cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2014.4.11.18 - Nicolas Coolman (11/04/2014)
~ Launched by USER (11/04/2014 20:45:31)
~ Web site address : http://nicolascoolman.webs.com
~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/
~ Translated by
~ Version State :
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Deactivate by program


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 28.0 (Defaut)
GCIE: Google Chrome v34.0.1847.116
OPIE: Opera v12.16

---\\ Windows product information
~ Langage: Anglais
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software
Avira Free Antivirus v14.0.3.350
Malwarebytes Anti-Malware version 2.00.0.0503
Windows Defender W7

---\\ System optimization software
CCleaner =>.Piriform Ltd

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Information on the system
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4456 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 254 GB (54%) free of 466 GB

---\\ Connection to the system mode
~ Computer Name: USER-PC
~ User Name: USER
~ All Users Names: USER, UpdatusUser, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\USER\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\USER\AppData\Roaming\
~ %Desktop% : C:\Users\USER\Desktop\
~ %Favorites% : C:\Users\USER\Favorites\
~ %LocalAppData% : C:\Users\USER\AppData\Local\
~ %StartMenu% : C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 254 Go of 466 Go)
D: Hard drive, Flash drive, Thumb drive (Free 422 Go of 466 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Free 0 Go of 1 Go)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.26/04/2011 - 20:40:37.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.24/01/2014 - 03:37:55.) -- C:\Windows\system32\Drivers\ntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/589
~ Mes musiques (My Musics) : 1/29
~ Mes Videos (My Videos) : 1/7
~ Mes Favoris (My Favorites) : 1/78
~ Mes Documents (My Documents) : 2/346
~ Mon Bureau (My Desktop) : 0/2429
~ Menu demarrer (Programs) : 1/57
~ Hidden Files: Scanned in 00mn 04s



---\\ Process running
[MD5.EC2F0CAF5DF1CDC52AF80E91DF908BE1] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [7365944] [PID.4008]
[MD5.F645990AEEBD0A3C596F0D5FE460A810] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Internet Download Manager\IDMan.exe [3821136] [PID.5100]
[MD5.1E377D64DACD4E4656C86241CE5A1233] - (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576] [PID.2416]
[MD5.535B596FA46EA94D2E4B8FD887CEA58B] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1106512] [PID.4244]
[MD5.4D241A6A8F6BA9FA32FF836551FFDCEA] - (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608] [PID.1200]
[MD5.766AE515B1749F2141E418CC6C08515B] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440] [PID.1628]
[MD5.241B07FF7F5943B9C1BF3235F49AC1E1] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744] [PID.3440]
[MD5.37B3EA106E913665F1F98D628E9088CE] - (.No owner - trioService Module.) -- C:\Program Files (x86)\3D-Relax\Living Marine Aquarium 2.0 trial\trioService.exe [69632] [PID.1788]
[MD5.7F2691FD961C9A704DA221745CCE6295] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\realplayer\Update\realsched.exe [295512] [PID.1216]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.3612]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.1756]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Internet Download Manager\IEMonitor.exe [269848] [PID.1732]
[MD5.1FC71A719B45A6A90BAFE2387EA07984] - (.No owner - HSDPALauncher MFC Application.) -- C:\Program Files (x86)\HSPA USB Modem\HSPALauncher.exe [233472] [PID.3564]
[MD5.9112B74937BFF9A785B35EC15A9763E1] - (.Dritek System Inc. - Launch Manager Worker.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe [343632] [PID.5536]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.5960]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.2316]
[MD5.E98D0D64BD25EDCFD3AE0B90514099BA] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [233048] [PID.9924]
[MD5.70F963D1EC8FD27D8F21363C90A8EE38] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8210432] [PID.5484]
[MD5.4D282B9C5BB05DF92C9F3977DFB9F916] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400] [PID.1564]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1720]
[MD5.65AF41A7A2C5B6693E1B4164E7632C3E] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400] [PID.1744]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1768]
[MD5.8059EDFA9616E569E861E0F68DDF0C72] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840] [PID.1936]
[MD5.81669E35B7F87E03426A228290EB5776] - (.Dritek System Inc. - Dritek WMI Service.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe [355920] [PID.2024]
[MD5.A0BC34A5EF2328F147CE658CDF97C0C8] - (.Dritek System Inc. - Launch Manager utility process.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe [419408] [PID.1340]
[MD5.DBD76BC1D498FE368F2C8CB76C3E00A4] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560] [PID.2088]
[MD5.5234B7E926A04A870273A69FEC9EC7C0] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720] [PID.2120]
[MD5.F072E6D200F779218613D4F2B0E28F4C] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [856376] [PID.2228]
[MD5.1026870AC4844EBDE6A4DC849837F9A3] - (...) -- C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70952] [PID.2252]
[MD5.89525CC2DBAD44F7199B9CC188B3F9C5] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2384]
[MD5.79BC44FF509C79D4E34DED3CD6EFD92B] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe [72864] [PID.2548]
[MD5.7D4B9A48430ED57ACA6373B71D5904CA] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13592] [PID.6492]
[MD5.86E4CC39C953D11EF57CF54C4DC78238] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.6920]
[MD5.44407283382D82C64C9195DE686D4205] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1260320] [PID.4196]
[MD5.D80B1075B69B57A3AB78F750CE463ECE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.7860]
~ Processes Running: Scanned in 00mn 03s



---\\ Opera, Plugins,Start,Search (P1,B0,B1)
B0 - SPO: operaprefs.ini [USER] Home URL=http://www.searchnu.com/414?appid=148 =>Adware.Bandoo
B1 - OSP: search.ini [USER] URL=http://dts.search-results.com/sr?src=opb&gct=ds&appid=148&systemid=414&apn_uid=5402684455154156&apn_dtid=BND414&o=APN10649&apn_ptnrs=AGA&q=%s
B1 - OSP: search.ini [USER] URL=http://search.babylon.com =>PUP.Babylon
~ Opera Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ddjobbmbkpnhmiloopddfpnedcmhcdpg] Koyote New Tabs v.5.0.0.7308 (Désactivé)
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.4 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Googleآ Wallet v.0.0.6.1 (Activé)

---\\ Google Chrome Extension Folder

~ Google Lines Browser: 19 Legitimates Filtered in 00mn 03s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects (O2)
O2 - BHO: iToolsBHO [64Bits] - {E1499FE7-129D-4B6E-B681-DDF21E14172C} . (.iTools.hk - No Comment.) -- C:\ancien\med\Documents\iTools\Plugin\iToolsBHO.dll
~ BHO: 11 Legitimates Filtered in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Apps.lnk . (...) -- C:\Users\Public\Libraries\Apps.library-ms
O4 - GS\Desktop [Public]: Astroburn Lite.lnk . (.Disc Soft Ltd - Astroburn Lite.) -- C:\Program Files (x86)\Astroburn Lite\AstroburnLite.exe
O4 - GS\Desktop [Public]: CX4300_5500_DX4400 Manuel.lnk . (...) -- C:\Program Files (x86)\epson\TPMANUAL\CX4300_5500_DX4400\FRA\USE_G\INDEX.HTM
O4 - GS\Desktop [Public]: DivX Converter.lnk . (.DivX, Inc. - DivX Converter Application.) -- C:\Program Files (x86)\DivX\DivX Converter\Converter.exe
O4 - GS\Desktop [Public]: DivX Player.lnk . (.DivX, Inc - DivX Player.) -- C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe
O4 - GS\Desktop [Public]: EPSON File Manager.lnk . (.SEIKO EPSON CORPORATION - EPSON File Manager.) -- C:\Program Files (x86)\epson\Creativity Suite\File Manager\EFileManager.exe
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe
O4 - GS\Desktop [Public]: Free Video Flip and Rotate.lnk . (.DVDVideoSoft Ltd. - Free Video Flip Rotate.) -- C:\Program Files (x86)\DVDVideoSoft\Free Video Flip and Rotate\FreeVideoFlipAndRotate.exe
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Public]: iFunbox.lnk . (.i-Funbox.com - File & App Manager for iPhone/iPad.) -- C:\Program Files (x86)\i-Funbox DevTeam\iFunBox.exe
O4 - GS\Desktop [Public]: LayOut 2013.lnk . (.Trimble Navigation Limited - LayOut.) -- C:\Program Files (x86)\SketchUp\SketchUp 2013\LayOut\LayOut.exe
O4 - GS\Desktop [Public]: Moborobo.lnk . (...) -- C:\Program Files (x86)\Moborobo\Moborobo.exe
O4 - GS\Desktop [Public]: Moniteur de la technologie Intel® Turbo Boost 2.0.lnk . (...) -- C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe (.not file.)
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: Nedjma Easynet.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{06ADE2A0-E46A-4A84-A211-64CF50520185}\HSPA_USB_Modem.exe_FADBE0A880F048B39952B9B7FA338C97.exe
O4 - GS\Desktop [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O4 - GS\Desktop [Public]: PC Tools File Recover.lnk . (.PC Tools - PC Tools File Recover.) -- C:\Program Files (x86)\PC Tools\PC Tools File Recover\FileRecover.exe
O4 - GS\Desktop [Public]: SketchUp 2013.lnk . (.Trimble Navigation Limited - SketchUp Application.) -- C:\Program Files (x86)\SketchUp\SketchUp 2013\SketchUp.exe
O4 - GS\Desktop [Public]: SketchUp 8.lnk . (.Trimble Navigation Limited - SketchUp Application.) -- C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe
O4 - GS\Desktop [Public]: Start BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks StartLauncher.) -- C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
O4 - GS\Desktop [Public]: Style Builder 2013.lnk . (.Trimble Navigation Limited - Style Builder.) -- C:\Program Files (x86)\SketchUp\SketchUp 2013\Style Builder\Style Builder.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O4 - GS\QuickLaunch [USER]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\QuickLaunch [USER]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [USER]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [USER]: MobileTrans.lnk . (.Wondershare - Wondershare MobileTrans.) -- C:\Program Files (x86)\Wondershare\MobileTrans\MobileTrans.exe
O4 - GS\QuickLaunch [USER]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\QuickLaunch [USER]: Xilisoft Multiple Desktops.lnk . (.Xilisoft Corporation - Multi-desktop.) -- C:\Program Files (x86)\Xilisoft\Multiple Desktops\desktop.exe
O4 - GS\TaskBar [USER]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [USER]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [USER]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [USER]: Opera12.15 1748.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O4 - GS\Program [USER]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\Program [USER]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [USER]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [USER]: 3Planesoft Screensaver Manager.lnk . (...) -- C:\Program Files (x86)\3Planesoft Screensaver Manager\Configurator.exe
O4 - GS\Desktop [USER]: Data Recovery.lnk . (.Okoker - No Comment.) -- C:\Program Files (x86)\Okoker Data Recovery\Data Recovery.exe
O4 - GS\Desktop [USER]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\Desktop [USER]: iPhone PC Suite.lnk . (...) -- C:\Program Files (x86)\iPhone PC Suite\iPhone PC Suite.exe
O4 - GS\Desktop [USER]: PhotoScape.lnk . (...) -- C:\Program Files (x86)\PhotoScape\PhotoScape.exe
O4 - GS\Desktop [USER]: Product Key Explorer.lnk . (.Nsasoft LLC. - Product Key Explorer.) -- C:\Program Files (x86)\Nsasoft\ProductKeyExplorer\ProductKeyExplorer.exe
~ Global Startup: 111 Legitimates Filtered in 00mn 07s



---\\ Auto loading programs from Registry and folders (O4)
O4 - GS\Startup [Public]: Bluetooth.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe (.not file.)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelTBRunOnce] . (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [IntelWirelessWiMAX] . (.Intel® Corporation - Intel® PROSet/Wireless WiMAX Connection Uti.) -- C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Tray.) -- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
O4 - HKCU\..\Run: [3PlanesoftAnimatedWallpaper] Orphan key
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.exe =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [bf8feb67afc2238269222493247f1c23] C:\Users\USER\AppData\Local\Temp\Setup.exe (.not file.)
O4 - HKCU\..\Run: [EasyTether] . (.Mobile Stream - EasyTether Tray.) -- C:\Program Files\Mobile Stream\EasyTether\easytthr.exe
O4 - HKLM\..\Wow6432Node\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Wow6432Node\Run: [USB3MON] . (.Intel Corporation - Intel(R) USB 3.0 Monitor.) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Dolby Home Theater v4] . (.Dolby Laboratories Inc. - Dolby Profile Selector.) -- C:\Dolby PCEE4\pcee4.exe
O4 - HKLM\..\Wow6432Node\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [trioService] . (.No owner - trioService Module.) -- C:\Program Files (x86)\3D-Relax\Living Marine Aquarium 2.0 trial\trioService.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [DivX Free Codec] C:\Program Files (x86)\DivX Free Codec\Divx Free Update.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\realplayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [WSHelperSetup.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [NPSStartup] Orphan key
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [bf8feb67afc2238269222493247f1c23] C:\Users\USER\AppData\Local\Temp\Setup.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [HSPALauncher] . (.No owner - HSDPALauncher MFC Application.) -- C:\Program Files (x86)\HSPA USB Modem\HSPALauncher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [3PlanesoftAnimatedWallpaper] Orphan key
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [EPSON Stylus DX4400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.exe =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [bf8feb67afc2238269222493247f1c23] C:\Users\USER\AppData\Local\Temp\Setup.exe (.not file.)
O4 - HKUS\S-1-5-21-2607647800-3784605657-1752569633-1000\..\Run: [EasyTether] . (.Mobile Stream - EasyTether Tray.) -- C:\Program Files\Mobile Stream\EasyTether\easytthr.exe
~ Application: Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{056D20A0-C259-4A58-AF33-06AB2896549B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{2CA45A96-6304-477A-8B52-2C0B9422FD5E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{CC959F59-13AA-4546-8DC7-BC40ED92952B}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\..\{056D20A0-C259-4A58-AF33-06AB2896549B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2CA45A96-6304-477A-8B52-2C0B9422FD5E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{CC959F59-13AA-4546-8DC7-BC40ED92952B}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CS2\Services\Tcpip\..\{056D20A0-C259-4A58-AF33-06AB2896549B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2CA45A96-6304-477A-8B52-2C0B9422FD5E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{CC959F59-13AA-4546-8DC7-BC40ED92952B}: DhcpNameServer = 8.8.8.8 8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 311.) - C:\Windows\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Service de gestion de périphérique Red Bend Intel® PROSet/W (DMAgent) . (.Red Bend Ltd. - Red Bend Device Management Service for Inte.) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O23 - Service: Moborobo Device Service (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
~ Services: 27 Legitimates Filtered in 00mn 16s



---\\ Task Planned Automatically (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMS.job [198]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AutoKMSDaily.job [204]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ReclaimerUpdateFiles_USER.job [366]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ReclaimerUpdateXML_USER.job [362]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_USER.job [372]
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
[MD5.00000000000000000000000000000000] [APT] [AutoKMSDaily] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0] =>Trojan.Keygen
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{1B41E753-AC4D-4308-BD9E-D07702BE541C}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{20254EF3-7D25-4232-B3DA-B25D4BB7550F}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{26C631AB-30DB-4788-831B-DFDA3D5161CF}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{27F89EC3-CD6F-4ADB-91D7-6784E01747AB}] (...) -- C:\Extracted\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{29E6BDFD-D178-4C6C-9C7D-D20C5EC95E1D}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.F6A418B33B0EDD9F69BFF07E99D841C3] [APT] [{2DD6900F-4DCB-49F3-AD13-C994C4297929}] (.Wondershare Software Co.,Ltd..) -- C:\USERs\USER\Desktop\Downloads\Wondershare_Dr.Fone-iPhone_3GS.exe [43000190]
[MD5.00000000000000000000000000000000] [APT] [{2ECC1BEF-24FB-4CE8-80A1-F90B1806F9DD}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{374962B3-C482-49B2-94BF-8F3621EF303F}] (...) -- C:\USERs\USER\Desktop\favory.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{375462F1-5E8B-45CB-935F-4A1D082B7250}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{3BD420AF-65D8-4561-8F93-4E12A551355C}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{46481FBA-1EEF-4495-B58B-E0D380394BC6}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{473F7235-12A8-4FB9-8245-D8CB2EA9E695}] (...) -- C:\USERs\USER\Desktop\favory.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{488BB0C6-5C60-4EC2-A4A4-1FE8D3A29177}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{4B0E14C9-B46C-466E-AF77-5FD7D4128C66}] (...) -- C:\Extracted\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{6406C35F-FA40-408B-AC7E-3290F287EC53}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.0DC8D4536600575B38C39FB1C5AA6E39] [APT] [{6580A095-1478-416B-9636-55A863B9A6AD}] (...) -- C:\USERs\USER\Downloads\Compressed\w8x64\PP25 (iHm)\25PPInst.exe [108416]
[MD5.00000000000000000000000000000000] [APT] [{66199C90-F37A-4346-AB9D-FD5CF88EC33D}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{6BC79E50-2FE7-4B49-B5F3-D33A6BF869F5}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{77075D22-FD79-42E5-AC20-535A9A9B635D}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{82A6EF15-A335-4EA7-BDD9-48ED36042AB8}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{83361DA4-FFA5-4F5F-8316-136E56D6ADA5}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{86A9758D-1121-462E-BD3E-2E60724DE7CC}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{892A67D5-A831-4EE6-A5FF-2485E4389AD7}] (...) -- F:\QuranHafs2004\QuranHafs2003.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{8A471637-53AE-43CD-8888-CAC170432AA8}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{8A4E49A8-6A81-48AA-A789-D4D4B494720D}] (...) -- C:\Extracted\dynablaster\DYNA.exe [44032]
[MD5.7E22EFE51C910B39073AFFF097425935] [APT] [{9A3F637E-5D26-4CB1-B28E-0C65812A6DCE}] (...) -- C:\ancien\c\Downloads\Documents\e-shamela\_shamela.exe [23075]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{9CD00F2C-6638-42DE-BEC3-28CD28DFEC52}] (...) -- C:\Extracted\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{9CDDC03E-69D4-4B51-99DB-C0B7C4D91321}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{9EAD1E48-B0B4-4A41-9737-1929A3E1C135}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{A9F90057-20B0-49D2-BD46-A7427285E579}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{ABDE8BBA-74ED-42C0-A1DB-499B2376650C}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{C1DF258C-538B-4827-9E7F-8652CA8D4A34}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{C7A1A2D6-102A-4F66-A143-49E128C51157}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{D5884F31-AD74-444A-8858-4C3B82F42231}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{E0C11B74-EE77-4689-8C98-C97DB4A6EF73}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{E451828B-0762-4F47-B0F8-6EC521298010}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{E45DD76C-FD67-4C9A-AFA4-F4160B33D0B2}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{E568A423-E7F0-46D3-92A2-7E044124D92C}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EDBDA561-BD37-4DFA-B547-A25F1180907F}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{F19D199A-3D0D-4184-A986-192E0AB8AF30}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{F4DA522C-850C-4D02-94E3-575F06BADB67}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{F60F1D3F-35EA-40F0-9942-FB156AB19321}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.5BE4A6669D2B88E63D3B741D44475AE4] [APT] [{FA358A98-6A8F-45FF-BE8E-A91E4D996715}] (...) -- C:\USERs\USER\Desktop\dynablaster\DYNA.exe [44032]
[MD5.00000000000000000000000000000000] [APT] [{FCC8D0E2-8937-4DFD-A390-711F3D53449B}] (...) -- F:\DISK1\SETUP.exe (.not file.) [0]
~ Scheduled Task: 75 Legitimates Filtered in 00mn 13s



---\\ Software installed (O42)
O42 - Logiciel: Convert MP4 to MP3 - (.ConvertMP4toMP3.com.) [HKLM][64Bits] -- {5067397A-2935-4290-AE14-1BE2863B00A3}_is1
O42 - Logiciel: Living Marine Aquarium 2.0 Trial - (...) [HKLM][64Bits] -- {269E9C40-1198-4dc2-9872-31FB17E9583F}
O42 - Logiciel: Mobile Master Copy Station - (.Jumping Bytes.) [HKLM][64Bits] -- {34E61589-2C08-45FA-A904-4207D74A528B}
O42 - Logiciel: Mobile Master Copy Station 8.7.1 - (.Jumping Bytes.) [HKLM][64Bits] -- Mobile Master Copy Station
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion
~ Logic: 29 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN PIP]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\CeGe-Soft]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\MediaProLab]
[HKCU\Software\PCTools]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\bf8feb67afc2238269222493247f1c23]
[HKCU\Software\okoker]
[HKLM\Software\Wow6432Node\5fedadfe13abd41]
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\CeGe-Soft]
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\ND]
[HKLM\Software\Wow6432Node\PCTools]
[HKLM\Software\Wow6432Node\PIP]
[HKLM\Software\Wow6432Node\Volaro Updater] =>Trojan.Vonteera
[HKLM\Software\Wow6432Node\Vonteera] =>Trojan.Vonteera
~ Key Software: 439 Legitimates Filtered in 00mn 01s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 10/03/2013 - 21:54:46 - [78,077] ----D C:\Program Files (x86)\3D-Relax
O43 - CFD: 28/05/2013 - 21:01:47 - [23,092] ----D C:\Program Files (x86)\Convert MP4 to MP3
O43 - CFD: 28/05/2013 - 20:02:36 - [10,000] ----D C:\Program Files (x86)\Cool MPEG To MP3 Converter
O43 - CFD: 10/03/2013 - 19:50:16 - [37,399] ----D C:\Program Files (x86)\Coral Clock 3D Screensaver
O43 - CFD: 10/03/2013 - 19:49:38 - [37,098] ----D C:\Program Files (x86)\Earth 3D Screensaver
O43 - CFD: 13/10/2013 - 19:26:16 - [2,012] ----D C:\Program Files (x86)\EL MANNARA 01
O43 - CFD: 10/03/2013 - 19:48:36 - [42,557] ----D C:\Program Files (x86)\Faraway Planet 3D Screensaver
O43 - CFD: 10/03/2013 - 19:48:03 - [22,966] ----D C:\Program Files (x86)\Lake Tree 3D Screensaver
O43 - CFD: 15/06/2013 - 22:18:22 - [1,278] ----D C:\Program Files (x86)\Red Sky =>Adware.DownTango
O43 - CFD: 03/03/2013 - 21:32:26 - [45,389] ----D C:\Program Files (x86)\Springtime 3D Screensaver
O43 - CFD: 10/03/2013 - 19:47:11 - [40,780] ----D C:\Program Files (x86)\Summer Forest 3D Screensaver
O43 - CFD: 08/07/2013 - 00:40:03 - [0] ----D C:\Program Files (x86)\Virtual CD v10
O43 - CFD: 08/07/2013 - 11:59:56 - [0] ----D C:\Program Files (x86)\Volaro =>Trojan.Vonteera
O43 - CFD: 07/08/2013 - 20:30:45 - [0,002] ----D C:\Program Files (x86)\VonteeraAddon =>Trojan.Vonteera
O43 - CFD: 10/03/2013 - 19:49:09 - [63,342] ----D C:\Program Files (x86)\Wildflowers 3D Screensaver
O43 - CFD: 07/07/2013 - 21:48:57 - [30,888] ----D C:\Program Files (x86)\Common Files\Virtual CD v5_04
O43 - CFD: 28/05/2013 - 20:29:32 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 23/06/2013 - 21:28:22 - [0] ----D C:\ProgramData\Browser Manager
O43 - CFD: 10/06/2013 - 16:38:12 - [0] ----D C:\ProgramData\Mobile Master
O43 - CFD: 28/05/2013 - 20:29:32 - [0,019] ----D C:\Users\USER\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 10/06/2013 - 23:36:19 - [0,297] ----D C:\Users\USER\AppData\Roaming\Mobile Master
O43 - CFD: 11/06/2013 - 20:29:15 - [0] ----D C:\Users\USER\AppData\Local\cef_data
O43 - CFD: 10/06/2013 - 16:37:59 - [0,064] ----D C:\Users\USER\AppData\Local\Mobile Master
O43 - CFD: 10/03/2013 - 21:54:49 - [0] ----D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3D-Relax
~ Program Folder: 266 Legitimates Filtered in 00mn 54s



---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{1fc4f725-7c86-11e2-a417-8c3c62545e2d}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
O51 - MPSK:{3ad4a102-68d9-11e3-a9b0-be0a44d5ae73}\AutoRun\command. (...) -- G:\autorun.exe (.not file.)
O51 - MPSK:{3ad4a122-68d9-11e3-a9b0-a417313662e2}\AutoRun\command. (...) -- G:\autorun.exe (.not file.)
O51 - MPSK:{78e05ac9-7c85-11e2-a71f-806e6f6e6963}\AutoRun\command. (...) -- E:\DistinguishOS.exe (.not file.)
O51 - MPSK:{aa485713-7f8b-11e3-95a4-a417313662e2}\AutoRun\command. (...) -- G:\autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.3BC90482A834F998C3B7A9C934A20342] - 15/09/2011 - 09:48:24 ---A- . (.Windows (R) Win 7 DDK provider - Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual A.) -- C:\Windows\System32\Drivers\AmpPal.sys [299008]
O58 - SDL:[MD5.779F499D7791F65F6A5BA97C5D2627C8] - 29/08/2008 - 17:54:30 ---A- . (.Mobile Connector - USB/Serial Device Driver.) -- C:\Windows\System32\Drivers\cmusbser.sys [118144]
O58 - SDL:[MD5.49F756471E542200A2EAD0C523C875F9] - 11/03/2013 - 18:51:00 ---A- . (.Mobile Stream - EasyTether Network Driver.) -- C:\Windows\System32\Drivers\easytthr.sys [21704]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.4184D96ACC225C4EC3646D38F0B34C4B] - 17/01/2012 - 20:00:56 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [206632]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.62FB29642745DD290910BFD79537FCE0] - 09/07/2009 - 11:24:30 ---A- . (.H+H Software GmbH - H+H CDROM Helper 64-Bit Driver.) -- C:\Windows\System32\Drivers\HH10Help.sys [24088]
O58 - SDL:[MD5.929DF302F15BFE24AC66EF45D858C413] - 28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [175480]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.48D9D00C2E0E72C3D4F52772C80355F6] - 14/06/2010 - 09:32:54 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16448]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.F0FAF3FB9B138F8CAFB65ECFFE9F4AB6] - 17/06/2008 - 09:22:24 ---A- . (.H+H Software GmbH - Virtual CD - BusEnumerator 64-Bit Driver.) -- C:\Windows\System32\Drivers\vcd10bus.sys [40464]
O58 - SDL:[MD5.F0ECF990B3DE8842E948279AF31CC4E5] - 19/04/2011 - 08:53:32 ---A- . (.H+H Software GmbH - Virtual CD - XP/2003/Vista/Win7 Driver 64-Bit.) -- C:\Windows\System32\Drivers\vdrv1000.sys [223256]
O58 - SDL:[MD5.992BE8C20CA4FA92EB08104E798647F9] - 13/09/2013 - 14:52:24 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys [12072]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 25/10/2007 - 17:26:10 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]
O58 - SDL:[MD5.48D9D00C2E0E72C3D4F52772C80355F6] - 14/06/2010 - 09:32:54 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16448]
~ Drivers: 16 Legitimates Filtered in 00mn 06s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2414} [DefaultScope] - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
~ Keys: Scanned in 00mn 00s



---\\ Crack & Keygen Files (CKF) (O82)
C:\ancien\c\Downloads\Programmes & Archives\Windows.Genuine.Advantage.(WGA).v1.9.40.0.Cracked.V5.x64.rar =>.Crack,Keygen
C:\ancien\Downloads\ExcellenceSoft-Flash-Speed-200-v3-4-Cracked-ARN-[www.search-torrent.com](1).torrent =>.Crack,Keygen
C:\ancien\sgd\fshdisk\2\bbbbbb\QuickTime v6.5.2\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\2\bbbbbb\Telechargeur\GetRight 5.0.2\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\2\bbbbbb\Telechargeur\HiDownload 1.16\KeyGen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61 PowerPack\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Graphics\Eye[1].Candy.5.0.Nature\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Internet\World OnLine TV v4.0.3\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Internet\ZoneLabs IMsecure\keygen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Multimedia\MusicMatch Jukebox10.00.0180\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Multimedia\QuickTime v6.5.2\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Tools\PDFcamp Pro v2.1\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\multimedia\power dvd\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\protection\08\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\01\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\12\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\13\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\16\01\Crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\04\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\07\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\15\Crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\cd copy\IDVDMAX.v1.0\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\desktop\Boot.XP.v2.25.Win2KXP.REGGED\Keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\desktop\DesktopX.Professional.v2.20\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\desktop\Stardock CursorXP Plus 1.2\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Graphic\ACD Systems ACDSee v7.0.61 PowerPack\ACD Systems ACDSee v7.0.61 PowerPack\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Graphic\Eye[1].Candy.5.0.Nature\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Graphic\Photo.Album.v1.16.Incl.Keymaker-CAFE\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\internet\Offline Explorer Enterprise 3.2.1734\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\internet\ZoneLabs IMsecure\keygen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\DivX 5.1.1 Pro\KeyGen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\MusicMatch Jukebox10.00.0180\KeyGen\key.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\QuickTime v6.5.2\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\Zealot_All_Video_Sound_Extractor_v1.2.8\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Creative Suite Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe GoLive CS 7.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Illustrator CS 11.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Photoshop CS 8.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Version Cue 1.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\ROR Adobe Acrobat 6.0 Multi Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\ROR Adobe Acrobat 6.0 Pro Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\AutoShutdown_Pro_v4.5\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\TOOLS\A4Desk v2.5\crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\TOOLS\pcboost\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\TOOLS\SuperRam.v5.8.23.2004\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\CD.DVD.catalog.v2.1.2.0.Keygen.Only-BRD\cddvdc setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Longtion.AutoRunPro.Enterprise.v2.0.0.16.WinALL.Incl.Keygen-ViRiLiTY\ARPESetup20.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Longtion.AutoRunPro.Enterprise.v2.0.0.16.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Slide.Show.to.Go.v8.3.1.45.Incl.Keygen-HS\hsKeygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Slide.Show.to.Go.v8.3.1.45.Incl.Keygen-HS\sstgin.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Xilisoft.DVD.Audio.Ripper.v2.0.55.908.WinALL.Incl.Keygen-BRD\setup\x-dvd-audio-ripper.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\E-Paint.v2.0.17a.incl.Keygen.WinAll-LAXiTY\epnt20.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\E-Paint.v2.0.17a.incl.Keygen.WinAll-LAXiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\LitePhotos.v1.2.Incl.Keygen-SSG\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\LitePhotos.v1.2.Incl.Keygen-SSG\lp_setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\Saint.Paint.Studio.v10.10.WinAll.Cracked-HS\Crack\SaintPaint.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\Saint.Paint.Studio.v10.10.WinAll.Cracked-HS\SaintPaintInstaller.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Desktop\TrayIcon.Pro.v1.6.Build.203.WinAll.Cracked-cOnspiracy\tpsetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Acoustica.Beatcraft.v1.02.build.15.Incl.Keygen-UnderPl\beatcraft-1-b15.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Acoustica.Beatcraft.v1.02.build.15.Incl.Keygen-UnderPl\crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ALO.Audio.Center.v1.8.WinALL.Incl.Keygen-ViRiLiTY\acenter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ALO.Audio.Center.v1.8.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\AudioMulch.Interactive.Music.Studio.v0.9b21.incl.KeyGen-BEAT\am09b21.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\AudioMulch.Interactive.Music.Studio.v0.9b21.incl.KeyGen-BEAT\KeyGen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Aurora.Video.VCD.SVCD.DVD.Converter.And.Creator.v4.1.6.Win2kXP.Incl.Keygen-BRD\setup\AuroraVCD_SVCD_DVD_Creator.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Cool.MP3.Converter.v1.86.WinALL.Incl.Keymaker-CORE\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Ease.CD.Burner.v1.40.Incl.Keygen-UnderPl\cdburner.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Ease.CD.Burner.v1.40.Incl.Keygen-UnderPl\crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Express.Rip.Plus.v1.3.4.WinALL.Incl.Keygen-BLiZZARD\ripsetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.AVI.MPEG.Converter.v2.1.53.901b.WinALL.Incl.Keygen-BRD\setup\avi-mpeg-converter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.DVD.Audio.Ripper.v2.0.55.922.WinALL.Incl.Keygen-BRD\setup\dvd-audio-ripper.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.MP3.WAV.Converter.v2.1.41.918.WinALL.Incl.Keygen-BRD\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.MP3.WAV.Converter.v2.1.41.918.WinALL.Incl.Keygen-BRD\setup\mp3-wav-converter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.WMA.MP3.Converter.v2.1.41.922.WinALL.Incl.Keygen-BRD\setup\wma-mp3-converter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Kingdia.DVD.Ripper.Professional.v2.4.6.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Kingdia.DVD.Ripper.Professional.v2.4.6.WinALL.Incl.Keygen-ViRiLiTY\kingdiadvdrip.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\MOV.Converter.v1.4.6.WinALL.Incl.Keygen-BRD\allok_movconverter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\NewLive.AVI.To.VCD.SVCD.DVD.MPEG.Converter.Pro.v2.7.WinALL.Incl.Keygen-BRD\setup\AVIToDVDPro.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Speed.Video.Converter.v2.2.8.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Speed.Video.Converter.v2.2.8.WinALL.Incl.Keygen-ViRiLiTY\spdvc.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\TV-Player.v1.12.WinALL.Cracked-ViRiLiTY\cracked\tv-player.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\TV-Player.v1.12.WinALL.Cracked-ViRiLiTY\tv-player_1.12_setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\VideoMate.v11.6.WinALL.Incl.Keymaker-CORE\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Fonts & Tools\Font.Wrangler.v2.0m.incl.Keygen.WinAll-LAXiTY\FontWrangler.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Fonts & Tools\Font.Wrangler.v2.0m.incl.Keygen.WinAll-LAXiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Magic.Utilities.2005.v3.60.WinXP.Cracked-CTi\Crack\Crack\mgutil.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Magic.Utilities.2005.v3.60.WinXP.Cracked-CTi\Install\mgutil_360.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Arles.Image.Web.Page.Creator.v6.1.6.Cracked-F4CG\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Arles.Image.Web.Page.Creator.v6.1.7.Cracked-F4CG\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.CustomError.v3.0.for.IIS.Incl.Keygen-SSG\cesetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.URLSpellCheck.v2.0.for.IIS.Incl.Keygen-SSG\scsetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.ZipEnable.v3.0.for.IIS.Incl.Keygen-SSG\file_id.diz =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.ZipEnable.v3.0.for.IIS.Incl.Keygen-SSG\ssg.nfo =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.ZipEnable.v3.0.for.IIS.Incl.Keygen-SSG\zesetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Search.Engine.Builder.Professional.v2.17.WinAll.Incl.Keygen-ENFUSiA\SearchEngineBuilderPro.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Visual.Web.Spider.v3.7.Cracked-GRACO\VWebSpider.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Visual.Web.Spider.v3.7.Cracked-GRACO\vwssetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Web.Monitor.v2.2.WinALL.Incl.Keygen-BRD\setup\wm22setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Web.Padlock.v3.9.0.WinALL.Incl.Keygen-LUCiD\Web.PadLock.Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Web.Padlock.v3.9.0.WinALL.Incl.Keygen-LUCiD\wplarc.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webcam.Zone.Trigger.v1.52.Cracked-F4CG\crack\ZoneTrigger.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webcam.Zone.Trigger.v1.52.Cracked-F4CG\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\WebcamXP.Pro.v2.18.242.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\WebcamXP.Pro.v2.18.242.WinALL.Incl.Keygen-ViRiLiTY\wxp_2.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1.WinALL.Incl.Keygen.DIRFIX-BRD\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1.WinALL.Incl.Keygen.DIRFIX-BRD\setup\webkitplus.zip =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1WinALL.Incl.Keygen-BRD\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1WinALL.Incl.Keygen-BRD\setup\webkitplus.zip =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Willing.Webcam.v3.0.20050908.WinALL.Incl.Keygen-BLiZZARD\willingwebcam30.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Willing.Webcam.v3.0.20050919.WinALL.Incl.Keygen-BLiZZARD\willingwebcam30.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\RAR Password Cracker 4.12\Crack\rpc.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\RAR Password Cracker 4.12\RAR Password Cracker 4.12.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\Ultimate ZIP Cracker v7.1.1.2\Ultimate_Zip_Cracker.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\Ultimate ZIP Cracker v7.1.1.2\UZC.EXE =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Telechargeur\Download Druid 2.2\KeyGen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Telechargeur\GetRight 5.0.2\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Telechargeur\HiDownload 1.16\KeyGen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61 PowerPack\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Graphics\Eye[1].Candy.5.0.Nature\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Internet\World OnLine TV v4.0.3\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Internet\ZoneLabs IMsecure\keygen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Multimedia\MusicMatch Jukebox10.00.0180\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Multimedia\QuickTime v6.5.2\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Tools\PDFcamp Pro v2.1\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\7\intervideo\Intervideo.WinDVD.Platinum.5.x.keygen.rar =>.Crack,Keygen
C:\ancien\sgd\fshdisk\7\intervideo\WinDVD.Recorder.4.5.x.keygen.rar =>.Crack,Keygen
C:\ancien\sgd\sgd\ssssss\Documents and Settings\Administrateur.PC-43AA1F685418\Bureau\SmartMovie converted files\SkyNet For Edit By Nima_Sh v3.0----23-09-1385\Premium\rar\80.231.41.5_d0d70d58d8_3012_167118GoogleSketchUpPro_6.0.1099_Keygen.rar.rar =>.Crack,Keygen
C:\ancien\sgd\sgd\ssssss\SmartMovie converted files\SkyNet For Edit By Nima_Sh v3.0----23-09-1385\Premium\rar\RapidShare\82.129.35.57_a094012ed5_1327_195163MT6_Included_Keygen.rar.rar.seg =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\04\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\07\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\15\Crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\04\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\07\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\15\Crack\keygen.exe =>.Crack,Keygen
C:\Documents and Settings\USER\Downloads\Compressed\PhotoShop CS3 Extended Keygen Activation.rar =>.Crack,Keygen
C:\Users\USER\Downloads\Compressed\PhotoShop CS3 Extended Keygen Activation.rar =>.Crack,Keygen
C:\ancien\c\Downloads\Programmes & Archives\Windows.Genuine.Advantage.(WGA).v1.9.40.0.Cracked.V5.x64.rar =>.Crack,Keygen
C:\ancien\Downloads\ExcellenceSoft-Flash-Speed-200-v3-4-Cracked-ARN-[www.search-torrent.com](1).torrent =>.Crack,Keygen
C:\ancien\sgd\fshdisk\2\bbbbbb\QuickTime v6.5.2\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\2\bbbbbb\Telechargeur\GetRight 5.0.2\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\2\bbbbbb\Telechargeur\HiDownload 1.16\KeyGen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61 PowerPack\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Graphics\Eye[1].Candy.5.0.Nature\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Internet\World OnLine TV v4.0.3\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Internet\ZoneLabs IMsecure\keygen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Multimedia\MusicMatch Jukebox10.00.0180\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Multimedia\QuickTime v6.5.2\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\4\Util\Tools\PDFcamp Pro v2.1\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\multimedia\power dvd\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\protection\08\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\01\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\12\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\13\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\special\16\01\Crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\04\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\07\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\5\manar\al mannara\utilitaire\15\Crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\cd copy\IDVDMAX.v1.0\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\desktop\Boot.XP.v2.25.Win2KXP.REGGED\Keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\desktop\DesktopX.Professional.v2.20\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\desktop\Stardock CursorXP Plus 1.2\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Graphic\ACD Systems ACDSee v7.0.61 PowerPack\ACD Systems ACDSee v7.0.61 PowerPack\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Graphic\Eye[1].Candy.5.0.Nature\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Graphic\Photo.Album.v1.16.Incl.Keymaker-CAFE\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\internet\Offline Explorer Enterprise 3.2.1734\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\internet\ZoneLabs IMsecure\keygen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\DivX 5.1.1 Pro\KeyGen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\MusicMatch Jukebox10.00.0180\KeyGen\key.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\QuickTime v6.5.2\KeyGen\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Multimedia\Zealot_All_Video_Sound_Extractor_v1.2.8\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Creative Suite Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe GoLive CS 7.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Illustrator CS 11.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Photoshop CS 8.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\AGAiN Adobe Version Cue 1.0 Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\ROR Adobe Acrobat 6.0 Multi Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\Adobe 7in1 CS KeyGens\ROR Adobe Acrobat 6.0 Pro Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\Special\AutoShutdown_Pro_v4.5\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\TOOLS\A4Desk v2.5\crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\TOOLS\pcboost\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 10\magician 10\TOOLS\SuperRam.v5.8.23.2004\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\CD.DVD.catalog.v2.1.2.0.Keygen.Only-BRD\cddvdc setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Longtion.AutoRunPro.Enterprise.v2.0.0.16.WinALL.Incl.Keygen-ViRiLiTY\ARPESetup20.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Longtion.AutoRunPro.Enterprise.v2.0.0.16.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Slide.Show.to.Go.v8.3.1.45.Incl.Keygen-HS\hsKeygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Slide.Show.to.Go.v8.3.1.45.Incl.Keygen-HS\sstgin.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\CD-DVD\Xilisoft.DVD.Audio.Ripper.v2.0.55.908.WinALL.Incl.Keygen-BRD\setup\x-dvd-audio-ripper.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\E-Paint.v2.0.17a.incl.Keygen.WinAll-LAXiTY\epnt20.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\E-Paint.v2.0.17a.incl.Keygen.WinAll-LAXiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\LitePhotos.v1.2.Incl.Keygen-SSG\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\LitePhotos.v1.2.Incl.Keygen-SSG\lp_setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\Saint.Paint.Studio.v10.10.WinAll.Cracked-HS\Crack\SaintPaint.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Design & Graphics\Saint.Paint.Studio.v10.10.WinAll.Cracked-HS\SaintPaintInstaller.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Desktop\TrayIcon.Pro.v1.6.Build.203.WinAll.Cracked-cOnspiracy\tpsetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Acoustica.Beatcraft.v1.02.build.15.Incl.Keygen-UnderPl\beatcraft-1-b15.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Acoustica.Beatcraft.v1.02.build.15.Incl.Keygen-UnderPl\crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ALO.Audio.Center.v1.8.WinALL.Incl.Keygen-ViRiLiTY\acenter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ALO.Audio.Center.v1.8.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\AudioMulch.Interactive.Music.Studio.v0.9b21.incl.KeyGen-BEAT\am09b21.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\AudioMulch.Interactive.Music.Studio.v0.9b21.incl.KeyGen-BEAT\KeyGen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Aurora.Video.VCD.SVCD.DVD.Converter.And.Creator.v4.1.6.Win2kXP.Incl.Keygen-BRD\setup\AuroraVCD_SVCD_DVD_Creator.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Cool.MP3.Converter.v1.86.WinALL.Incl.Keymaker-CORE\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Ease.CD.Burner.v1.40.Incl.Keygen-UnderPl\cdburner.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Ease.CD.Burner.v1.40.Incl.Keygen-UnderPl\crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Express.Rip.Plus.v1.3.4.WinALL.Incl.Keygen-BLiZZARD\ripsetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.AVI.MPEG.Converter.v2.1.53.901b.WinALL.Incl.Keygen-BRD\setup\avi-mpeg-converter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.DVD.Audio.Ripper.v2.0.55.922.WinALL.Incl.Keygen-BRD\setup\dvd-audio-ripper.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.MP3.WAV.Converter.v2.1.41.918.WinALL.Incl.Keygen-BRD\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.MP3.WAV.Converter.v2.1.41.918.WinALL.Incl.Keygen-BRD\setup\mp3-wav-converter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\ImTOO.WMA.MP3.Converter.v2.1.41.922.WinALL.Incl.Keygen-BRD\setup\wma-mp3-converter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Kingdia.DVD.Ripper.Professional.v2.4.6.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Kingdia.DVD.Ripper.Professional.v2.4.6.WinALL.Incl.Keygen-ViRiLiTY\kingdiadvdrip.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\MOV.Converter.v1.4.6.WinALL.Incl.Keygen-BRD\allok_movconverter.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\NewLive.AVI.To.VCD.SVCD.DVD.MPEG.Converter.Pro.v2.7.WinALL.Incl.Keygen-BRD\setup\AVIToDVDPro.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Speed.Video.Converter.v2.2.8.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\Speed.Video.Converter.v2.2.8.WinALL.Incl.Keygen-ViRiLiTY\spdvc.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\TV-Player.v1.12.WinALL.Cracked-ViRiLiTY\cracked\tv-player.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\TV-Player.v1.12.WinALL.Cracked-ViRiLiTY\tv-player_1.12_setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Multimedia\VideoMate.v11.6.WinALL.Incl.Keymaker-CORE\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Fonts & Tools\Font.Wrangler.v2.0m.incl.Keygen.WinAll-LAXiTY\FontWrangler.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Fonts & Tools\Font.Wrangler.v2.0m.incl.Keygen.WinAll-LAXiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Magic.Utilities.2005.v3.60.WinXP.Cracked-CTi\Crack\Crack\mgutil.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Tools & Utilities\Magic.Utilities.2005.v3.60.WinXP.Cracked-CTi\Install\mgutil_360.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Arles.Image.Web.Page.Creator.v6.1.6.Cracked-F4CG\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Arles.Image.Web.Page.Creator.v6.1.7.Cracked-F4CG\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.CustomError.v3.0.for.IIS.Incl.Keygen-SSG\cesetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.URLSpellCheck.v2.0.for.IIS.Incl.Keygen-SSG\scsetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.ZipEnable.v3.0.for.IIS.Incl.Keygen-SSG\file_id.diz =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.ZipEnable.v3.0.for.IIS.Incl.Keygen-SSG\ssg.nfo =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Port80.Software.ZipEnable.v3.0.for.IIS.Incl.Keygen-SSG\zesetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Search.Engine.Builder.Professional.v2.17.WinAll.Incl.Keygen-ENFUSiA\SearchEngineBuilderPro.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Visual.Web.Spider.v3.7.Cracked-GRACO\VWebSpider.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Visual.Web.Spider.v3.7.Cracked-GRACO\vwssetup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Web.Monitor.v2.2.WinALL.Incl.Keygen-BRD\setup\wm22setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Web.Padlock.v3.9.0.WinALL.Incl.Keygen-LUCiD\Web.PadLock.Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Web.Padlock.v3.9.0.WinALL.Incl.Keygen-LUCiD\wplarc.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webcam.Zone.Trigger.v1.52.Cracked-F4CG\crack\ZoneTrigger.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webcam.Zone.Trigger.v1.52.Cracked-F4CG\setup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\WebcamXP.Pro.v2.18.242.WinALL.Incl.Keygen-ViRiLiTY\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\WebcamXP.Pro.v2.18.242.WinALL.Incl.Keygen-ViRiLiTY\wxp_2.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1.WinALL.Incl.Keygen.DIRFIX-BRD\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1.WinALL.Incl.Keygen.DIRFIX-BRD\setup\webkitplus.zip =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1WinALL.Incl.Keygen-BRD\keygen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Webkit.Plus.v1.1WinALL.Incl.Keygen-BRD\setup\webkitplus.zip =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Willing.Webcam.v3.0.20050908.WinALL.Incl.Keygen-BLiZZARD\willingwebcam30.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\beeck 7\Web\Willing.Webcam.v3.0.20050919.WinALL.Incl.Keygen-BLiZZARD\willingwebcam30.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\RAR Password Cracker 4.12\Crack\rpc.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\RAR Password Cracker 4.12\RAR Password Cracker 4.12.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\Ultimate ZIP Cracker v7.1.1.2\Ultimate_Zip_Cracker.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Pass, Keys & Serials\Ultimate ZIP Cracker v7.1.1.2\UZC.EXE =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Telechargeur\Download Druid 2.2\KeyGen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Telechargeur\GetRight 5.0.2\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\uti 84\Telechargeur\HiDownload 1.16\KeyGen\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Graphics\Acd System\ACD Systems ACDSee v7.0.61 PowerPack\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Graphics\Eye[1].Candy.5.0.Nature\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Internet\World OnLine TV v4.0.3\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Internet\ZoneLabs IMsecure\keygen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Multimedia\MusicMatch Jukebox10.00.0180\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Multimedia\QuickTime v6.5.2\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\6\Util\Tools\PDFcamp Pro v2.1\KeyGen\GalaxyGroup.exe =>.Crack,Keygen
C:\ancien\sgd\fshdisk\7\intervideo\Intervideo.WinDVD.Platinum.5.x.keygen.rar =>.Crack,Keygen
C:\ancien\sgd\fshdisk\7\intervideo\WinDVD.Recorder.4.5.x.keygen.rar =>.Crack,Keygen
C:\ancien\sgd\sgd\ssssss\Documents and Settings\Administrateur.PC-43AA1F685418\Bureau\SmartMovie converted files\SkyNet For Edit By Nima_Sh v3.0----23-09-1385\Premium\rar\80.231.41.5_d0d70d58d8_3012_167118GoogleSketchUpPro_6.0.1099_Keygen.rar.rar =>.Crack,Keygen
C:\ancien\sgd\sgd\ssssss\SmartMovie converted files\SkyNet For Edit By Nima_Sh v3.0----23-09-1385\Premium\rar\RapidShare\82.129.35.57_a094012ed5_1327_195163MT6_Included_Keygen.rar.rar.seg =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\04\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\07\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\sgd\utilitaire\15\Crack\keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\04\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\07\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\11\Crack\Keygen.exe =>.Crack,Keygen
C:\ancien\sgd\utilitaire\15\Crack\keygen.exe =>.Crack,Keygen
C:\Documents and Settings\USER\Downloads\Compressed\PhotoShop CS3 Extended Keygen Activation.rar =>.Crack,Keygen
C:\Users\USER\Downloads\Compressed\PhotoShop CS3 Extended Keygen Activation.rar =>.Crack,Keygen
~ Files: Scanned in 03mn 03s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.86A1311D51C00B278CB7F27796EA442E] [SPRF][23/10/2013] (.Genry - ISTask for Inno Setup.) -- C:\ProgramData\ISTask.dll [67584]
~ Files: 7 Legitimates Filtered in 00mn 02s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{F95E9AB2-3DAB-4ACF-B41C-7EAA8E91F6D0}" | In - Public - P6 - TRUE | .(.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Sof.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O87 - FAEL: "{0F4464DB-7480-4DB5-B63A-FD05BF39CED5}" | In - Public - P17 - TRUE | .(.Red Bend Ltd. - Red Bend Device Management Service for Intel(R) PROSet/Wireless WiMAX Sof.) -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
O87 - FAEL: "TCP Query User{C2AF7EBB-5079-4684-AC4A-D9663A05F36D}C:\windows\kmsemulator.exe" |In - Private - P6 - TRUE | .(...) -- C:\windows\kmsemulator.exe (.not file.)
O87 - FAEL: "UDP Query User{FB51DD9A-8781-4C76-B1E4-EA60E1F32918}C:\windows\kmsemulator.exe" |In - Private - P17 - TRUE | .(...) -- C:\windows\kmsemulator.exe (.not file.)
O87 - FAEL: "TCP Query User{24C04DF0-F5D8-4269-86F4-2E9B8E96DE9E}C:\users\user\appdata\local\temp\rarsfx0\hl.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\user\appdata\local\temp\rarsfx0\hl.exe (.not file.)
O87 - FAEL: "UDP Query User{EBF09925-627D-4B7C-B72B-FFF0C9AB525D}C:\users\user\appdata\local\temp\rarsfx0\hl.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\user\appdata\local\temp\rarsfx0\hl.exe (.not file.)
O87 - FAEL: "{9CB464AE-D68D-4D61-B421-FBC165C51713}" | In - Private - P6 - TRUE | .(.Moborobo Inc. - Moborobo.) -- C:\Program Files (x86)\Moborobo\Moborobo PC Suite.exe
O87 - FAEL: "{2468EECE-1E2D-4532-B8AA-BF6874AAF038}" | In - Private - P17 - TRUE | .(.Moborobo Inc. - Moborobo.) -- C:\Program Files (x86)\Moborobo\Moborobo PC Suite.exe
~ Firewall: 247 Legitimates Filtered in 00mn 02s



---\\ Product Upgrade Codes (PUC) (O90)
O90 - PUC: "4A3091C063F843F4CA075A59DA5BF173" . (.EasyTether.) -- C:\Windows\Installer\{0C1903A4-8F36-4F34-AC70-A595ADB51F37}\easytether.ico
O90 - PUC: "7A6AD54FC7DAA9849B2ECCCF074AA6A2" . (.EasyTether ADB USB driver.) -- C:\Windows\Installer\{F45DA6A7-AD7C-489A-B9E2-CCFC70A46A2A}\easytether.ico
~ Update Products: 94 Legitimates Filtered in 00mn 00s



---\\ Random Export Key (REK) (O91)
[HKCU\Software\bf8feb67afc2238269222493247f1c23]:US="@"
[HKLM\Software\Wow6432Node\5fedadfe13abd41] => Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s



---\\ Windows Installer Scan (WIS) (O93) (NTFS)
[MD5.D998478611E45069E8A798032EE03F3A] [WIS][11/03/2013] (.Mobile Stream - EasyTether host software for Windows.) -- C:\Windows\Installer\3b713b7.msi [1011712]
[MD5.080E144FAC54455DC18B8C946A40BA22] [WIS][11/03/2013] (.Mobile Stream - Android Debug Bridge USB driver.) -- C:\Windows\Installer\3b713bd.msi [3801088]
[MD5.300E491EA18C67C49A6135B3B143F9B8] [WIS][10/06/2013] (.Jumping Bytes - Mobile Master Copy Station.) -- C:\Windows\Installer\fc7814.msi [946688]
~ WIS: 96 Legitimates Filtered in 00mn 15s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\bi_client_RASAPI32 =>Adware.MegaSearch
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASAPI32 =>Adware.OpenCandy
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LatestDLMgr_RASMANCS =>Adware.OpenCandy
~ BTK: 219 Legitimates Filtered in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 09/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 08/11/2013 397128 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
SS - | Demand 20/02/2012 276248 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 26/11/2013 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 08/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Demand 30/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/04/2012 158856 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 29/11/2010 149504 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe

SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 14/03/2014 440400 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 14/03/2014 440400 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 20/02/2012 106144 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 08/11/2013 384840 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 10/02/2012 945440 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 30/11/2011 514048 | (DMAgent) . (.Red Bend Ltd..) - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
SR - | Auto 02/03/2012 355920 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Auto 11/01/2007 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe
SR - | Auto 29/11/2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 02/02/2012 628448 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 08/02/2012 161560 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 08/02/2012 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 07/02/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SR - | Auto 07/02/2014 856376 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SR - | Auto 13/09/2013 70952 | (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
SR - | Auto 10/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 11/01/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 06/03/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 08/02/2012 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 30/11/2011 979456 | (WiMAXAppSrv) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/02/2012 72864 | (ZAtheros Wlan Agent) . (.Atheros.) - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe

~ Services: Scanned in 00mn 08s



---\\ Search Master Boot Record Infection (MBR)(O80)
Run by USER at 11/04/2014 20:51:26
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by USER at 11/04/2014 20:51:28

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13044 - (11/04/2014)
Clés trouvées (Keys found) : 24
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 5

[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}] =>Adware.Bandoo
[HKCU\Software\APN PIP] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\PIP] =>Toolbar.Ask
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\VONTEERA.DLL] =>Trojan.Vonteera
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\KoyoteSRTB] =>Toolbar.CoyoteSoft
[HKCU\Software\BI] =>Adware.MegaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{EF99BD32-C1FB-11D2-892F-0090271D4F88} =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{EF99BD32-C1FB-11D2-892F-0090271D4F88} =>Toolbar.Yahoo
C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Program Files (x86)\Red Sky =>Adware.DownTango^
C:\Program Files (x86)\Volaro =>Trojan.Vonteera^
C:\Program Files (x86)\VonteeraAddon =>Trojan.Vonteera^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\Users\USER\AppData\Roaming\Babylon =>PUP.Babylon^
C:\ProgramData\Browser Manager =>PUP.Babylon
C:\Users\USER\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr^
[HKLM\Software\Wow6432Node\Volaro Updater] =>Trojan.Vonteera^
[HKLM\Software\Wow6432Node\Vonteera] =>Trojan.Vonteera^
~ Additionnel Scan: 379081 Items scanned in 00mn 26s



---\\ Summary of the detections found on your workstation
http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
http://nicolascoolman.webs.com/apps/blog/show/31951367-trojan-vonteera =>Trojan.Vonteera
http://nicolascoolman.webs.com/apps/blog/show/27659036-adware-downtango =>Adware.DownTango
http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ MSI: 13 link(s) detected in 00mn 00s



~ 1398 Legitimates filtered by white list
End of the scan (1021 lines in 06mn 25s)(284)

Publicité


Signaler le contenu de ce document

Publicité