [] D -- C:\ProgramData\IObit O43 - CFD: 10/01/2016 - [] D -- C:\ProgramData\LGMOBILEAX O43 - CFD: 13/04/2016 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 18/07/2016 - [] D -- C:\ProgramData\Mediatek Driver O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Menú Inicio O43 - CFD: 06/12/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 11/01/2016 - [] D -- C:\ProgramData\Microsoft Games O43 - CFD: 03/04/2016 - [0] D -- C:\ProgramData\Money Robot Submitter O43 - CFD: 10/04/2016 - [] D -- C:\ProgramData\NCH Software O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\NFS Underground O43 - CFD: 21/12/2015 - [] D -- C:\ProgramData\Oracle O43 - CFD: 26/07/2016 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 01/04/2016 - [] D -- C:\ProgramData\Phase Five Systems O43 - CFD: 04/10/2014 - [0] SHD -- C:\ProgramData\Plantillas O43 - CFD: 31/07/2016 - [] D -- C:\ProgramData\ProductData O43 - CFD: 22/03/2016 - [] D -- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 05/01/2016 - [] D -- C:\ProgramData\Samsung O43 - CFD: 13/04/2016 - [] D -- C:\ProgramData\SplitMediaLabs O43 - CFD: 19/07/2016 - [] D -- C:\ProgramData\SP_FT_Logs O43 - CFD: 20/12/2015 - [] D -- C:\ProgramData\SP_MDT_Logs O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 05/10/2014 - [] D -- C:\ProgramData\Sun O43 - CFD: 26/05/2016 - [] D -- C:\ProgramData\TechSmith O43 - CFD: 16/04/2016 - [0] D -- C:\ProgramData\Telestream O43 - CFD: 09/08/2016 - [0] AD -- C:\ProgramData\TEMP O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 09/01/2013 - [] D -- C:\ProgramData\Test Drive Unlimited O43 - CFD: 22/07/2016 - [] D -- C:\ProgramData\Thinix O43 - CFD: 20/03/2016 - [] D -- C:\ProgramData\thriXXX O43 - CFD: 06/11/2015 - [] D -- C:\ProgramData\Trymedia =>PUP.Optional.Trymedia O43 - CFD: 09/04/2016 - [] D -- C:\ProgramData\VMware O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Wondershare O43 - CFD: 05/06/2016 - [] D -- C:\ProgramData\Wondershare Video Converter Ultimate O43 - CFD: 02/06/2016 - [] D -- C:\ProgramData\Xilisoft O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\Z-Software O43 - CFD: 22/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 20/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 08/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 27/05/2016 - [] D -- C:\Program Files (x86)\Common Files\AVSMedia O43 - CFD: 16/02/2016 - [] D -- C:\Program Files (x86)\Common Files\DFX O43 - CFD: 16/04/2016 - [0] D -- C:\Program Files (x86)\Common Files\eSellerate O43 - CFD: 08/08/2016 - [] D -- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files\Java O43 - CFD: 27/09/2015 - [] D -- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - [] D -- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 10/02/2016 - [] D -- C:\Program Files (x86)\Common Files\Steganos O43 - CFD: 21/12/2015 - [] D -- C:\Program Files (x86)\Common Files\System O43 - CFD: 10/04/2016 - [] D -- C:\Program Files (x86)\Common Files\Web Solution Mart O43 - CFD: 06/11/2015 - [] D -- C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 21/03/2016 - [] D -- C:\Program Files (x86)\Common Files\Wondershare O43 - CFD: 07/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Adobe O43 - CFD: 22/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Affilorama O43 - CFD: 15/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Ashampoo O43 - CFD: 10/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Avira O43 - CFD: 27/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\AVS4YOU O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\DMCache O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\DRPSu O43 - CFD: 10/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Eusing O43 - CFD: 14/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\FastStone O43 - CFD: 04/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\FileZilla O43 - CFD: 05/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\GameRanger O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Google O43 - CFD: 21/03/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\HMYGSetting O43 - CFD: 14/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Hotspot Shield O43 - CFD: 04/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Identities O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\IDM O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Innovative Solutions O43 - CFD: 23/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\InstallShield O43 - CFD: 31/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\IObit O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - [0] D -- C:\Users\mourad\AppData\Roaming\Media Center Programs O43 - CFD: 08/01/2016 - [] SD -- C:\Users\mourad\AppData\Roaming\Microsoft O43 - CFD: 11/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft Games O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Mozilla O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\MPC-HC O43 - CFD: 10/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\NCH Software O43 - CFD: 17/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Notepad++ O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\One Click Root O43 - CFD: 20/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\PDAppFlex O43 - CFD: 10/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\PowerISO O43 - CFD: 08/04/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Rsupport O43 - CFD: 07/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Samsung O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Shuame O43 - CFD: 04/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Spiritsoft O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\SplitmediaLabs O43 - CFD: 04/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 O43 - CFD: 10/02/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Steganos O43 - CFD: 13/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Sun O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\TechSmith O43 - CFD: 25/01/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Thinstall O43 - CFD: 22/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Traffic Travis v4 O43 - CFD: 19/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Unity O43 - CFD: 17/08/2015 - [] D -- C:\Users\mourad\AppData\Roaming\URSoft O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\uTorrent O43 - CFD: 16/04/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Vara Software O43 - CFD: 29/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\VMware O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\WhatsApp O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\WinBatch O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Roaming\WinRAR O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Wirecast Play O43 - CFD: 13/10/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Wireshark O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Wondershare O43 - CFD: 13/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Wondershare Video Converter Ultimate O43 - CFD: 15/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Xilisoft O43 - CFD: 27/11/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Yandex O43 - CFD: 27/09/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Z-Software O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\ZHP O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Roaming\ZJMedia O43 - CFD: 13/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} O43 - CFD: 16/03/2016 - [] D -- C:\Users\mourad\AppData\Local\1BN_Software_&_IT_Solutio O43 - CFD: 09/08/2016 - [] D -- C:\Users\mourad\AppData\Local\Adobe O43 - CFD: 19/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Apple O43 - CFD: 19/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Apple Computer O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Archivos temporales de Internet O43 - CFD: 07/10/2014 - [] D -- C:\Users\mourad\AppData\Local\ashampoo O43 - CFD: 09/04/2016 - [] D -- C:\Users\mourad\AppData\Local\assembly O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\AWSToolkit O43 - CFD: 06/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Babylon =>PUP.Optional.Babylon O43 - CFD: 28/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Bluestacks O43 - CFD: 06/11/2015 - [] D -- C:\Users\mourad\AppData\Local\BusCableCarSimulator O43 - CFD: 13/04/2016 - [] D -- C:\Users\mourad\AppData\Local\CEF O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Chromium O43 - CFD: 09/08/2016 - [0] D -- C:\Users\mourad\AppData\Local\CrashDumps O43 - CFD: 14/10/2015 - [] D -- C:\Users\mourad\AppData\Local\CrashRpt =>.Superfluous.CrashReports O43 - CFD: 11/09/2015 - [] D -- C:\Users\mourad\AppData\Local\DanuSoft O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Datos de programa O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Devolutions O43 - CFD: 16/02/2016 - [] D -- C:\Users\mourad\AppData\Local\DFX O43 - CFD: 16/08/2015 - [0] D -- C:\Users\mourad\AppData\Local\Diagnostics O43 - CFD: 03/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Downloaded Installations O43 - CFD: 01/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Eclipse O43 - CFD: 08/08/2016 - [] D -- C:\Users\mourad\AppData\Local\ElevatedDiagnostics O43 - CFD: 09/12/2015 - [] D -- C:\Users\mourad\AppData\Local\FastStone O43 - CFD: 09/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Garmin_Ltd._or_its_subsid O43 - CFD: 05/05/2016 - [] D -- C:\Users\mourad\AppData\Local\Genymobile O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Google O43 - CFD: 04/10/2014 - [0] SHD -- C:\Users\mourad\AppData\Local\Historial O43 - CFD: 10/09/2015 - [] D -- C:\Users\mourad\AppData\Local\Innovative Solutions O43 - CFD: 20/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Intel O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\IsolatedStorage O43 - CFD: 09/04/2016 - [] D -- C:\Users\mourad\AppData\Local\join.me O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Jump Desktop O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Local\Macromedia O43 - CFD: 05/12/2015 - [] D -- C:\Users\mourad\AppData\Local\MetaGeek,_LLC O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Local\Microsoft O43 - CFD: 05/10/2014 - [] D -- C:\Users\mourad\AppData\Local\Mozilla O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\oneClickRoot O43 - CFD: 30/12/2015 - [] D -- C:\Users\mourad\AppData\Local\Opera Software O43 - CFD: 27/11/2015 - [0] D -- C:\Users\mourad\AppData\Local\Package Cache O43 - CFD: 08/09/2015 - [] D -- C:\Users\mourad\AppData\Local\Programs O43 - CFD: 11/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Quadriga Games O43 - CFD: 05/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Samsung O43 - CFD: 16/04/2016 - [] D -- C:\Users\mourad\AppData\Local\SplitMediaLabs O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Local\SquirrelTemp O43 - CFD: 21/04/2016 - [] D -- C:\Users\mourad\AppData\Local\TechSmith O43 - CFD: 10/08/2016 - [] D -- C:\Users\mourad\AppData\Local\Temp O43 - CFD: 25/01/2016 - [] D -- C:\Users\mourad\AppData\Local\Thinstall O43 - CFD: 19/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Unity O43 - CFD: 04/10/2014 - [0] D -- C:\Users\mourad\AppData\Local\VirtualStore O43 - CFD: 01/04/2016 - [] D -- C:\Users\mourad\AppData\Local\VMware O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Local\WhatsApp O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Local\Wondershare O43 - CFD: 26/11/2015 - [] D -- C:\Users\mourad\AppData\Local\Yandex O43 - CFD: 22/07/2016 - [] D -- C:\Users\mourad\AppData\Local\ZJMedia O43 - CFD: 08/09/2015 - [0] D -- C:\Users\mourad\AppData\Local\Programs\Common O43 - CFD: 14/07/2009 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 17/07/2016 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 27/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU O43 - CFD: 28/05/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps O43 - CFD: 08/08/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Disabled Startup O43 - CFD: 19/02/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager O43 - CFD: 14/07/2009 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 15/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs O43 - CFD: 27/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5 O43 - CFD: 03/04/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SliQTools O43 - CFD: 28/10/2015 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Mobile O43 - CFD: 08/08/2016 - [] RD -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 20/03/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX O43 - CFD: 21/03/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UnlockRoot Pro O43 - CFD: 02/06/2016 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp O43 - CFD: 03/05/2016 - [0] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat O43 - CFD: 06/12/2015 - [] D -- C:\Users\mourad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 01/04/2016 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\CrashDumps O43 - CFD: 17/08/2015 - [] D -- C:\Windows\System32\Config\systemprofile\AppData\Local\Microsoft ---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 1s O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll =>.Microsoft Corporation O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll =>.Microsoft Corporation ---\\ System Drivers List (122) - 239s O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [491088] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [339536] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\System32\drivers\adpu320.sys [182864] =>.Microsoft Windows® O58 - SDL:2009/06/10 21:01:06 A . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\System32\drivers\agrsm64.sys [1146880] =>.LSI Corp O58 - SDL:2009/07/14 01:52:21 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [15440] =>.Microsoft Windows® O58 - SDL:2010/11/20 13:32:46 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [107904] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:52:20 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [194128] =>.Microsoft Windows® O58 - SDL:2010/11/20 13:32:47 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [27008] =>.Microsoft Windows® O58 - SDL:2015/11/19 23:51:14 A . (.Alcor Micro, Corp. - Alocr Micro USB Mass Storage Driver.) -- C:\Windows\System32\drivers\AmUStor.sys [84480] =>.Alcor Micro, Corp. O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [87632] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:52:21 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [97856] =>.Microsoft Windows® O58 - SDL:2012/10/18 11:12:06 A . (.AuthenTec, Inc. - AuthenTec Fingerprint Sensor WBF Driver.) -- C:\Windows\System32\drivers\ATSwpWDF.sys [1111856] =>.AuthenTec, Inc.® O58 - SDL:2016/07/28 15:21:01 A . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [171752] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2016/07/28 15:21:01 A . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [145984] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2015/09/01 17:09:54 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [28600] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2016/06/05 19:42:47 A . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\drivers\avnetflt.sys [79696] =>.Avira Operations GmbH & Co. KG® O58 - SDL:2009/06/10 20:34:23 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60a.sys [270848] =>.Broadcom Corporation O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [18432] =>.Brother Industries, Ltd. O58 - SDL:2009/06/10 20:41:06 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [8704] =>.Brother Industries, Ltd. O58 - SDL:2009/07/14 01:19:07 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [286720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [47104] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [14976] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 20:41:10 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [14720] =>.Brother Industries Ltd. O58 - SDL:2009/06/10 20:34:28 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [468480] =>.Broadcom Corporation O58 - SDL:2016/07/17 03:09:53 A . (.Connectify - Connectify NDISRD helper driver.) -- C:\Windows\System32\drivers\cfywlan1.sys [36736] =>.Connectify (Connectify, Inc.)® O58 - SDL:2009/07/14 01:52:31 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [17488] =>.Microsoft Windows® O58 - SDL:2016/07/17 03:09:52 A . (.Connectify - CNNCTFY helper driver.) -- C:\Windows\System32\drivers\cnnctfy3.sys [43872] =>.Connectify (Connectify, Inc.)® O58 - SDL:2015/08/31 18:25:56 A . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx11_1x64.sys [28008] =>.Power Technology® O58 - SDL:2015/11/12 17:27:12 A . (.Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device.) -- C:\Windows\System32\drivers\dfx12x64.sys [29688] =>.Power Technology® O58 - SDL:2009/06/10 20:35:02 A . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6.) -- C:\Windows\System32\drivers\e1y60x64.sys [281088] =>.Intel Corporation O58 - SDL:2011/10/20 11:24:16 A . (.Intel Corporation - Intel(R) Gigabit Network Connection NDIS 6.) -- C:\Windows\System32\drivers\e1y62x64.sys [302296] =>.Intel Corporation® O58 - SDL:2009/07/14 01:47:48 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [530496] =>.Microsoft Windows® O58 - SDL:2009/06/10 20:34:33 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3286016] =>.Broadcom Corporation O58 - SDL:2015/10/28 14:28:26 A . (.Sony Mobile Communications - SOMC USB Flash Driver Filter.) -- C:\Windows\System32\drivers\ggflt.sys [16088] =>.Sony Mobile Communications AB® O58 - SDL:2015/10/28 14:28:27 A . (.Sony Mobile Communications - SOMC USB Flash Driver.) -- C:\Windows\System32\drivers\ggsomc.sys [30424] =>.Sony Mobile Communications AB® O58 - SDL:2009/06/10 20:31:59 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [31232] =>.Hauppauge Computer Works, Inc. O58 - SDL:2010/11/20 13:33:35 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [78720] =>.Microsoft Windows® O58 - SDL:2015/02/04 02:01:10 A . (.AnchorFree Inc. - Hotspot Shield Routing Driver.) -- C:\Windows\System32\drivers\hssdrv6.sys [44744] =>.AnchorFree Inc® O58 - SDL:2010/11/20 13:33:38 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [410496] =>.Microsoft Windows® O58 - SDL:2016/08/05 13:04:22 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [217256] =>.Tonec Inc.® O58 - SDL:2008/07/31 11:32:24 A . (.Infineon Technologies AG - Infineon Trusted Platform Module.) -- C:\Windows\System32\drivers\ifxtpm.sys [58880] O58 - SDL:2013/02/20 00:44:08 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [12312928] =>.Intel Corporation O58 - SDL:2009/07/14 01:48:04 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [44112] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [114752] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [106560] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [65600] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [115776] =>.Microsoft Windows® O58 - SDL:2009/09/04 11:41:24 A . (.ZTE Incorporated - ZTE CDROM Filter.) -- C:\Windows\System32\drivers\massfilter.sys [11776] =>.ZTE Incorporated O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation® O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation® O58 - SDL:2016/05/09 18:06:48 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation® O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [35392] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:48:04 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [284736] =>.Microsoft Windows® O58 - SDL:2016/03/10 14:09:06 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [64896] =>.Malwarebytes Corporation® O58 - SDL:2012/12/07 10:28:06 A . (.Khalil Azzouzi - Azzouzi HotSpot helper driver.) -- C:\Windows\System32\drivers\ndiskhaz.sys [30536] =>.Khalil Azzouzi® O58 - SDL:2015/11/19 16:06:22 A . (.MediaTek Inc. - MediaTek 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28ux.sys [2246488] =>.MEDIATEK INC.® O58 - SDL:2010/01/13 16:37:18 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETw5s64.sys [7675392] =>.Intel Corporation O58 - SDL:2009/06/10 20:35:28 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\netw5v64.sys [5434368] =>.Intel Corporation O58 - SDL:2012/01/23 14:44:12 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwNs64.sys [8616960] =>.Intel Corporation O58 - SDL:2009/07/14 01:48:26 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [51264] =>.Microsoft Windows® O58 - SDL:2010/11/20 13:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [148352] =>.Microsoft Windows® O58 - SDL:2010/11/20 13:33:48 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [166272] =>.Microsoft Windows® O58 - SDL:2011/06/08 17:22:34 A . (. - OEM Driver.) -- C:\Windows\System32\drivers\OEMDrv.sys [268416] O58 - SDL:2010/08/27 16:04:20 A . (.TCT International Mobile Ltd - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\qcusbser.sys [118016] =>.TCT International Mobile Ltd O58 - SDL:2009/07/14 01:45:46 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1524816] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:45:45 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [128592] =>.Microsoft Windows® O58 - SDL:2009/09/03 10:37:02 A . (.REDC - RICOH MMC Driver.) -- C:\Windows\System32\drivers\rimmpx64.sys [67072] =>.REDC O58 - SDL:2009/09/03 10:59:28 A . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\drivers\rimspx64.sys [54784] =>.REDC O58 - SDL:2009/09/24 17:31:14 A . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\drivers\risdsn64.sys [76288] =>.REDC O58 - SDL:2009/09/03 11:14:30 A . (.REDC - RICOH xD SM Driver.) -- C:\Windows\System32\drivers\rixdpx64.sys [57856] =>.REDC O58 - SDL:2012/04/24 19:48:04 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [4028520] =>.Realtek Semiconductor Corp® O58 - SDL:2010/12/14 15:41:32 RA . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\System32\drivers\rtl8187.sys [448512] =>.Realtek Semiconductor Corporation O58 - SDL:2012/12/09 09:51:20 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\Windows\System32\drivers\scdemu.sys [126944] =>.Power Software Ltd® O58 - SDL:2009/06/10 20:37:19 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] =>.Macrovision Corporation, Macrovision Europe Limited, O58 - SDL:2015/06/04 13:33:50 A . (...) -- C:\Windows\System32\drivers\semav6msr64.sys [21984] =>.Intel(R) Code Signing External® O58 - SDL:2009/07/14 01:45:45 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [43584] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:45:46 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [80464] =>.Microsoft Windows® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Device II 1.0 Driver.) -- C:\Windows\System32\drivers\ssm_bus.sys [136192] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_cm.sys [15360] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_cmnt.sys [15360] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Filter Driv.) -- C:\Windows\System32\drivers\ssm_mdfl.sys [18944] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem II 1.0 Driver.) -- C:\Windows\System32\drivers\ssm_mdm.sys [172032] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_wh.sys [15872] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ssm_whnt.sys [15872] =>.MCCI Corporation® O58 - SDL:2016/01/08 08:51:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudbus.sys [120416] =>.Samsung Electronics CO., LTD.® O58 - SDL:2016/01/08 08:51:54 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\Windows\System32\drivers\ssudmdm.sys [213088] =>.Samsung Electronics CO., LTD.® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\System32\drivers\ss_bus.sys [127488] =>.MCCI Corporation® O58 - SDL:2015/05/21 06:02:50 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_cm.sys [15360] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_cmnt.sys [15360] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\System32\drivers\ss_mdfl.sys [18944] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\System32\drivers\ss_mdm.sys [161280] =>.MCCI Corporation® O58 - SDL:2015/05/21 06:02:50 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_wh.sys [15872] =>.MCCI Corporation® O58 - SDL:2010/04/27 02:25:14 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\ss_whnt.sys [15872] =>.MCCI Corporation® O58 - SDL:2009/07/14 01:45:55 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [24656] =>.Microsoft Windows® O58 - SDL:2014/11/05 13:16:32 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6..) -- C:\Windows\System32\drivers\tap0901.sys [27136] =>.The OpenVPN Project O58 - SDL:2015/10/12 20:51:26 A . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\drivers\taphss6.sys [42088] =>.AnchorFree Inc® O58 - SDL:2012/07/20 13:40:52 A . (.Hajo Krabbenhöft - Personal Voice Changer Driver.) -- C:\Windows\System32\drivers\tenCapture.sys [23736] {0E701C8C223C339FA3C0FCB1AEF5E4A7} O58 - SDL:2010/06/14 09:32:54 A . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\drivers\TFsExDisk.sys [16448] =>.Teruten, Inc.® O58 - SDL:2009/06/29 15:16:20 A . (.TOSHIBA Corporation - TOSHIBA HDD Protection - Shock Sensor Drive.) -- C:\Windows\System32\drivers\Thpevm.sys [14784] =>.TOSHIBA CORPORATION® O58 - SDL:2015/11/19 23:50:22 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\Windows\System32\drivers\tosrfec.sys [53624] =>.TOSHIBA CORPORATION® O58 - SDL:2009/07/14 11:25:14 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\Windows\System32\drivers\TVALZ.SYS [26840] =>.TOSHIBA CORPORATION® O58 - SDL:2013/01/25 21:48:14 A . (.Scott - usbdriver.) -- C:\Windows\System32\drivers\USBDrv_AMD64.sys [18392] =>.Allwinner Technology Co.,Ltd.® O58 - SDL:2015/09/08 11:48:10 A . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\drivers\VBoxDrv.sys [964392] =>.Oracle Corporation® O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Host-Only Network Adapt.) -- C:\Windows\System32\drivers\VBoxNetAdp6.sys [117768] =>.Oracle Corporation® O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox NDIS 6.0 Lightweight Filter Driv.) -- C:\Windows\System32\drivers\VBoxNetLwf.sys [146072] =>.Oracle Corporation® O58 - SDL:2015/10/02 14:36:10 A . (.Oracle Corporation - VirtualBox USB Driver.) -- C:\Windows\System32\drivers\VBoxUSB.sys [125520] =>.Oracle Corporation® O58 - SDL:2015/09/08 11:47:40 A . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\drivers\VBoxUSBMon.sys [138904] =>.Oracle Corporation® O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17488] =>.Microsoft Windows® O58 - SDL:2009/07/14 01:45:55 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [161872] =>.Microsoft Windows® O58 - SDL:2012/04/15 21:32:14 A . (.Windows (R) Win 7 DDK provider - WebcamMax Capture.) -- C:\Windows\System32\drivers\wcmvcam64.sys [1071032] {6E0A5E2C7C789BDA175F577FFD554961} =>.Windows (R) Win 7 DDK provider O58 - SDL:2015/05/25 23:29:04 A . (.SplitmediaLabs Limited - XSplit Stream Audio.) -- C:\Windows\System32\drivers\xspltspk.sys [26200] =>.Splitmedialabs Limited® O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [119680] =>.ZTE Incorporated O58 - SDL:2009/08/21 16:44:00 A . (.ZTE Corporation - USB NDIS Miniport Driver.) -- C:\Windows\System32\drivers\ZTEusbnet.sys [135168] =>.ZTE Corporation O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [119680] =>.ZTE Incorporated O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmeaext.sys [119680] =>.ZTE Incorporated O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmeaext2.sys [119680] =>.ZTE Incorporated O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [119680] =>.ZTE Incorporated O58 - SDL:2009/09/19 16:54:02 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbvoice.sys [119680] =>.ZTE Incorporated O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\Windows\System32\epmntdrv.sys [18528] =>.CHENGDU YIWO Tech Development Co., Ltd.® O58 - SDL:2014/11/18 14:39:06 A . (...) -- C:\Windows\System32\EuGdiDrv.sys [10848] =>.CHENGDU YIWO Tech Development Co., Ltd.® O58 - SDL:2013/09/30 15:26:50 N . (...) -- C:\Windows\System32\pwdrvio.sys [19152] =>.MiniTool Solution Ltd® O58 - SDL:2013/09/30 15:26:48 N . (...) -- C:\Windows\System32\pwdspio.sys [12504] =>.MiniTool Solution Ltd® ---\\ Last modified or created user files (2) - 155s O61 - LFC: 2016/08/10 11:49:36 A . (..) -- C:\Users\mourad\AppData\Local\Microsoft\Windows\1033\StructuredQuerySchema.bin [297839] O61 - LFC: 2016/08/09 20:17:33 A . (..) -- C:\Users\mourad\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [128] ---\\ File Associations Shell Spawning (11) - 1s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® ---\\ Start Menu Internet (12) - 2s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc® O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Opera\Launcher.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc. O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Opera\Launcher.exe (.not file.) ---\\ Search Browser Infection (4) - 94s O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark._edMembers_.lastActivePing", "1466883948937"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.hp.enabled", true); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "myradioaccess@mindspark.com"); =>PUP.Optional.Bandoo O69 - SBI: prefs.js [mourad - cbabaezd.default-1460330565581] user_pref("extensions.toolbar.mindspark.lastInstalled", "myradioaccess@mindspark.com"); =>PUP.Optional.Bandoo ---\\ Search Svchost Services (33) - 4s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [72192] =>.Microsoft Corporation O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [80384] =>.Microsoft Corporation O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [236032] =>.Microsoft Corporation O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [777728] =>.Microsoft Corporation O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [853504] =>.Microsoft Corporation O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\Audiosrv.dll [680960] =>.Microsoft Corporation O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [99328] =>.Microsoft Corporation O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [344064] =>.Microsoft Corporation O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [97792] =>.Microsoft Corporation O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [64512] =>.Microsoft Corporation O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [359424] =>.Microsoft Corporation O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [316928] =>.Microsoft Corporation O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [680960] =>.Microsoft Corporation O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [2428952] =>.Microsoft Windows Component Publisher® O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [849920] =>.Microsoft Corporation O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [370688] =>.Microsoft Corporation O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [569344] =>.Microsoft Corporation O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [30720] =>.Microsoft Corporation O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [70656] =>.Microsoft Corporation O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [156672] =>.Microsoft Corporation O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [67584] =>.Microsoft Corporation O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688] =>.Microsoft Corporation O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [121856] =>.Microsoft Corporation O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [136192] =>.Microsoft Corporation O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [111104] =>.Microsoft Corporation O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1110016] =>.Microsoft Corporation O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [90624] =>.Microsoft Corporation O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84480] =>.Microsoft Corporation O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920] =>.Microsoft Corporation O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [44544] =>.Microsoft Corporation O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [100864] =>.Microsoft Corporation O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [193536] =>.Microsoft Corporation ---\\ Firewall Active Exception List (30) - 23s O87 - FAEL: "{82485849-57C2-4684-8578-EBD6AB3C94AD}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.) O87 - FAEL: "{786C5D5E-7A90-4913-B4AF-54545BB3EBF1}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\Spark.exe (.not file.) O87 - FAEL: "{587C939D-CF4A-4257-9A5A-8C49781BDDA3}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe (.not file.) O87 - FAEL: "{BE01F55C-2206-452A-AA15-8DD1EFA906EF}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\baidu\Spark\bdtray.exe (.not file.) O87 - FAEL: "{60AFFE9E-29AD-48F4-8CD6-0B7A33631F69}" [In-None-P6-TRUE] .(...) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe (.not file.) O87 - FAEL: "{146802C4-F29F-4CD8-BFAC-2C9158B93F59}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\REALTEK\RTL8187 Wireless LAN Utility\RtWLan.exe (.not file.) O87 - FAEL: "{10100E84-10C2-491F-9E85-DBD2F362A089}" [In-None-P17-TRUE] .(...) -- C:\Program Files (x86)\MediatekWiFi\Common\RaUI.exe (.not file.) O87 - FAEL: "TCP Query User{13D808EB-D301-4F0E-A2C3-3F7F607C0A9D}C:\program files (x86)\city car driving\bin\win32\starter.exe" [In-None-P6-TRUE] .(...) -- C:\program files (x86)\city car driving\bin\win32\starter.exe (.not file.) O87 - FAEL: "UDP Query User{09049424-252A-4F13-9DC8-09F533CEA362}C:\program files (x86)\city car driving\bin\win32\starter.exe" [In-None-P17-TRUE] .(...) -- C:\program files (x86)\city car driving\bin\win32\starter.exe (.not file.) O87 - FAEL: "TCP Query User{14513514-DB67-47F1-A9FB-14CB2EB06E9B}C:\program files (x86)\leapftp 3.0\leapftp.exe" [In-None-P6-TRUE] .(.LeapWare - Secure File Transfer Client.) -- C:\program files (x86)\leapftp 3.0\leapftp.exe {7A8AE6A6E5FD53D9195B8B38590E5F41} O87 - FAEL: "UDP Query User{67DF69CF-E8F0-41A9-9C1A-22A956FD04CF}C:\program files (x86)\leapftp 3.0\leapftp.exe" [In-None-P17-TRUE] .(.LeapWare - Secure File Transfer Client.) -- C:\program files (x86)\leapftp 3.0\leapftp.exe {7A8AE6A6E5FD53D9195B8B38590E5F41} O87 - FAEL: "{BEA8AECD-7FD4-4CC0-9AFE-E67E572E7A60}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.555\ipts.exe (.not file.) O87 - FAEL: "{82F4EB97-71AD-446A-B4F4-48EC282BE9D0}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.555\ipts.exe (.not file.) O87 - FAEL: "{3F60AAE4-E5C2-49A4-91B4-CD614BB76ACC}" [In-None-P17-TRUE] .(.YANDEX LLC - Yandex.) -- C:\Users\Default\AppData\Local\Yandex\YandexBrowser\Application\browser.exe {3667E158B524C8FFBFE538172786F1E2} O87 - FAEL: "TCP Query User{163CA4E7-CCB1-4B14-A54C-AA193CCE1231}D:\test drive unlimited gold\testdriveunlimited.exe" [In-None-P6-TRUE] .(...) -- D:\test drive unlimited gold\testdriveunlimited.exe (.not file.) O87 - FAEL: "UDP Query User{498FDB65-2602-4E82-8B2A-AE665FA6EFF6}D:\test drive unlimited gold\testdriveunlimited.exe" [In-None-P17-TRUE] .(...) -- D:\test drive unlimited gold\testdriveunlimited.exe (.not file.) O87 - FAEL: "{A3762890-D383-4737-B4FC-F6E6587A7F55}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.867\jingling.exe (.not file.) O87 - FAEL: "{B042F640-8665-4EE4-BDB7-E78CCD060F2D}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\AppData\Local\Temp\Rar$EXb0.867\jingling.exe (.not file.) O87 - FAEL: "{D4283125-70D8-4197-947A-99E909FD4ACB}" [In-None-P6-TRUE] .(...) -- C:\Users\mourad\Desktop\jingling.exe (.not file.) O87 - FAEL: "{60259E04-DC48-48E3-B747-9DFFCCB3FD83}" [In-None-P17-TRUE] .(...) -- C:\Users\mourad\Desktop\jingling.exe (.not file.) O87 - FAEL: "{88599324-46FE-48F8-8C5B-AAA4193F56B7}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\HotSpot\AHotSpot.exe (.not file.) O87 - FAEL: "{B7826208-663A-4E05-A74C-A6F029A42EFE}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\HotSpot\AHotSpot.exe (.not file.) O87 - FAEL: "{76BFB912-7A72-4CF7-A1E4-8A194012BA21}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.) O87 - FAEL: "{6E0A4835-2AD6-43C0-BE2A-253ADB6AACEB}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\HotSpot\DHCP\OpenDHCPServer.exe (.not file.) O87 - FAEL: "{8D3EBF78-2EAA-4B17-BF75-93771E34DFAE}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\CLICK\HotSpotClick.exe (.not file.) O87 - FAEL: "{C5EE1E88-CC7D-4507-A521-4EB00BA515A3}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\CLICK\HotSpotClick.exe (.not file.) O87 - FAEL: "{FEE79D8D-D17A-4430-B49D-330FB98FBF1D}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\CLICK\CustomerPortal.exe (.not file.) O87 - FAEL: "{61AE076D-CB22-4234-82FD-9DA52FABF77A}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\CLICK\CustomerPortal.exe (.not file.) O87 - FAEL: "{7FC9C91A-FF15-484A-9770-BBBBD9EF0068}" [In-None-P6-TRUE] .(...) -- C:\Antamedia\DBServer\ADBServer.exe (.not file.) O87 - FAEL: "{6C2FB606-5B4E-4101-AC2E-8360E687634D}" [In-None-P17-TRUE] .(...) -- C:\Antamedia\DBServer\ADBServer.exe (.not file.) ---\\ Additional Scan (O88) (8) - 0s HKLM\SOFTWARE\Wow6432Node\Solvusoft =>.Superfluous.Solvusoft HKLM\SOFTWARE\Wow6432Node\Trymedia Systems =>PUP.Optional.Trymedia HKCU\SOFTWARE\undefined =>.Superfluous.Downloader C:\Program Files\ByteFence =>.Superfluous.ByteFence C:\ProgramData\Babylon =>PUP.Optional.Babylon C:\ProgramData\Trymedia =>PUP.Optional.Trymedia C:\Users\mourad\AppData\Local\Babylon =>PUP.Optional.Babylon C:\Users\mourad\AppData\Local\CrashRpt =>.Superfluous.CrashReports ---\\ Summary of the elements found (7) - 0s https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Solvusoft https://www.nicolascoolman.com/fr/adware-trymedia/ =>PUP.Optional.Trymedia https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.Downloader https://www.anti-malware.top/2016/04/29/superfluous-bytefence/ =>.Superfluous.ByteFence https://www.nicolascoolman.com/fr/pup-babylon/ =>PUP.Optional.Babylon https://www.nicolascoolman.com/fr/logiciels-superflus =>.Superfluous.CrashReports https://www.nicolascoolman.com/fr/adware-bandoo/ =>PUP.Optional.Bandoo ~ End of the scan, 32416 items in 00h29mn21s (1367)