cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2014.1.1.2 - Nicolas Coolman (01/01/2014)
~ Launched by رياض (01/01/2014 01:49:10 م)
~ Web site address : http://nicolascoolman.webs.com
~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/
~ Translated by
~ Version State :
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Activate by user


---\\ Internet browsers
MSIE: Internet Explorer v10.0.9200.16721
GCIE: Google Chrome v30.0.1599.101 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : Absent (Not found)
Windows ID Activation : Inconnue (Unknown)
Windows Licence : Inconnue (Unknown)
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software
Kaspersky Internet Security v14.0.0.4651
Malwarebytes Anti-Malware النسخة 1.75.0.1300
Windows Defender W7

---\\ System optimization software
CCleaner v4.06 =>Piriform Ltd

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 11 Plugin
Java 7 Update 17

---\\ Information on the system
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1014.3 MB (22% free)
System Restore: Activé (Enable)
System drive C: has 54 GB (68%) free of 78 GB

---\\ Connection to the system mode
~ Computer Name: رياض-PC
~ User Name: رياض
~ All Users Names: رياض, HomeGroupUser$, Guest, Administrator,
~ Unselected Option: O45,O61
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\رياض\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\رياض\AppData\Roaming\
~ %Desktop% : C:\Users\رياض\Desktop\
~ %Favorites% : C:\Users\رياض\Favorites\
~ %LocalAppData% : C:\Users\رياض\AppData\Local\
~ %StartMenu% : C:\Users\رياض\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 54 Go of 78 Go)
D: Hard drive, Flash drive, Thumb drive (Free 52 Go of 78 Go)
E: Hard drive, Flash drive, Thumb drive (Free 74 Go of 78 Go)
F: Hard drive, Flash drive, Thumb drive (Free 231 Go of 231 Go)
G: CD-ROM drive (Not Inserted)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
~ Security Center: 48 Legitimates Filtered in :0mn صs



---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - مستكشف Windows.) (.02/25/2011 - 06:30:54 ص.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) (.07/14/2009 - 02:14:45 ص.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4FEB264B47360B7296AEA4E052F88D8] - (.Microsoft Corporation - ملحقات الإنترنت لـ Win32.) (.10/17/2013 - 03:06:41 م.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) (.11/20/2010 - 01:17:54 م.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - مكتبة تراخيص البرامج.) (.11/20/2010 - 01:21:24 م.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/25/2011 - 03:18:03 ص.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.07/14/2009 - 02:26:15 ص.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.07/14/2009 - 12:11:15 ص.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/20/2010 - 09:38:10 ص.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/20/2010 - 09:42:32 ص.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/20/2010 - 10:59:29 ص.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) (.07/14/2009 - 12:11:24 ص.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.07/14/2009 - 12:54:29 ص.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/27/2011 - 03:17:22 ص.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.11/20/2010 - 09:39:44 ص.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - NT File System Driver.) (.04/12/2013 - 02:45:29 م.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) (.07/14/2009 - 12:45:35 ص.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.07/14/2009 - 12:54:34 ص.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.11/20/2010 - 11:24:46 ص.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.07/14/2009 - 12:53:41 ص.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.11/20/2010 - 09:39:17 ص.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوحدة التخزين.) (.11/20/2010 - 01:30:16 م.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in :0mn صs



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/186
~ Mes musiques (My Musics) : 1/2
~ Mes Favoris (My Favorites) : 1/23
~ Mes Documents (My Documents) : 2/36
~ Mon Bureau (My Desktop) : 1/23
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in :0mn صs



---\\ Process running
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.1812]
[MD5.4D05656FE1165804D4B095A3EEF60416] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe [1926944] [PID.396]
[MD5.98F101E69EA59EFAE909EEDD16E434B5] - (.Gsi Technologies - No Comment.) -- C:\Program Files\Golden Filter Premium\GFPro.exe [1650688] [PID.2444]
[MD5.3C3B12E14B24EFB6A52B5582240B8946] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3405208] [PID.2476]
[MD5.A1F86A5A0DA1BEC12B7DD19C6234BB15] - (...) -- C:\Users\رياض\Local Settings\Apps\F.lux\flux.exe [966656] [PID.2520]
[MD5.001C8273B6A21A4B8DA10CDCE833EC4A] - (.Gsi Technologies - No Comment.) -- C:\Windows\system32\mssvr32.exe [77824] [PID.3436]
[MD5.4CCF76ED78F461670FA2854F8E97820E] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe [992960] [PID.3548]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - مثبِّت Google.) -- C:\Users\رياض\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.2552]
[MD5.3E399A1328181C2A352472369DE2A93A] - (.Google Inc. - Google Chrome.) -- C:\Users\رياض\AppData\Local\Google\Chrome\Application\chrome.exe [844752] [PID.3684]
[MD5.4C820B50704EB1B259E63672EC55B122] - (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\klwtblfs.exe [138944] [PID.3124]
[MD5.0FBD76E8BA11D87010309DB7AC199FF0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8310272] [PID.5216]
~ Processes Running: Scanned in :2mn صs



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\رياض\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://maroc.msn.com
G0 - GCSP: Preference [User Data\Default] http://maroc.msn.com
G2 - GCE: Preference [User Data\Default] [dchlnpcodkpfdpacogkljefecpegganj] \u0645\u0633\u062A\u0634\u0627\u0631 Kaspersky \u0644\u0639\u0646\u0627\u0648\u064A\u0646 \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064A\u0628 v.14.0.0.4651 (Activé)
G2 - GCE: Preference [User Data\Default] [hakdifolhalapjijoafobooafbilfakh] Sicheres Banking v.14.0.0.4651 (Désactivé)
G2 - GCE: Preference [User Data\Default] [hehijbfgiekmjfkfjpbkbammjbdenadd] IE Tab v.5.12.17.1, (Activé)
G2 - GCE: Preference [User Data\Default] [hghkgaeecgjhjkannahfamoehjmkjail] Content Blocker v.14.0.0.4651 (Désactivé)
G2 - GCE: Preference [User Data\Default] [jagncdcchgajhfhijbbhecadmaiegcmh] \u0644\u0648\u062D\u0629 \u0627\u0644\u0645\u0641\u0627\u062A\u064A\u062D \u0627\u0644\u0638\u0627\u0647\u0631\u064A\u0629 v.14.0.0.4651 (Désactivé)
G2 - GCE: Preference [User Data\Default] [pjldcfjmnllhmgjclecdnfampinooman] \u0645\u0643\u0627\u0641\u062D\u0629 \u0627\u0644\u0634\u0639\u0627\u0631\u0627\u062A v.14.0.0.4651 (Activé)
~ Google Browser: 20 Legitimates Filtered in :4mn صs



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 14 Legitimates Filtered in :0mn صs



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
~ Proxy management: Scanned in :0mn صs



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in :0mn صs



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in :0mn صs
~ Nombre de lignes (Lines number): 1



---\\ Browser Helper Objects (O2)
O2 - BHO: uTorrentControl_v6 - {96f454ea-9d38-474f-b504-56193e00c1a5} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentControl_v6\prxtbuTor.dll =>Toolbar.Conduit
~ BHO: 16 Legitimates Filtered in :0mn صs



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: uTorrentControl_v6 Toolbar - [HKLM]{96f454ea-9d38-474f-b504-56193e00c1a5} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\uTorrentControl_v6\prxtbuTor.dll =>Toolbar.Conduit
~ Toolbar: Scanned in :0mn صs



---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Kaspersky Internet Security.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
O4 - GS\QuickLaunch [رياض]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\رياض\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [رياض]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [رياض]: QQPlayer.lnk . (.Tencent - كيوكيو بلاير.) -- C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>Adware.TencentAddressBar
O4 - GS\TaskBar [رياض]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\رياض\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [رياض]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [رياض]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [رياض]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [رياض]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [رياض]: QQPlayer.lnk . (.Tencent - كيوكيو بلاير.) -- C:\Program Files\Tencent\QQPlayer\QQPlayer.exe =>Adware.TencentAddressBar
O4 - GS\Desktop [رياض]: Your Unin-staller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) -- C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [رياض]: الخدمات النقدية الآمنة.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
~ Global Startup: 54 Legitimates Filtered in :0mn صs



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [GoldenFilterPro] . (.Gsi Technologies - No Comment.) -- C:\Program Files\Golden Filter Premium\GFPro.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [F.lux] . (...) -- C:\Users\رياض\Local Settings\Apps\F.lux\flux.exe
O4 - HKUS\S-1-5-21-3488952640-1886036067-2608822963-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-3488952640-1886036067-2608822963-1000\..\Run: [F.lux] . (...) -- C:\Users\رياض\Local Settings\Apps\F.lux\flux.exe
~ Application: Scanned in :0mn صs



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: لوحة المفاتيح الظاهرية - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kbrd.ico
O9 - Extra button: بحث - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\OFFICE11\REFBARH.ICO
O9 - Extra button: التحقق من عناوين مواقع الويب - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\logo.ico
~ IE Extra Buttons: Scanned in :0mn صs



---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers2.touslesdrivers.com/maconfig/MaConfig_6_5_1_1.cab
~ Objets ActiveX: Scanned in :0mn صs



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{44FDC2AD-20F2-4EC2-874F-154E3B793A34}: NameServer = 208.67.222.222,41.221.20.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{44FDC2AD-20F2-4EC2-874F-154E3B793A34}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{44FDC2AD-20F2-4EC2-874F-154E3B793A34}: NameServer = 208.67.222.222,41.221.20.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{44FDC2AD-20F2-4EC2-874F-154E3B793A34}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{44FDC2AD-20F2-4EC2-874F-154E3B793A34}: NameServer = 208.67.222.222,41.221.20.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{44FDC2AD-20F2-4EC2-874F-154E3B793A34}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in :0mn صs



---\\ Extra protocols (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in :0mn صs



---\\ Task Planned Automatically (039)
[MD5.00000000000000000000000000000000] [APT] [{03473F93-B3D8-41DB-807C-961C16A96BF9}] (...) -- C:\Users\رياض\Desktop\URescue_v1.3.0.71.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{18F1193B-94CB-4FB2-8A39-BB555BE15637}] (...) -- C:\Windows\Uninstal.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2B935064-2C4B-4E94-80BF-6CF1A8A59467}] (...) -- C:\Program Files\ITE\IT1167B\DtMPTool_V1.67B.11.0\DtMPTool.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{322CDE2D-2D0F-4690-88EC-7E8229618D7F}] (...) -- C:\Program Files\Adobe\Acrobat 4.0 ME\Reader\AcroRd32.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3FBAC6B6-F1D9-4501-A0C4-150E82439737}] (...) -- C:\Windows\Uninstal.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{48B4B9CC-3CFD-4CEF-AB3B-2A156A0B77A1}] (...) -- C:\Windows\Uninstal.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4F9BB62C-7C66-4FCB-96BB-F6805B21C68A}] (...) -- G:\PL2303\vista\PL-2303 Vista Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{56F02A15-328D-4EFF-BD66-44E861C19F7E}] (...) -- C:\Program Files\Your Uninstaller 2010\urmain.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5E5884D6-511D-476D-8FEE-4679E36B0AC4}] (...) -- C:\Program Files\GameTop.com\Police Supercars Racing\PSR.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{70A75179-EB46-4F0D-819C-1C5675BA0FCE}] (...) -- G:\PL2303\vista\PL-2303 Vista Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{78A82B56-A6F7-43AF-95BD-0A3A5936D939}] (...) -- C:\Users\رياض\Downloads\Programs\NetFx20SP2_x86.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7DE0E98D-6DCC-43CD-A5E7-30B48962E5CD}] (...) -- C:\DriveKey\HPUSBFW.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{87896E32-7C92-4925-8FF9-08B7CAA383E6}] (...) -- G:\PL2303\winxp\PL-2303 Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{932CA38C-4745-468D-8D9A-798CAAA92E7B}] (...) -- C:\Users\رياض\Desktop\Translator4.2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{941D2BF0-F5F5-4B7F-B318-8CD8E53796F5}] (...) -- C:\Users\رياض\Downloads\FeedingFrenzySetup-en_achrafddine.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9A0F40E0-12B6-472C-A1B0-D6014F1DE58E}] (...) -- C:\Users\رياض\Desktop\Advanced RAR Password Recovery 1.53\ara.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A4A2A960-6BA9-4C49-A9F7-3C6BD32C586B}] (...) -- C:\Users\رياض\Downloads\Programs\Windows_Fix_It.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AD2250DA-7DD2-407F-A264-4D21856C57BA}] (...) -- C:\DriveKey\HPUSBFW.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AF16D54E-4F96-4C7F-BA20-6BFE7AFD3FB0}] (...) -- C:\Users\رياض\Desktop\Wonders\Wonders.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CC96062A-BA16-46B6-9444-CC764E8AEC3E}] (...) -- C:\Users\رياض\Downloads\Programs\CGWebInstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CF5B3E65-61BE-4798-9B18-DD90DA1970EB}] (...) -- G:\PL2303\vista\PL-2303 Vista Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D5DBDEB0-62D0-4F6A-9F7C-3D322CBA4D41}] (...) -- G:\PL2303\winxp\PL-2303 Driver Installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EB525EF4-EB7F-4AE1-80B1-17D7A17F20E1}] (...) -- C:\Users\رياض\Desktop\Translator4.2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{FCA782C9-EFC9-49C3-832C-5E30CC6D57CB}] (...) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (.not file.) [0]
~ Scheduled Task: 43 Legitimates Filtered in :1mn صs



---\\ Drivers launched at startup (O41)
O41 - Driver: (BIOS) . (.BIOSTAR Group - I/O Interface driver file.) - C:\Windows\system32\drivers\BIOS.sys
O41 - Driver: (BS_I2cIo) . (.BIOSTAR Group - I/O Interface driver file.) - C:\Windows\system32\drivers\BS_I2cIo.sys
~ Drivers: 76 Legitimates Filtered in :1mn صs



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Dz4-EvEr]
[HKCU\Software\MP_ALL]
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\SpeedBit]
[HKCU\Software\Tencent] =>Adware.TencentAddressBar
[HKCU\Software\Volaro] =>Trojan.Vonteera
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\eviacam]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\Tencent] =>Adware.TencentAddressBar
[HKLM\Software\Vontera]
[HKLM\Software\csc22]
~ Key Software: 149 Legitimates Filtered in :0mn صs



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 10/25/2013 - 08:23:16 م - [0] ----D C:\Program Files\Conduit
O43 - CFD: 11/02/2013 - 11:38:53 ص - [0] ----D C:\Program Files\DiVapton =>PUP.DiVapton
O43 - CFD: 10/11/2013 - 08:15:38 ص - [2.675] RSHAD C:\Program Files\Golden Filter Premium
O43 - CFD: 03/22/2013 - 12:41:26 م - [4.634] ----D C:\Program Files\GUMCAAF.tmp
O43 - CFD: 11/04/2013 - 09:49:16 م - [48.475] ----D C:\Program Files\GUMF6DB.tmp
O43 - CFD: 07/22/2011 - 10:43:42 ص - [0.595] ----D C:\Program Files\MOSCHIP
O43 - CFD: 10/23/2011 - 10:40:50 م - [86.887] ----D C:\Program Files\Tencent =>Adware.TencentAddressBar
O43 - CFD: 11/02/2013 - 11:23:00 ص - [0.195] ----D C:\Program Files\Volaro =>Trojan.Vonteera
O43 - CFD: 03/23/2013 - 07:02:43 م - [0] ----D C:\Program Files\Common Files\SpeedBit
O43 - CFD: 11/09/2013 - 01:15:08 م - [0] ----D C:\ProgramData\Conduit
O43 - CFD: 07/22/2011 - 08:04:48 ص - [3.222] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 09/01/2012 - 05:58:45 م - [0.002] ----D C:\ProgramData\SystemSpeedBooster
O43 - CFD: 10/09/2011 - 04:07:34 م - [0.000] ----D C:\ProgramData\Tencent =>Adware.TencentAddressBar
O43 - CFD: 01/27/2013 - 10:03:44 م - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 07/11/2011 - 09:22:47 ص - [0] -SH-D C:\ProgramData\سطح المكتب
O43 - CFD: 07/11/2011 - 09:22:47 ص - [0] -SH-D C:\ProgramData\قائمة ابدأ
O43 - CFD: 09/01/2012 - 05:58:40 م - [0.000] ----D C:\Users\رياض\AppData\Roaming\SystemSpeedBooster
O43 - CFD: 10/09/2011 - 04:07:34 م - [1.190] ----D C:\Users\رياض\AppData\Roaming\Tencent =>Adware.TencentAddressBar
O43 - CFD: 10/25/2013 - 08:23:05 م - [0.835] ----D C:\Users\رياض\AppData\Local\Conduit
~ Program Folder: 160 Legitimates Filtered in :1mn صs



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.514876CC42C3E12486744EDBE450C58E] - 01/01/2014 - 12:47:49 م --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [13760]
O44 - LFC:[MD5.514876CC42C3E12486744EDBE450C58E] - 01/01/2014 - 12:47:49 م --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [13760]
~ Files: 31 Legitimates Filtered in :3mn صs



---\\ Export authorized application key (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Ace Translator\AceTrans.exe" [Enabled] .(...) -- C:\Program Files\Ace Translator\AceTrans.exe (.not file.)
O47 - AAKE:Key Export DP - "C:\Program Files\Ace Translator\AceTrans.exe" [Enabled] .(...) -- C:\Program Files\Ace Translator\AceTrans.exe (.not file.)
~ Keys Export: 2 Legitimates Filtered in :0mn صs



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in :0mn صs



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoInstrumentation"=1
~ MWPE Keys: 8 Legitimates Filtered in :0mn صs



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.BE5D50529799B9BAB6BE879EC768B6CF] - 03/16/2005 - 07:23:54 ص R--A- . (.BIOSTAR Group - I/O Interface driver file.) -- C:\Windows\System32\Drivers\BIOS.sys [13696]
O58 - SDL:[MD5.ABEFFD18E7DB6B988B25A42BCD7D400F] - 05/17/2010 - 04:11:22 م ---A- . (.BIOSTAR Group - I/O Interface driver file.) -- C:\Windows\System32\Drivers\BS_I2cIo.sys [6272]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 07/14/2009 - 02:20:28 ص ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 07/13/2009 - 11:54:14 م ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.D0FAD0D98D723A3D32F9EF5A2CDE201D] - 08/02/2012 - 01:23:14 ص ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [97632]
O58 - SDL:[MD5.F90615D42C821ADAD57FADE935727D0F] - 12/19/2008 - 03:22:24 ص ---A- . (.Windows (R) Codename Longhorn DDK provider - Serial Device Driver.) -- C:\Windows\System32\Drivers\PciIsaSerial.sys [65536]
O58 - SDL:[MD5.86F4ACF0EAB9B275D1D71E3A6540D2F5] - 07/23/2009 - 08:07:28 ص ---A- . (.No owner - Parallel driver for PCI Parallel Port..) -- C:\Windows\System32\Drivers\PciPPorts.sys [82944]
O58 - SDL:[MD5.F1CD23597C138F9D5D87CEBD7CF59771] - 12/19/2008 - 03:25:22 ص ---A- . (.No owner - Serial driver for PCI Serial Port..) -- C:\Windows\System32\Drivers\PciSPorts.sys [115200]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 07/14/2009 - 02:19:04 ص ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.1E89DE7A4FB7A854EBB241D0AA8996DD] - 02/25/2010 - 06:51:02 م ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [25216]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 07/13/2009 - 10:40:41 م ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 07/13/2009 - 10:40:44 م ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 07/13/2009 - 10:40:40 م ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 07/13/2009 - 10:40:43 م ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 07/13/2009 - 10:40:43 م ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 07/13/2009 - 10:40:23 م ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 07/13/2009 - 10:40:31 م ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 07/13/2009 - 10:40:35 م ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 07/13/2009 - 10:40:39 م ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 07/13/2009 - 10:40:27 م ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 07/13/2009 - 10:40:11 م ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 07/13/2009 - 10:40:15 م ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 07/13/2009 - 10:40:17 م ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 07/13/2009 - 10:40:19 م ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 07/13/2009 - 10:40:13 م ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 17 Legitimates Filtered in :0mn صs



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in :0mn صs



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 03/16/2005 - C:\Windows\system32\drivers\BIOS.sys (BIOS) .(.BIOSTAR Group - I/O Interface driver file.) - LEGACY_BIOS
O64 - Services: CurCS - 05/17/2010 - C:\Windows\system32\drivers\BS_I2cIo.sys (BS_I2cIo) .(.BIOSTAR Group - I/O Interface driver file.) - LEGACY_BS_I2CIO
O64 - Services: CurCS - 08/02/2012 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP
O64 - Services: CurCS - 07/13/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Legacy: 143 Legitimates Filtered in :0mn صs



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\رياض\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in :0mn صs



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Scanned in :0mn صs



---\\ Crack & Keygen Files (CKF) (O82)
C:\Users\رياض\Downloads\Compressed\Your Uninstaller! Pro 7.3.2011.04 With - Keygen_hex-v.blogspot.com.zip
C:\Users\رياض\Downloads\Compressed\Your Uninstaller! Pro 7.3.2011.04 With - Keygen_hex-v.blogspot.com.zip
~ Files: Scanned in :1mn صs



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.A71C3EEAEBD463175A406421E95AC843] [SPRF][01/01/2014] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.089E62D79116B1DE9F36E9578C33BB92] [SPRF][01/01/2014] (...) -- C:\Users\رياض\AppData\Local\Temp\NitroSysFonts01.dat [499999]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][01/01/2014] (...) -- C:\Users\رياض\AppData\Local\Temp\{92F9619E-A24F-41C3-840F-D24A4E35D6EC}-31.0.1650.63_chrome_installer.exe [0]
[MD5.FC5CF21493BE7A896AA2DBF5F78164C7] [SPRF][11/26/2009] (.TheWindowsClub.com - FixWin Utility.) -- C:\Users\رياض\Desktop\FixWin.exe [541696]
~ Files: 5 Legitimates Filtered in :0mn صs



---\\ Product Upgrade Codes (PUC) (O90)
O90 - PUC: "00002109020010400000000000F01FEC" . (.حزمة التوافق لنظام Office 2007.) -- C:\Windows\Installer\{90120000-0020-0401-0000-0000000FF1CE}\O12ConvIcon.exe
~ Update Products: 11 Legitimates Filtered in :0mn صs



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/01/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 07/14/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/14/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 10/20/2013 214512 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 03/05/2013 196616 | (NitroDriverReadSpool8) . (.Nitro PDF Software.) - C:\Program Files\Nitro\Pro 8\NitroPDFDriverService8.exe
SR - | Auto 01/31/2013 1724192 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
SR - | Auto 07/14/2009 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/14/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 07/14/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in :1mn صs



---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

~ MBR: 1 Legitimates Filtered in :5mn صs



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by رياض at 01/01/2014 01:54:14 م

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in :0mn صs



---\\ Scan Additionnel (O88)
Database Version : 13018 - (01/01/2014)
Clés trouvées (Keys found) : 14
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 11
Fichiers trouvés (Files found) : 6

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96F454EA-9D38-474F-B504-56193E00C1A5}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}] =>Toolbar.TuneUp
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\Babylon_RASAPI32] =>PUP.Babylon
[HKLM\Software\Microsoft\Tracing\Babylon_RASMANCS] =>PUP.Babylon
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\Old_Current] =>PUP.MediaFinder
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLM\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs] =>Toolbar.Ask
[HKLM\Software\Classes\Toolbar.CT3289075] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar3.SBCONVERT] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{96f454ea-9d38-474f-b504-56193e00c1a5} =>Toolbar.Conduit^
C:\Program Files\DiVapton =>PUP.DiVapton^
C:\Program Files\Tencent =>Adware.TencentAddressBar^
C:\Program Files\Volaro =>Trojan.Vonteera^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\Tencent =>Adware.TencentAddressBar^
C:\Users\رياض\AppData\Roaming\Tencent =>Adware.TencentAddressBar^
C:\Program Files\Conduit =>Toolbar.Conduit
C:\ProgramData\Conduit =>Toolbar.Conduit
C:\Users\رياض\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\رياض\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\رياض\AppData\LocalLow\Conduit =>Toolbar.Conduit
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Tencent] =>Adware.TencentAddressBar^
[HKCU\Software\Volaro] =>Trojan.Vonteera^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Tencent] =>Adware.TencentAddressBar^
~ Additionnel Scan: 162992 Items scanned in :2mn صs



---\\ Summary of the detections found on your workstation
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27668065-adware-tencentaddressbar =>Adware.TencentAddressBar
~ http://nicolascoolman.webs.com/apps/blog/show/30068076-pup-paretologic =>PUP.Paretologic
~ http://nicolascoolman.webs.com/apps/blog/show/31951367-trojan-vonteera =>Trojan.Vonteera
~ http://nicolascoolman.webs.com/apps/blog/show/34598282-pup-divapton =>PUP.DiVapton
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/28445531-pup-mediafinder =>PUP.MediaFinder
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ MSI: 9 link(s) detected in :2mn صs



~ 1013 Legitimates filtered by white list
End of the scan (534 lines in :3mn صs)(2)

Publicité


Signaler le contenu de ce document

Publicité