cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2015.3.5.26 - Nicolas Coolman (01/03/2015)
~ Launched by Idir (05/03/2015 16:21:38)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : http://forum.nicolascoolman.fr
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control :


---\\ Internet browsers
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 35.0.1 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
~ Windows Partial Key : P4K27
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Ultimate, 32-bit (Build 7600)

---\\ System protection software
Avast Free Antivirus v10.0.2208
Windows Defender W7 (Activate)

---\\ System optimization software

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 16 NPAPI
Adobe Reader 9.3 - Français

---\\ Information on the system
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2940 MB (35% free)
System Restore: Activé (Enable)
System drive C: has 11 GB (9%) free of 116 GB

---\\ Connection to the system mode
~ Computer Name: IDIR-PC
~ User Name: Idir
~ All Users Names: IUSR_SC_COMMBRIDGE, Idir, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\Idir\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Idir\AppData\Roaming\
~ %Desktop% : C:\Users\Idir\Desktop\
~ %Favorites% : C:\Users\Idir\Favorites\
~ %LocalAppData% : C:\Users\Idir\AppData\Local\
~ %StartMenu% : C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 11 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 29 Go of 115 Go)
E: CD-ROM drive (Not Inserted)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Scanned in 00mn 00s



---\\ Search Generic System Files
[MD5.15BC38A7492BEFE831966ADB477CF76F] - (.Microsoft Corporation - Explorateur Windows.) (.14/07/2009 - 01:14:20.) -- C:\Windows\Explorer.exe [2613248]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.6A25377A76479A0C0BF3DB6FC42FE09A] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/07/2013 - 06:56:55.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.8EC6A4AB12B8F3759E21F8E3A388F2CF] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 01:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 23:12:38.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 23:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 23:14:17.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 23:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.F4A054BE78AF7F410129C4B64B07DC9B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.13/07/2009 - 23:14:26.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 23:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 - 01:20:44.) -- C:\Windows\system32\Drivers\ntfs.sys [1210432]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/07/2009 - 00:02:58.) -- C:\Windows\system32\Drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 23:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/07/2009 - 01:19:10.) -- C:\Windows\system32\Drivers\volsnap.sys [245328]
~ Generic Processes: Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/130
~ Mes musiques (My Musics) : 1/17
~ Mes Videos (My Videos) : 1/34
~ Mes Favoris (My Favorites) : 1/73
~ Mes Documents (My Documents) : 2/3482
~ Mon Bureau (My Desktop) : 7/20643
~ Menu demarrer (Programs) : 1/74
~ Hidden Files: Scanned in 00mn 19s



---\\ Process running
[MD5.44ADDA5FB88EE14F57A246285775AC2F] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastui.exe [5227112] [PID.692]
[MD5.C8A0145CA371A09BB46136FD722C8549] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [238160] [PID.1532]
[MD5.49C3D6CE420DB49E6443B43894C15501] - (...) -- C:\Program Files\Mobiconnect\CancelAutoPlay_byt.exe [431872] [PID.2136]
[MD5.CAA469AD17BA10AB08EE344488884CBC] - (...) -- C:\Program Files\Mobiconnect\UIexec.exe [157440] [PID.2156]
[MD5.27044650FA30414BEC7F9BEB7F937386] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [172064] [PID.2860]
[MD5.313C8854EBDAFA0DDA8AD4757BD0E5DC] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [173600] [PID.2916]
[MD5.D192592FD0A99D9F360906D3F6DFBFF1] - (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928] [PID.3132]
[MD5.A9BF6E5F3A667DA088A6268EBC53DB63] - (...) -- C:\Program Files\Mobogenie3\MoboGenieHelper.exe [105152] [PID.3204] =>PUP.Mobogenie
[MD5.138F81DFC54DF8A00BDC35B6151FBE9D] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3890768] [PID.3252]
[MD5.2BAD84B393AF47006D80BA2F03B18029] - (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [213936] [PID.3272]
[MD5.B9C5AF197509DBF7B65465BEE9F39145] - (.OrdinarySoft - StartMenuX.) -- C:\Program Files\Start Menu X\StartMenuX.exe [5295936] [PID.3308]
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.2072]
[MD5.BFC4B5E19FCD0CD7AFB6E351A285D566] - (.Code Systems Corporation - Spoon.net Sandbox Manager.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\Spoon-Sandbox.exe [5999232] [PID.2076]
[MD5.6063DE2482CAC86666D405A2243DB8BA] - (...) -- C:\Program Files\Mobiconnect\UIMain.exe [1630464] [PID.2420]
[MD5.C0E392910782C2BB9A28C8538CC1E1A1] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240] [PID.2244]
[MD5.14B92A751E12D4135845DB62703F7F36] - (.TeXnicCenter.org (www.TeXnicCenter.org) - TeXnicCenter.) -- C:\Program Files\TeXnicCenter\TEXCNTR.exe [2088706] [PID.3792]
[MD5.265B49EF94A5AA713192EE97A7D248B5] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [338032] [PID.4400]
[MD5.DA4DC30FBF192705094D65F4FE940838] - (...) -- C:\Program Files\FreeArc\bin\FreeArc.exe [4511232] [PID.6372]
[MD5.72E7A13372047CA67AB84FAF2F49EF06] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [243312] [PID.1564]
[MD5.4E8288547D53DB9555067DE7FDCCB127] - (.Adobe Systems, Inc. - Adobe Flash Player 16.0 r0.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe [1880752] [PID.7604]
[MD5.46508EF4F1F93315326DF97A972F1E42] - (.mobogenie.com - downloader.) -- C:\Program Files\Mobogenie3\mobogenieP2sp.exe [519872] [PID.7020] =>PUP.Mobogenie
[MD5.F0CE586AEAF318BDDD443651A2E672E7] - (.Microsoft Corporation - Accessibilité au Clavier visuel.) -- C:\Windows\System32\osk.exe [646144] [PID.7304]
[MD5.7A49383413BB5067CDD85E504A9094F4] - (...) -- C:\Program Files\Mobiconnect\CMUpdater.exe [732928] [PID.1372]
[MD5.16C47D2FA1656FB2FCA25C59FE1BD0EE] - (.Science Accessibility Net - InftyReader.) -- C:\Program Files\sAccessNet\InftyReader\bin\InftyReader.exe [430080] [PID.7740]
[MD5.C528536BF4E4C14C2E3171900E588443] - (.Adobe Systems Incorporated - Adobe Reader 9.3.) -- C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe [349616] [PID.4108]
[MD5.35F8A4C2ED66BDDC29C961419DEF147D] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8184320] [PID.4992]
~ Processes Running: Scanned in 00mn 02s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\Idir\AppData\Roaming\Mozilla\Firefox\Profiles\d9e0e8ul.default\prefs.js (.not file.)
C:\Users\Idir\AppData\Roaming\Mozilla\Firefox\Profiles\efo35b2t.default-1417095408250\prefs.js
C:\Users\Idir\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js (.not file.)
C:\Users\Idir\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
M3 - MFPP: Plugins - [Idir] -- C:\Users\Idir\AppData\Roaming\Mozilla\Firefox\Profiles\efo35b2t.default-1417095408250\searchplugins\holy-quran-search.xml
M3 - MFPP: Plugins - [Idir] -- C:\Users\Idir\AppData\Roaming\Mozilla\Firefox\Profiles\efo35b2t.default-1417095408250\searchplugins\recherche-de-vidos-youtube.xml
M3 - MFPP: Plugins - [Idir] -- C:\Users\Idir\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\safeguard-secure-search.xml
M0 - MFSP: prefs.js [Idir - efo35b2t.default-1417095408250] http://www.houseofquran.com
M2 - MFEP: Extension [Idir - d9e0e8ul.default] {37fa1426-b82d-11db-8314-0800200c9a66}.xpi
M2 - MFEP: Extension [Idir - d9e0e8ul.default] {5C655500-E712-41e7-9349-CE462F844B19}.xpi
M2 - MFEP: Extension [Idir - d9e0e8ul.default] {BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi
M2 - MFEP: Extension [Idir - d9e0e8ul.default] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: prefs.js [Idir - efo35b2t.default-1417095408250\fasttrans@kemot] [] Fast Translation v1.10.2 (..)
M2 - MFEP: prefs.js [Idir - efo35b2t.default-1417095408250\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}] [] iMacros for Firefox v8.8.9 (..)
M2 - MFEP: prefs.js [Idir - efo35b2t.default-1417095408250\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}] [] FireFTP v2.0.22 (..)
M2 - MFEP: Extension [Idir - efo35b2t.default-1417095408250] {37fa1426-b82d-11db-8314-0800200c9a66}.xpi
M2 - MFEP: Extension [Idir - efo35b2t.default-1417095408250] {5C655500-E712-41e7-9349-CE462F844B19}.xpi
M2 - MFEP: Extension [Idir - efo35b2t.default-1417095408250] {BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi
M2 - MFEP: Extension [Idir - efo35b2t.default-1417095408250] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
M2 - MFEP: Extension [Idir - extensions] {37fa1426-b82d-11db-8314-0800200c9a66}.xpi
M2 - MFEP: Extension [Idir - extensions] {5C655500-E712-41e7-9349-CE462F844B19}.xpi
M2 - MFEP: Extension [Idir - extensions] {BD4B37E6-7AE7-48d7-A2D7-6FF5775924AB}.xpi
M2 - MFEP: Extension [Idir - extensions] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (.LizardTech - DjVu Plug-In(external version 6.1.1.1574).) -- C:\Program Files\Mozilla Firefox\Plugins\npdjvu.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf] - (.Foxit Corporation - Foxit PhantomPDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=11.31.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=11.31.2] - (.Oracle Corporation - Next Generation Java Plug-in 11.31.2 for Mozilla browsers.) -- C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (...) -- C:\Program Files\MICROS~3\Office14\NPAUTHZ.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (...) -- C:\Program Files\MICROS~3\Office14\NPSPWRAP.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=16.4.3528.0331] - (...) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (.not file.)
P2 - FPN: [HKLM] [@spoon.net/Spoon Plugin 3.33] - (...) -- C:\Program Files\Spoon\3.33.8.445\npMozillaSpoonPlugin.dll (.not file.)
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.0] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.1.3] - (.VideoLAN - VLC media player Web Plugin 2.1.3.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll =>.VideoLAN
P2 - FPN: [HKLM] [yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1] - (.Yahoo! Inc. - Yahoo! activeX Plug-in Bridge.) -- C:\Program Files\Yahoo!\Common\npyaxmpb.dll
P2 - FPN: [HKCU] [@spoon.net/Spoon Plugin 3.33] - (.Code Systems Corporation - Spoon Plugin 3.33.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\npMozillaSpoonPlugin.dll
P2 - FPN: [HKCU] [@unity3d.com/UnityPlayer,version=1.0] - (.Unity Technologies ApS - Unity Player 4.5.5f1.) -- C:\Users\Idir\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
~ Firefox Browser: 38 Scanned in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} . (.Unity Technologies ApS - Unity Player 4.5.5f1.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Unity Technologies ApS - Unity Player 4.5.5f1.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ IE Browser: 14 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (24)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects (O2)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: TUbeItAdBllockAp - {23368BDF-8C2E-F7AD-8833-67E079DD668C} . (...) -- C:\ProgramData\TUbeItAdBllockAp\3b1A.dll (.not file.) =>PUP.TubeItAdBlock
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphan key
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Hotspot Shield - {c95a4e8e-816d-4655-8c79-d736da1adb6d} Orphan key
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll
~ BHO: 18 Scanned in 00mn 00s



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: SYSTRAN Toolbar - [HKLM]{95daa571-4def-4a6d-97d8-98a346672a24} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O3 - Toolbar: (no name) - [HKLM]{c95a4e8e-816d-4655-8c79-d736da1adb6d} Orphan key
~ Toolbar: Scanned in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) -- C:\Program Files\Mobogenie3\Mobogenie.exe =>PUP.Mobogenie
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O4 - GS\QuickLaunch [Idir]: Launch Internet Explorer Browser.lnk . (...) -- C:\Program Files\Internet Explorer\IEXPLORE.exe (.not file.)
O4 - GS\QuickLaunch [Idir]: Mobogenie3.lnk . (.Mobogenie.com - Mobogenie.exe.) -- C:\Program Files\Mobogenie3\Mobogenie.exe =>PUP.Mobogenie
O4 - GS\TaskBar [Idir]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://isearch.omiga-plus.com =>Hijacker.OmigaPlus
O4 - GS\Program [Idir]: Internet Explorer.lnk . (...) -- C:\Program Files\Internet Explorer\IEXPLORE.exe (.not file.)
O4 - GS\SystemTools [Idir]: Internet Explorer (No Add-ons).lnk . (...) -- C:\Program Files\Internet Explorer\IEXPLORE.exe (.not file.)
~ Global Startup: 7 Scanned in 00mn 07s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Run: [CancelAutoPlay_byt] . (...) -- C:\Program Files\Mobiconnect\CancelAutoPlay_byt.exe
O4 - HKLM\..\Run: [UIExec] . (...) -- C:\Program Files\Mobiconnect\UIexec.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [PD-Proxy] D:\conen\PD-Proxy_VPN\PD-Proxy_2.2.0\PD-Launcher.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [Tuxler] C:\Program Files\Tuxler\Tuxler.exe (.not file.)
O4 - HKCU\..\Run: [ISUSPM] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [StartMenuX] . (.OrdinarySoft - StartMenuX.) -- C:\Program Files\Start Menu X\StartMenuX.exe
O4 - HKCU\..\Run: [Prime95] . (.No owner - PRIME95 Application.) -- C:\Users\Idir\AppData\Local\Temp\freearc05949b4a.tmp\prime95.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-839920020-959317949-3918920766-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-839920020-959317949-3918920766-1000\..\Run: [Tuxler] C:\Program Files\Tuxler\Tuxler.exe (.not file.)
O4 - HKUS\S-1-5-21-839920020-959317949-3918920766-1000\..\Run: [ISUSPM] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-839920020-959317949-3918920766-1000\..\Run: [StartMenuX] . (.OrdinarySoft - StartMenuX.) -- C:\Program Files\Start Menu X\StartMenuX.exe
O4 - HKUS\S-1-5-21-839920020-959317949-3918920766-1000\..\Run: [Prime95] . (.No owner - PRIME95 Application.) -- C:\Users\Idir\AppData\Local\Temp\freearc05949b4a.tmp\prime95.exe
~ Application: Scanned in 00mn 00s



---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (.not file.)
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files\MICROS~3\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files\MICROS~3\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -- C:\Program Files\MICROS~3\Office12\REFBARH.ICO (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
~ Winsock: 8 Scanned in 00mn 00s



---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{197F91F0-E17F-483F-93C1-36AD11350826}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\..\{2A90583B-8EDF-4AAC-89BF-B56272DB3743}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{31E987BF-626C-4475-A917-F123840C4E3F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{614832B5-96EB-415B-9C8E-DBB1A6A890E4}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: NameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{EEDDB6C3-A6D2-457A-ADE3-5EF50A53575F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5371CC1-F640-4A32-B578-01A66DE40604}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: DhcpNameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{E6872610-EC90-427D-A9FB-045801E46C5E}: DhcpNameServer = 172.25.1.60 192.168.27.6
O17 - HKLM\System\CS1\Services\Tcpip\..\{197F91F0-E17F-483F-93C1-36AD11350826}: NameServer = 209.244.0.3 8.8.8.8
O17 - HKLM\System\CS1\Services\Tcpip\..\{2A90583B-8EDF-4AAC-89BF-B56272DB3743}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{31E987BF-626C-4475-A917-F123840C4E3F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{614832B5-96EB-415B-9C8E-DBB1A6A890E4}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: NameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{EEDDB6C3-A6D2-457A-ADE3-5EF50A53575F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS1\Services\Tcpip\..\{A5371CC1-F640-4A32-B578-01A66DE40604}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS1\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: DhcpNameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{E6872610-EC90-427D-A9FB-045801E46C5E}: DhcpNameServer = 172.25.1.60 192.168.27.6
O17 - HKLM\System\CS2\Services\Tcpip\..\{219F7D51-07A0-4646-9D94-20254A687E42}: NameServer = 10.11.12.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{31E987BF-626C-4475-A917-F123840C4E3F}: NameServer = 10.11.12.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D31DFD9-AB6F-43DC-9997-6AE9AC290D62}: NameServer = 10.11.12.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{3F88684B-836D-49E1-BFAA-8F2359288076}: NameServer = 211.141.90.68
O17 - HKLM\System\CS2\Services\Tcpip\..\{614832B5-96EB-415B-9C8E-DBB1A6A890E4}: NameServer = 10.11.12.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: NameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CS2\Services\Tcpip\..\{EEDDB6C3-A6D2-457A-ADE3-5EF50A53575F}: NameServer = 10.11.12.14
O17 - HKLM\System\CS2\Services\Tcpip\..\{31E987BF-626C-4475-A917-F123840C4E3F}: DhcpNameServer = 10.100.0.162
O17 - HKLM\System\CS2\Services\Tcpip\..\{3D31DFD9-AB6F-43DC-9997-6AE9AC290D62}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CS2\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: DhcpNameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CS2\Services\Tcpip\..\{31E987BF-626C-4475-A917-F123840C4E3F}: DhcpDomain = ummto.dz
O17 - HKLM\System\CS3\Services\Tcpip\..\{2A90583B-8EDF-4AAC-89BF-B56272DB3743}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS3\Services\Tcpip\..\{31E987BF-626C-4475-A917-F123840C4E3F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS3\Services\Tcpip\..\{614832B5-96EB-415B-9C8E-DBB1A6A890E4}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS3\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: NameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CS3\Services\Tcpip\..\{EEDDB6C3-A6D2-457A-ADE3-5EF50A53575F}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 =>.Google DNS Redirections
O17 - HKLM\System\CS3\Services\Tcpip\..\{A5371CC1-F640-4A32-B578-01A66DE40604}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CS3\Services\Tcpip\..\{B72224C5-1F77-4371-B87B-E93EDB564EE0}: DhcpNameServer = 8.8.8.8 0.0.0.0
O17 - HKLM\System\CS3\Services\Tcpip\..\{E6872610-EC90-427D-A9FB-045801E46C5E}: DhcpNameServer = 172.25.1.60 192.168.27.6
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: C:\Windows\ehome\ehsched.exe (ehSched) . (...) - C:\Windows\ehome\ehsched.exe (.not file.)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (...) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe (.not file.) =>PUP.GlobalUpdate
O23 - Service: HWDeviceService.exe (HWDeviceService.exe) . (.No owner - DCSHOST.) - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: MobiConnect. OUC (MobiConnect. RunOuc) . (...) - C:\Program Files\MobiConnect\UpdateDog\ouc.exe (.not file.)
O23 - Service: MobogenieService (MobogenieService) . (.Mobogenie.com - MobogenieService.exe.) - C:\Program Files\Mobogenie3\MobogenieService.exe =>PUP.Mobogenie
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (...) - C:\Windows\system32\nlssrv32.exe (.not file.)
O23 - Service: ShopperPro Update (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe (.not file.) =>PUP.ShopperPro
O23 - Service: Sierra Wireless Card Detection Service (SwiCardDetectSvc) . (.Sierra Wireless, Inc. - Sierra Wireless Inc Card Detect Service.) - C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe
O23 - Service: UI Assistant Service (UI Assistant Service) . (...) - C:\Program Files\Mobiconnect\AssistantServices.exe
~ Services: 6 Scanned in 00mn 12s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Task Planned Automatically (039)
[MD5.080255CDCB878813B481B8C348D47D8E] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [267440]
[MD5.4BB7714617D50D77FCDA6B0182FD8A9A] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [857888]
[MD5.00000000000000000000000000000000] [APT] [LaunchSignup] (...) -- C:\Program Files\MyPC Backup\Signup Wizard.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version3_triggeronce] (...) -- c:\program files\common files\paretologic\uus3\Pareto_Update3.exe (.not file.) [0] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [{06DF620F-BF60-41E6-A4A5-B49F449A631C}] (...) -- C:\Users\Idir\Desktop\Nouveau dossier\Portable-3D Flash Animator v4\Portable-3D Flash Animator v4\3D Flash Animator 4.9.8.7_by_omar\3D Flash Animator 4.9.8.7.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2E41761E-E8F9-474B-B6AF-A1D6FE5CA520}] (...) -- C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe (.not file.) [0]
[MD5.A1EAFCB168A770F632C088DD4C5FBAE5] [APT] [{40991B3D-85CD-4FA8-9A28-0879AA8D3585}] (.MacKichan Software.) -- C:\swp55\swp-pro.exe [5161017]
[MD5.A1EAFCB168A770F632C088DD4C5FBAE5] [APT] [{4737F6FF-5556-4BCC-B479-70169916F56B}] (.MacKichan Software.) -- C:\swp55\swp-pro.exe [5161017]
[MD5.0C5E71FAB7C7A4200EA45C20C940ADB2] [APT] [{59D2D3A5-876E-4F5A-A30A-5B08E560B723}] (.MiKTeX.org.) -- D:\MikTeX-TexMaker\MiKTeX\tm\packages\setup-2.9.3959.exe [5779456]
[MD5.00000000000000000000000000000000] [APT] [{6425ECB0-F3AF-4760-A7BF-DC3170B8BB96}] (...) -- C:\Program Files\Nitro PDF\Professional 7\NitroPDF.exe (.not file.) [0]
[MD5.058B4064B502B393684B09905C09926C] [APT] [{6FA51A51-4B22-4D94-8A50-8FB08E5C7F84}] (...) -- C:\Program Files\Foxit Software\Foxit PhantomPDF\Foxit PhantomPDF.exe [26994232]
[MD5.00000000000000000000000000000000] [APT] [{C0850353-6BD5-46FD-90D3-2216542A02D7}] (...) -- C:\Program Files\Nitro PDF\Professional 7\NitroPDF.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CD85E697-54DF-45AA-8B52-30E883603303}] (...) -- C:\Users\Idir\Downloads\Programs\IE8-WindowsXP-x86-FRA.exe (.not file.) [0]
[MD5.A1EAFCB168A770F632C088DD4C5FBAE5] [APT] [{DDC6EEF9-93BF-4EEB-B1E8-92542F68B3AC}] (.MacKichan Software.) -- C:\swp55\swp-pro.exe [5161017]
[MD5.BBAEC99CD684B1331BA878105D27051C] [APT] [{E5D9301D-6CA9-42DB-93E9-960CBE8975AD}] (.Port80Software.com.) -- D:\conen\ZESetup.exe [7801890]
[MD5.00000000000000000000000000000000] [APT] [{FE58E5CB-F8A1-45B9-9578-A78FB9A7B778}] (...) -- C:\Users\Idir\Downloads\Programs\IE8-WindowsXP-x86-FRA.exe (.not file.) [0]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: ParetoLogic Update Version3_triggeronce - (...) -- C:\Windows\Tasks\ParetoLogic Update Version3_triggeronce.job [416] =>PUP.Paretologic
O39 - APT: ParetoLogic Update Version3_triggeronce - (...) -- C:\Windows\System32\Tasks\ParetoLogic Update Version3_triggeronce [416] =>PUP.Paretologic
~ Scheduled Task: 20 Scanned in 00mn 11s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) 2 Platform Standard Edition binary.) -- C:\Program Files\Java\jre1.5.0_08\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 12 Scanned in 00mn 00s



---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\Windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\Windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\Windows\system32\drivers\aswSP.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VBoxDrv) . (.Oracle Corporation - VirtualBox Support Driver.) - C:\Windows\System32\DRIVERS\VBoxDrv.sys
O41 - Driver: (VBoxUSBMon) . (.Oracle Corporation - VirtualBox USB Monitor Driver.) - C:\Windows\System32\DRIVERS\VBoxUSBMon.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: (HssDRV6) . (. - .) - C:\Windows\System32\DRIVERS\hssdrv6.sys (.not file.)
O41 - Driver: (mbamchameleon) . (. - .) - C:\Windows\system32\drivers\mbamchameleon.sys (.not file.)
~ Drivers: 103 Scanned in 00mn 01s



---\\ Software installed (O42)
O42 - Logiciel: 3D Flash Animator 4.9.8.7 - (...) [HKLM] -- 3D Flash Animator 4.9.8.7
O42 - Logiciel: AAA Logo Business Edition 3.10 - (.SWGSoft.com.) [HKLM] -- AAA Logo 3.10 Business_is1
O42 - Logiciel: Adobe Flash Player 16 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Reader 9.3 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A93000000001}
O42 - Logiciel: Avast Free Antivirus - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DjVu Viewer - (.djvuviewer.com.) [HKLM] -- {3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1
O42 - Logiciel: DjVuLibre DjView 3.5.25.4+4.9.2 - (.DjVuZone.) [HKLM] -- DjVuLibre+DjView
O42 - Logiciel: FastStone Capture 5.3 (French) - (.FastStone Soft.) [HKLM] -- FastStone Capture
O42 - Logiciel: FileZilla Client 3.7.3 - (.Tim Kosse.) [HKLM] -- FileZilla Client
O42 - Logiciel: Foxit PhantomPDF - (.Foxit Corporation.) [HKLM] -- {5A8F2FCA-DA27-4293-AC37-1C77B1130F1C}
O42 - Logiciel: FreeArc 0.666 - (.Bulat Ziganshin.) [HKLM] -- FreeArc
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player
O42 - Logiciel: GPL Ghostscript - (.Artifex Software Inc..) [HKLM] -- GPL Ghostscript 9.02
O42 - Logiciel: GPL Ghostscript - (.Artifex Software Inc..) [HKLM] -- GPL Ghostscript 9.15
O42 - Logiciel: GSview 4.9 - (...) [HKLM] -- GSview 4.9
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: GeoGebra 5 - (.International GeoGebra Institute.) [HKLM] -- GeoGebra 5
O42 - Logiciel: GrindEQ Math Utilities (remove only) - (...) [HKLM] -- GrindEQ
O42 - Logiciel: GrindEQ Word-to-Latex (remove only) - (...) [HKLM] -- GrindEQw2l
O42 - Logiciel: HSPA USB Modem - (.اسم شركتك.) [HKLM] -- InstallShield_{06ADE2A0-E46A-4A84-A211-64CF50520185}
O42 - Logiciel: HSPA USB Modem - (.اسم شركتك.) [HKLM] -- {06ADE2A0-E46A-4A84-A211-64CF50520185}
O42 - Logiciel: InftyReader Version3.0.9.0 - (.Science Accessibility Net.) [HKLM] -- {1647F835-8870-493C-A3BB-4C3138653983}_is1
O42 - Logiciel: Intel(R) C++ Redistributables on IA-32 - (.Intel Corporation.) [HKLM] -- {5018D8E6-8D8E-4F76-9AFD-CB2EF1100E84}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager
O42 - Logiciel: J2SE Runtime Environment 5.0 Update 8 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0150080}
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {0BE9E708-5DC0-4963-9CFD-0AA519090E79}
O42 - Logiciel: Le Grand Robert - (...) [HKLM] -- Le Grand Robert
O42 - Logiciel: Le Petit Robert 2012 - (.Le Robert.) [HKLM] -- PR1CD2012
O42 - Logiciel: Lizardtech DjVu Control - (...) [HKLM] -- {105CFC7C-6992-11D5-BD9D-000102C10FD8}
O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
O42 - Logiciel: MSVC90_x86 - (.Nokia.) [HKLM] -- {AF111648-99A1-453E-81DD-80DBBF6DAD0D}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Mandelbulber v2 win32 - (.Krzysztof Marczak.) [HKLM] -- 6DF65BA0-CE0F-48A8-BB53-AA35529602B7
O42 - Logiciel: Maple 18 - (.Maplesoft.) [HKLM] -- Maple 18
O42 - Logiciel: MiKTeX 2.9 - (.MiKTeX.org.) [HKLM] -- MiKTeX 2.9
O42 - Logiciel: Mobogenie3 - (.Mobogenie.com.) [HKLM] -- Mobogenie3 =>PUP.Mobogenie
O42 - Logiciel: Mozilla Firefox 35.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 35.0.1 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Notepad++ - (...) [HKLM] -- Notepad++
O42 - Logiciel: Oracle VM VirtualBox 4.3.20 - (.Oracle Corporation.) [HKLM] -- {3ACD85F2-BD6D-44FE-8CAE-5C1C3757ED7E}
O42 - Logiciel: PDFCreator - (.pdfforge.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}
O42 - Logiciel: Revo Uninstaller 1.95 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: SYSTRAN - (.SYSTRAN.) [HKCU] -- InstallShield_{4C94F105-81D0-4AFC-8F0A-38949DC07F65}
O42 - Logiciel: Scientific WorkPlace 5.5 - (.MacKichan Software.) [HKLM] -- {71ADC302-F323-45A7-AFA4-C55D7B861D30}
O42 - Logiciel: Sothink SWF Easy - (.SourceTec Software Co., LTD.) [HKLM] -- {C8F4800F-52F4-4115-BE64-FF1C23604E86}_is1
O42 - Logiciel: Sothink SWF Easy Resource Add-on - (.SourceTec Software Co., LTD.) [HKLM] -- Sothink SWF Easy Resource Add-on_is1
O42 - Logiciel: Spoon.net Sandbox Manager 3.33 - (.Code Systems Corporation.) [HKCU] -- Spoon.net Sandbox Manager 3.33
O42 - Logiciel: Start Menu X version 5.30 - (.OrdinarySoft.) [HKLM] -- {3E494002-985C-4908-B72C-5B4DD15BE090}_is1
O42 - Logiciel: Sweet Home 3D version 4.6 - (.eTeks.) [HKLM] -- Sweet Home 3D_is1
O42 - Logiciel: TeXnicCenter Version 1 Beta 7.01 (Greengrass) - (.TeXnicCenter.org.) [HKLM] -- TeXnicCenter_is1
O42 - Logiciel: Telecom NZ Connect Me (ZTE) - (...) [HKLM] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}
O42 - Logiciel: Telecom NZ Connect Me - (.Telecom NZ.) [HKLM] -- {35026A82-F328-4771-AB5F-E0126EFE70A2}
O42 - Logiciel: VLC media player 2.1.3 - (.VideoLAN.) [HKLM] -- VLC media player =>.VideoLAN
O42 - Logiciel: WinHTTrack Website Copier 3.45-3 - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1
O42 - Logiciel: Windows 7 Codec Pack 4.0.8 - (.Windows 7 Codec Pack.) [HKLM] -- Windows 7 - Codec Pack
O42 - Logiciel: ahl_alhadeeth 4.4.0 - (...) [HKLM] -- برنامج_أهل_الحديث_والأثر_لفهرسة_الأشرطة_4.2.0
O42 - Logiciel: مصحف المدينة النبوية - (.My Company Name.) [HKLM] -- {1136FCB8-E1E9-4A02-B3B5-E2598DFB16CE}
~ Logic: 54 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\3DFA]
[HKCU\Software\AAA_LOGO]
[HKCU\Software\ABBYY]
[HKCU\Software\AFPL Ghostscript]
[HKCU\Software\ASProtect]
[HKCU\Software\AVAST Software]
[HKCU\Software\Ada99]
[HKCU\Software\Adobe]
[HKCU\Software\AnchorFree]
[HKCU\Software\Andrew Zhezherun]
[HKCU\Software\AppDataLow\Software\Hotspot_Shield]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Sense]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\TbccintSearchScopes] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Tbccint] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Unity]
[HKCU\Software\AppDataLow\Software\qualitink] =>Adware.Qualitink
[HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\BD Inc]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BarbaTunnel]
[HKCU\Software\Bert's Software]
[HKCU\Software\Blizzard Entertainment]
[HKCU\Software\BugSplat]
[HKCU\Software\Bureau van Dijk]
[HKCU\Software\Bytescout]
[HKCU\Software\CBS Software]
[HKCU\Software\Caislabs Software]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Code Systems]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DIGITALNAUTS]
[HKCU\Software\DSP-worx]
[HKCU\Software\Datastead]
[HKCU\Software\Delta]
[HKCU\Software\DeterministicNetworks]
[HKCU\Software\DjVuLibre]
[HKCU\Software\DownloadManager]
[HKCU\Software\ESET]
[HKCU\Software\Ectaco]
[HKCU\Software\Eltima Software]
[HKCU\Software\Enigma Protector]
[HKCU\Software\Ettego]
[HKCU\Software\FLEXlm License Manager]
[HKCU\Software\Faceless]
[HKCU\Software\FileOpen]
[HKCU\Software\Fomine Software]
[HKCU\Software\ForceInterfaceCOM]
[HKCU\Software\Foxit Software]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\GPL Ghostscript]
[HKCU\Software\GRETECH]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\GrindEQ]
[HKCU\Software\Haali]
[HKCU\Software\Holersoft]
[HKCU\Software\HowardMedia]
[HKCU\Software\IM Providers]
[HKCU\Software\ImageMagick]
[HKCU\Software\Infty Project]
[HKCU\Software\InftyProject]
[HKCU\Software\Initex Software]
[HKCU\Software\Initex]
[HKCU\Software\InstallShield]
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Intel]
[HKCU\Software\Intuisphere]
[HKCU\Software\JavaSoft]
[HKCU\Software\Keops]
[HKCU\Software\Kernel for PDF Repair]
[HKCU\Software\LAV]
[HKCU\Software\Lauyan]
[HKCU\Software\Licenses]
[HKCU\Software\LyX]
[HKCU\Software\MCAFEE]
[HKCU\Software\MMBPlayer]
[HKCU\Software\MPCBrowser]
[HKCU\Software\MacKichan Software]
[HKCU\Software\Macromedia]
[HKCU\Software\Mandelbulber]
[HKCU\Software\Mask Surf]
[HKCU\Software\Media Get LLC] =>PUP.MediaGet
[HKCU\Software\MiKTeX.org]
[HKCU\Software\MicroBest]
[HKCU\Software\Miner3D]
[HKCU\Software\Mirage]
[HKCU\Software\Mobogenie3] =>PUP.Mobogenie
[HKCU\Software\Mobogenie] =>PUP.Mobogenie
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NetcoSolutions]
[HKCU\Software\NetifCfgStore]
[HKCU\Software\Netscape]
[HKCU\Software\NeuroSystems]
[HKCU\Software\Nilings]
[HKCU\Software\Nitro PDF]
[HKCU\Software\Nokia]
[HKCU\Software\ODBC]
[HKCU\Software\ORL]
[HKCU\Software\Opera Software]
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro
[HKCU\Software\Oracle]
[HKCU\Software\Ordinarysoft]
[HKCU\Software\PDF Architect 2]
[HKCU\Software\PDFCreator.net]
[HKCU\Software\Paltalk]
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\Pencil]
[HKCU\Software\Perfect Software]
[HKCU\Software\PilotGroup]
[HKCU\Software\PinoyRepublic]
[HKCU\Software\PlayFreeBrowser]
[HKCU\Software\PluginAddon]
[HKCU\Software\Policies]
[HKCU\Software\PortableApps.com]
[HKCU\Software\QtProject]
[HKCU\Software\RegTweaker]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SEJER - Le Robert]
[HKCU\Software\SHIMA]
[HKCU\Software\SMADΔV]
[HKCU\Software\SYSTRAN]
[HKCU\Software\SciFace]
[HKCU\Software\SharewareStudio.com]
[HKCU\Software\Smart Projects]
[HKCU\Software\Soft Lemon]
[HKCU\Software\SoftEther Corporation]
[HKCU\Software\SoftEther Project]
[HKCU\Software\SourceTec]
[HKCU\Software\SpeedBit]
[HKCU\Software\Spoon]
[HKCU\Software\StartSearch] =>PUP.StartSearch
[HKCU\Software\Statbox]
[HKCU\Software\Steganos]
[HKCU\Software\StrongVPN]
[HKCU\Software\Sysinternals]
[HKCU\Software\TUG]
[HKCU\Software\Tbccint] =>Toolbar.Conduit
[HKCU\Software\Tbccint_HKLM] =>Toolbar.Conduit
[HKCU\Software\TeleCharger]
[HKCU\Software\TeleCharger_v2]
[HKCU\Software\Telecom NZ]
[HKCU\Software\ThankSoft]
[HKCU\Software\TheGreenBow]
[HKCU\Software\Toocharger]
[HKCU\Software\ToolsCenter]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Tunngle.net]
[HKCU\Software\Tuxler]
[HKCU\Software\USyndication] =>Trojan.USyndication
[HKCU\Software\Unity]
[HKCU\Software\University of Tsukuba]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\WNR]
[HKCU\Software\WSSE]
[HKCU\Software\WinEdt 6]
[HKCU\Software\WinHTTrack Website Copier]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Windows 7 - Codec Pack]
[HKCU\Software\Wintertree]
[HKCU\Software\Wondershare]
[HKCU\Software\Word-to-Latex]
[HKCU\Software\XLSTAT+]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebraNetworkSystems]
[HKCU\Software\dskMetrics]
[HKCU\Software\eSellerate]
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate
[HKCU\Software\iMacros]
[HKCU\Software\kde.org]
[HKCU\Software\sAccessNet]
[HKCU\Software\systweak]
[HKCU\Software\usyndication.com] =>Trojan.USyndication
[HKCU\Software\yahooinstall]
[HKLM\Software\5b68adeb138e415]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\AbiWord]
[HKLM\Software\Adobe]
[HKLM\Software\Agere]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Artifex]
[HKLM\Software\AviSynth]
[HKLM\Software\BlueStacks]
[HKLM\Software\Bunndle]
[HKLM\Software\ChrisPC Free Anonymous Proxy]
[HKLM\Software\Classes]
[HKLM\Software\Clauses]
[HKLM\Software\Clients]
[HKLM\Software\Code Systems]
[HKLM\Software\CyberGhost]
[HKLM\Software\DC-Unlocker]
[HKLM\Software\Delta]
[HKLM\Software\DeterministicNetworks]
[HKLM\Software\EA Games]
[HKLM\Software\Electronic Arts]
[HKLM\Software\Eltima]
[HKLM\Software\EnigmaSoftwareGroup] =>PUP.EnigmaSoftware
[HKLM\Software\Eset]
[HKLM\Software\FDFilter]
[HKLM\Software\Faceless LLC]
[HKLM\Software\Faceless]
[HKLM\Software\Faronics]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\GNU]
[HKLM\Software\GPL Ghostscript]
[HKLM\Software\GRETECH]
[HKLM\Software\GamingWonderlandEI]
[HKLM\Software\Ghostgum]
[HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate
[HKLM\Software\Google]
[HKLM\Software\HSPA]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Huawei technologies]
[HKLM\Software\ISPMonitor]
[HKLM\Software\Initex Software]
[HKLM\Software\InstallShield]
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Installer55]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\LSI]
[HKLM\Software\Lauyan]
[HKLM\Software\Licenses]
[HKLM\Software\LizardTech]
[HKLM\Software\MFS]
[HKLM\Software\MacKichan Software]
[HKLM\Software\Macromedia]
[HKLM\Software\Macrovision]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MetaQuotes Software]
[HKLM\Software\MiKTeX.org]
[HKLM\Software\MimarSinan]
[HKLM\Software\Mirage]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\My Company Name]
[HKLM\Software\NMDVPN-GUI]
[HKLM\Software\Nalpeiron]
[HKLM\Software\NetcoSolutions]
[HKLM\Software\NetworkTunnel]
[HKLM\Software\Nitro PDF]
[HKLM\Software\Nokia]
[HKLM\Software\ODBC]
[HKLM\Software\OpenVPN-GUI]
[HKLM\Software\Oracle]
[HKLM\Software\Ordinarysoft]
[HKLM\Software\PCTEL]
[HKLM\Software\PDF Architect 2]
[HKLM\Software\PDFCreator.net]
[HKLM\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\PctelEapPeer Authentication]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SADAH VPN]
[HKLM\Software\SOFTWARE]
[HKLM\Software\SYSTRAN]
[HKLM\Software\ShopperPro] =>PUP.ShopperPro
[HKLM\Software\SiteSee]
[HKLM\Software\Smart Projects]
[HKLM\Software\SmithMicro]
[HKLM\Software\SoftEther Project]
[HKLM\Software\Sonic]
[HKLM\Software\SourceTec]
[HKLM\Software\Steganos]
[HKLM\Software\SumRando]
[HKLM\Software\Systweak]
[HKLM\Software\TeXnicCenter2]
[HKLM\Software\Telecom NZ]
[HKLM\Software\ToolBoxDebug]
[HKLM\Software\ToolsCenter]
[HKLM\Software\TsunamiVPN-GUI]
[HKLM\Software\TsunamiVPN]
[HKLM\Software\TuneUp]
[HKLM\Software\Tunngle.net]
[HKLM\Software\Ubisoft]
[HKLM\Software\Uniblue] =>PUP.UniblueSystem
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WNR]
[HKLM\Software\Waterloo Maple]
[HKLM\Software\Wi-Free]
[HKLM\Software\WinHTTrack Website Copier]
[HKLM\Software\WinPj]
[HKLM\Software\Wondershare]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Yahoo]
[HKLM\Software\ZTE Corporation]
[HKLM\Software\ZTEUSBDriverFlag]
[HKLM\Software\ZebraNetworkSystems]
[HKLM\Software\dd]
[HKLM\Software\hyip]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\mlab]
[HKLM\Software\mozilla.org]
[HKLM\Software\sAccessNet]
~ Key Software: 438 Scanned in 00mn 01s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 10/04/2014 - 12:53:23 - [] ----D C:\Program Files\2FASTVPN
O43 - CFD: 29/09/2014 - 21:52:51 - [] ----D C:\Program Files\3D Flash Animator 4.9.8.7
O43 - CFD: 22/09/2014 - 16:48:27 - [] ----D C:\Program Files\AAALOGO2010
O43 - CFD: 17/01/2000 - 22:18:55 - [] ----D C:\Program Files\AbiWord
O43 - CFD: 23/12/1990 - 20:17:43 - [] ----D C:\Program Files\Adobe
O43 - CFD: 31/01/2015 - 07:30:22 - [] ----D C:\Program Files\ahl_alhadeeth
O43 - CFD: 26/05/2014 - 16:36:59 - [] ----D C:\Program Files\Athan
O43 - CFD: 07/04/2014 - 21:51:27 - [] ----D C:\Program Files\AVAST Software
O43 - CFD: 19/05/2014 - 13:36:42 - [] ----D C:\Program Files\AVG SakkjfeGuard toolbar
O43 - CFD: 07/02/2015 - 07:16:23 - [0] ----D C:\Program Files\BlueStacks
O43 - CFD: 29/12/2014 - 19:04:55 - [] ----D C:\Program Files\CBS Software
O43 - CFD: 05/04/2014 - 10:19:28 - [] ----D C:\Program Files\ChrisPC Free Anonymous Proxy
O43 - CFD: 02/03/2015 - 16:02:40 - [] ----D C:\Program Files\Common Files
O43 - CFD: 29/09/2014 - 07:29:04 - [0] ----D C:\Program Files\Cracklock
O43 - CFD: 13/05/2014 - 16:38:44 - [0] ----D C:\Program Files\DAP
O43 - CFD: 02/10/2014 - 20:41:40 - [] ----D C:\Program Files\DC-Unlocker
O43 - CFD: 31/10/2013 - 23:45:15 - [] ----D C:\Program Files\DIFX
O43 - CFD: 09/01/2014 - 00:56:10 - [] ----D C:\Program Files\Disk Volume Serial Number Changer
O43 - CFD: 19/12/2014 - 15:18:29 - [] ----D C:\Program Files\DjVu Viewer
O43 - CFD: 19/12/2014 - 15:43:19 - [] ----D C:\Program Files\DjVuLibre
O43 - CFD: 20/12/2014 - 07:46:22 - [] ----D C:\Program Files\DVD Maker
O43 - CFD: 01/03/2015 - 11:18:34 - [] ----D C:\Program Files\Enigma Software Group =>PUP.EnigmaSoftware
O43 - CFD: 23/11/2014 - 16:15:51 - [] ----D C:\Program Files\Faronics
O43 - CFD: 30/12/2014 - 22:36:13 - [] ----D C:\Program Files\FastStone Capture
O43 - CFD: 06/07/2013 - 00:01:41 - [] -SH-D C:\Program Files\Fichiers communs
O43 - CFD: 25/11/2013 - 08:52:25 - [] ----D C:\Program Files\FileZilla FTP Client
O43 - CFD: 24/09/2013 - 07:31:38 - [] ----D C:\Program Files\Foxit Software
O43 - CFD: 27/06/2014 - 15:12:35 - [] ----D C:\Program Files\FreeArc
O43 - CFD: 02/04/2014 - 23:59:05 - [] ----D C:\Program Files\Freeciv-2.2.3-gtk2
O43 - CFD: 01/11/2013 - 21:45:17 - [] ---AD C:\Program Files\GamingWonderlandEI
O43 - CFD: 26/02/2015 - 07:20:11 - [] ----D C:\Program Files\GeoGebra 5.0
O43 - CFD: 29/12/2014 - 12:44:13 - [] ----D C:\Program Files\Ghostgum
O43 - CFD: 02/03/2015 - 16:02:31 - [] ----D C:\Program Files\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 03/12/2014 - 14:04:39 - [] ----D C:\Program Files\Google
O43 - CFD: 15/02/2014 - 06:21:57 - [] ----D C:\Program Files\GRETECH
O43 - CFD: 26/02/2014 - 00:52:48 - [] ----D C:\Program Files\GrindEQ
O43 - CFD: 29/12/2014 - 12:43:26 - [] ----D C:\Program Files\gs
O43 - CFD: 02/01/2014 - 21:07:08 - [] ----D C:\Program Files\HMA! Pro VPN
O43 - CFD: 06/10/2014 - 07:37:31 - [] ----D C:\Program Files\HSPA USB Modem
O43 - CFD: 09/02/2015 - 22:08:08 - [] --H-D C:\Program Files\InstallJammer Registry
O43 - CFD: 05/02/2015 - 20:08:04 - [] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 05/02/2015 - 20:30:18 - [] ----D C:\Program Files\Intel
O43 - CFD: 27/01/2014 - 17:40:49 - [0] ----D C:\Program Files\Internet Access Monitor
O43 - CFD: 31/01/2015 - 16:34:23 - [] ----D C:\Program Files\Internet Download Manager
O43 - CFD: 02/12/2013 - 18:07:51 - [] ----D C:\Program Files\Intuisphere
O43 - CFD: 28/09/2013 - 22:28:00 - [] ----D C:\Program Files\Islam
O43 - CFD: 27/02/2015 - 23:25:01 - [] ----D C:\Program Files\Java
O43 - CFD: 21/01/2014 - 17:57:34 - [] ----D C:\Program Files\Kepard
O43 - CFD: 01/11/2014 - 21:36:44 - [] ----D C:\Program Files\Lauyan
O43 - CFD: 28/07/2013 - 06:28:35 - [] ----D C:\Program Files\Lauyan TOWeb 4.11.613 e-Commerce Edition Portable{h33t}{mad dog}
O43 - CFD: 07/07/2013 - 16:32:35 - [] ----D C:\Program Files\Le Grand Robert
O43 - CFD: 11/07/2013 - 03:11:42 - [] ----D C:\Program Files\Le Robert
O43 - CFD: 13/07/2014 - 04:25:56 - [] ----D C:\Program Files\Licenses
O43 - CFD: 17/11/2013 - 14:17:44 - [0] ----D C:\Program Files\LimeWire
O43 - CFD: 19/12/2014 - 15:29:04 - [] ----D C:\Program Files\LizardTech
O43 - CFD: 09/02/2015 - 22:07:46 - [] ---AD C:\Program Files\Mandelbulber v2 win32
O43 - CFD: 28/06/2014 - 23:29:26 - [] ----D C:\Program Files\Maple 18
O43 - CFD: 09/01/2014 - 20:10:51 - [] ----D C:\Program Files\Mask Surf
O43 - CFD: 22/09/2014 - 15:43:30 - [] ----D C:\Program Files\McAfee Security Scan
O43 - CFD: 04/01/2000 - 04:15:43 - [] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 14/07/2009 - 09:01:21 - [] ----D C:\Program Files\Microsoft Games
O43 - CFD: 13/01/2015 - 23:32:55 - [] ----D C:\Program Files\Microsoft Office
O43 - CFD: 22/12/2014 - 12:37:51 - [] ----D C:\Program Files\Microsoft OneDrive
O43 - CFD: 31/12/2014 - 20:01:42 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 04/01/2000 - 04:15:44 - [] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 04/01/2000 - 04:15:44 - [] ----D C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 10/09/2013 - 11:58:21 - [] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 13/01/2015 - 23:27:08 - [] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 27/12/2014 - 14:32:44 - [] ----D C:\Program Files\Microsoft Works
O43 - CFD: 13/01/2015 - 23:31:31 - [] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 22/05/2014 - 15:20:51 - [] ----D C:\Program Files\MiKTeX 2.9
O43 - CFD: 15/12/2014 - 14:40:47 - [] ----D C:\Program Files\Mobiconnect
O43 - CFD: 09/01/2014 - 20:10:50 - [] ----D C:\Program Files\Mobogenie =>PUP.Mobogenie
O43 - CFD: 17/02/2015 - 14:22:22 - [] ----D C:\Program Files\Mobogenie3 =>PUP.Mobogenie
O43 - CFD: 30/01/2015 - 21:26:45 - [] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 05/11/2014 - 11:46:53 - [] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 13/01/2015 - 23:33:05 - [] ----D C:\Program Files\MSBuild
O43 - CFD: 20/05/2014 - 08:35:48 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 04/04/2014 - 22:26:31 - [] ----D C:\Program Files\NMDVPN
O43 - CFD: 16/03/2014 - 11:55:13 - [] ----D C:\Program Files\Notepad++
O43 - CFD: 04/10/2014 - 10:16:24 - [0] ----D C:\Program Files\Nouveau dossier
O43 - CFD: 26/01/2014 - 22:17:22 - [] ----D C:\Program Files\OpenVPN
O43 - CFD: 02/01/2014 - 21:49:17 - [] ----D C:\Program Files\OpenVPN Technologies
O43 - CFD: 21/02/2015 - 07:09:41 - [] ----D C:\Program Files\Oracle
O43 - CFD: 26/01/2014 - 21:54:14 - [] ----D C:\Program Files\PandaPow
O43 - CFD: 11/02/2015 - 16:21:58 - [] ----D C:\Program Files\PDFCreator
O43 - CFD: 26/01/2014 - 22:05:11 - [] ----D C:\Program Files\Port Tunnel Wizard
O43 - CFD: 02/09/2014 - 21:05:10 - [0] ----D C:\Program Files\R.G. Mechanics
O43 - CFD: 26/05/2014 - 21:37:54 - [0] ----D C:\Program Files\RandeomPrice =>PUP.RandomPrice
O43 - CFD: 01/09/2014 - 13:01:54 - [0] ----D C:\Program Files\Recuva
O43 - CFD: 14/07/2009 - 04:52:30 - [] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 19/05/2014 - 04:34:28 - [] ----D C:\Program Files\RegTweaker
O43 - CFD: 13/12/2014 - 07:36:02 - [] ----D C:\Program Files\Repair File
O43 - CFD: 02/03/2015 - 21:10:13 - [] ----D C:\Program Files\sAccessNet
O43 - CFD: 04/04/2014 - 23:38:05 - [] ----D C:\Program Files\SecurityKISS Tunnel
O43 - CFD: 01/03/2015 - 16:26:45 - [] ----D C:\Program Files\Sierra Wireless Inc
O43 - CFD: 26/09/2014 - 17:21:00 - [] ----D C:\Program Files\SourceTec
O43 - CFD: 27/12/2014 - 20:16:50 - [] ----D C:\Program Files\Start Menu X
O43 - CFD: 26/01/2014 - 22:23:55 - [] ----D C:\Program Files\StrongVPN
O43 - CFD: 19/01/2014 - 15:29:51 - [] ----D C:\Program Files\SumRando
O43 - CFD: 14/02/2014 - 22:20:20 - [] ----D C:\Program Files\Super Network Tunnel
O43 - CFD: 01/08/2014 - 14:58:54 - [] ----D C:\Program Files\SupportAppCB
O43 - CFD: 18/02/2015 - 17:56:13 - [] ----D C:\Program Files\Sweet Home 3D
O43 - CFD: 26/05/2014 - 18:05:50 - [] ----D C:\Program Files\SYSTRAN
O43 - CFD: 31/12/2014 - 21:04:38 - [0] ----D C:\Program Files\Tbccint =>Toolbar.Conduit
O43 - CFD: 13/07/2014 - 04:25:24 - [] ----D C:\Program Files\TCITeX
O43 - CFD: 03/05/2014 - 22:41:55 - [] ----D C:\Program Files\Technitium
O43 - CFD: 01/03/2015 - 16:26:45 - [] ----D C:\Program Files\Telecom NZ
O43 - CFD: 06/08/2014 - 17:03:20 - [] ----D C:\Program Files\tesseract-ocr
O43 - CFD: 29/12/2014 - 12:46:05 - [] ----D C:\Program Files\TeXnicCenter
O43 - CFD: 29/09/2014 - 06:36:03 - [] ----D C:\Program Files\TI Education
O43 - CFD: 16/03/2014 - 12:04:22 - [] ----D C:\Program Files\TightVNC
O43 - CFD: 01/08/2014 - 06:21:48 - [0] ----D C:\Program Files\UltraISO
O43 - CFD: 14/07/2009 - 04:53:23 - [0] ----D C:\Program Files\Uninstall Information
O43 - CFD: 27/12/1990 - 07:38:50 - [] ----D C:\Program Files\Vidal
O43 - CFD: 06/07/2013 - 13:36:02 - [] ----D C:\Program Files\VideoLAN
O43 - CFD: 20/01/2015 - 10:34:04 - [] ----D C:\Program Files\VPN4ALL
O43 - CFD: 23/02/2014 - 00:24:33 - [] ----D C:\Program Files\VS Revo Group
O43 - CFD: 23/11/2013 - 20:37:58 - [0] ----D C:\Program Files\Warcraft III Complete
O43 - CFD: 20/12/2014 - 07:46:19 - [] ----D C:\Program Files\Windows Defender
O43 - CFD: 20/12/2014 - 07:46:21 - [] ----D C:\Program Files\Windows Journal
O43 - CFD: 20/12/2014 - 07:46:22 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation
O43 - CFD: 20/12/2014 - 07:46:22 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 06/07/2013 - 00:01:41 - [] ----D C:\Program Files\Windows NT
O43 - CFD: 20/12/2014 - 07:46:21 - [] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 04:52:32 - [] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 20/12/2014 - 07:46:23 - [] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 19/05/2014 - 13:36:45 - [] ----D C:\Program Files\WinHTTrack
O43 - CFD: 12/01/2000 - 04:01:53 - [0] ----D C:\Program Files\WinRAR
O43 - CFD: 18/05/2014 - 18:13:48 - [] ----D C:\Program Files\WorldVPN Connector
O43 - CFD: 10/04/2014 - 23:02:48 - [] ----D C:\Program Files\Xtream VPN
O43 - CFD: 02/11/2014 - 15:13:02 - [] ----D C:\Program Files\Yahoo!
O43 - CFD: 21/02/2015 - 00:31:59 - [] ----D C:\Program Files\Your Freedom
O43 - CFD: 11/01/2014 - 01:07:29 - [0] ----D C:\Program Files\ZebraNetworkSystems
O43 - CFD: 01/09/2013 - 06:51:42 - [] ----D C:\Program Files\Zero G Registry
O43 - CFD: 05/03/2015 - 16:18:33 - [] ----D C:\Program Files\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 25/01/2015 - 20:47:56 - [] ----D C:\Program Files\مصحف المدينة النبوية
O43 - CFD: 09/07/2014 - 23:58:29 - [] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 10/09/2013 - 11:58:05 - [] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 19/12/2014 - 15:28:14 - [] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 01/09/2013 - 06:50:48 - [] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 05/02/2015 - 21:12:33 - [] ----D C:\Program Files\Common Files\Intel Corporation
O43 - CFD: 17/06/2014 - 17:44:14 - [] ----D C:\Program Files\Common Files\Java
O43 - CFD: 16/07/2013 - 05:43:32 - [] ----D C:\Program Files\Common Files\Macromedia Shared
O43 - CFD: 27/12/2014 - 14:32:56 - [] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 01/03/2015 - 16:26:54 - [] ----D C:\Program Files\Common Files\PctelEapPeer Authentication
O43 - CFD: 14/07/2009 - 02:37:05 - [] ----D C:\Program Files\Common Files\Services
O43 - CFD: 26/09/2014 - 17:21:25 - [] ----D C:\Program Files\Common Files\SourceTec
O43 - CFD: 14/07/2009 - 02:37:05 - [] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 09/11/2014 - 13:55:57 - [] ----D C:\Program Files\Common Files\Steganos
O43 - CFD: 20/12/2014 - 07:52:55 - [] ----D C:\Program Files\Common Files\System
O43 - CFD: 09/01/2014 - 20:06:35 - [] ----D C:\Program Files\Common Files\temp
O43 - CFD: 22/12/2014 - 12:33:45 - [] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 14/02/2015 - 21:28:36 - [] ----D C:\Program Files\Common Files\Wondershare
O43 - CFD: 28/09/2013 - 11:17:03 - [] ----D C:\ProgramData\ABBYY
O43 - CFD: 05/09/2014 - 14:36:11 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 01/03/2015 - 14:51:30 - [] ----D C:\ProgramData\Apple
O43 - CFD: 13/02/2015 - 07:27:54 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 07/04/2014 - 21:51:27 - [] ----D C:\ProgramData\AVAST Software
O43 - CFD: 14/10/2013 - 20:50:41 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 02/02/2014 - 20:11:04 - [] ----D C:\ProgramData\Barbatunnel
O43 - CFD: 02/02/2014 - 07:23:02 - [] ----D C:\ProgramData\bhimbgkcannjenechfncgimlhlfhoeib
O43 - CFD: 07/02/2015 - 07:16:24 - [] ----D C:\ProgramData\BlueStacks
O43 - CFD: 05/02/2015 - 23:25:54 - [] ----D C:\ProgramData\BlueStacksSetup
O43 - CFD: 06/07/2013 - 00:01:41 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 20/01/2014 - 10:13:50 - [] ----D C:\ProgramData\Caphyon
O43 - CFD: 07/07/2013 - 09:40:44 - [] ----D C:\ProgramData\Common Files
O43 - CFD: 02/01/2014 - 05:28:15 - [] ----D C:\ProgramData\COMODO
O43 - CFD: 04/01/2000 - 04:17:29 - [] ----D C:\ProgramData\DatacardService
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 16/01/2000 - 13:20:04 - [] ----D C:\ProgramData\EZSoftware
O43 - CFD: 07/11/2013 - 21:03:54 - [] ----D C:\ProgramData\FarmFrenzy2
O43 - CFD: 06/07/2013 - 00:01:41 - [] -SH-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Favorites
O43 - CFD: 26/05/2014 - 21:37:55 - [] ----D C:\ProgramData\fd34d3fc362b5f7
O43 - CFD: 19/01/2014 - 20:11:59 - [] ----D C:\ProgramData\FileOpen
O43 - CFD: 10/04/2014 - 12:56:02 - [] ----D C:\ProgramData\FindBesoTDEal =>PUP.FindBestDeal
O43 - CFD: 24/11/2013 - 09:06:15 - [] ----D C:\ProgramData\Google
O43 - CFD: 14/09/2014 - 06:42:22 - [] ----D C:\ProgramData\GRETECH
O43 - CFD: 24/09/2014 - 10:40:15 - [] ----D C:\ProgramData\Grimmersoft
O43 - CFD: 22/04/2014 - 19:33:05 - [] ----D C:\ProgramData\HP
O43 - CFD: 06/07/2013 - 01:25:26 - [0] ----D C:\ProgramData\IDM
O43 - CFD: 01/11/2013 - 04:52:41 - [] ----D C:\ProgramData\Installations
O43 - CFD: 01/03/2015 - 14:06:28 - [] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 14/07/2013 - 11:03:16 - [] ----D C:\ProgramData\InstallShield
O43 - CFD: 17/10/2014 - 19:17:17 - [] ----D C:\ProgramData\Lauyan
O43 - CFD: 11/07/2013 - 03:12:10 - [] ----D C:\ProgramData\Le Robert
O43 - CFD: 04/01/2000 - 04:17:32 - [] ----D C:\ProgramData\log
O43 - CFD: 30/10/2013 - 04:38:55 - [] ----D C:\ProgramData\Macromedia
O43 - CFD: 16/07/2013 - 05:43:32 - [] ----D C:\ProgramData\Macrovision
O43 - CFD: 02/03/2015 - 13:44:43 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 26/06/2014 - 08:27:44 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 07/07/2013 - 08:46:03 - [0] ----D C:\ProgramData\Media Get LLC =>PUP.MediaGet
O43 - CFD: 06/07/2013 - 00:01:41 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 13/01/2015 - 23:31:32 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 17/10/2014 - 22:02:56 - [] ----D C:\ProgramData\Microsoft Corporation
O43 - CFD: 03/03/2015 - 17:01:25 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 31/12/2014 - 22:19:29 - [0] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 20/05/2014 - 16:51:01 - [] ----D C:\ProgramData\MiKTeX
O43 - CFD: 01/08/2014 - 06:19:54 - [0] ----D C:\ProgramData\MobiConnect
O43 - CFD: 04/01/2000 - 04:19:53 - [] ----D C:\ProgramData\Mobile Partner
O43 - CFD: 06/07/2013 - 00:01:41 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 24/05/2014 - 17:02:39 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 09/01/2014 - 20:10:52 - [] ----D C:\ProgramData\NetworkTunnel
O43 - CFD: 19/01/2014 - 20:09:59 - [] ----D C:\ProgramData\Nitro PDF
O43 - CFD: 04/11/2013 - 02:45:07 - [0] ----D C:\ProgramData\Nokia
O43 - CFD: 01/11/2013 - 20:06:35 - [] ----D C:\ProgramData\NokiaInstallerCache
O43 - CFD: 04/01/2000 - 04:17:45 - [] ----D C:\ProgramData\OnlineUpdate
O43 - CFD: 26/02/2015 - 06:35:36 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 09/11/2014 - 15:35:14 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 19/05/2014 - 04:39:18 - [] ----D C:\ProgramData\ParetoLogic =>PUP.Paretologic
O43 - CFD: 13/08/2013 - 14:59:58 - [] ----D C:\ProgramData\PC Drivers Headquarters =>PUP.Optional
O43 - CFD: 31/10/2013 - 23:45:42 - [] ----D C:\ProgramData\PC Suite
O43 - CFD: 11/02/2015 - 16:19:47 - [] ----D C:\ProgramData\PDF Architect 2
O43 - CFD: 01/11/2013 - 02:51:29 - [0] ----D C:\ProgramData\PreventPlay
O43 - CFD: 27/05/2014 - 06:24:49 - [0] ----D C:\ProgramData\RandeomPrice =>PUP.RandomPrice
O43 - CFD: 22/09/2014 - 17:17:18 - [0] ----D C:\ProgramData\Skype
O43 - CFD: 11/01/2014 - 01:01:53 - [] ----D C:\ProgramData\SoftWarehouse =>Adware.Boxore
O43 - CFD: 12/05/2014 - 21:53:05 - [0] ----D C:\ProgramData\SpeedBit
O43 - CFD: 02/01/2014 - 04:29:40 - [] ----D C:\ProgramData\spotflux
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 27/12/2014 - 20:16:27 - [] ----D C:\ProgramData\StartMenuX
O43 - CFD: 24/09/2014 - 10:40:09 - [] ----D C:\ProgramData\Statbox
O43 - CFD: 30/05/2014 - 14:32:26 - [] ----D C:\ProgramData\SYSTRAN
O43 - CFD: 28/10/2014 - 06:28:25 - [] ----D C:\ProgramData\Tbccint =>Toolbar.Conduit
O43 - CFD: 01/03/2015 - 16:26:48 - [] ----D C:\ProgramData\Telecom NZ
O43 - CFD: 11/10/2014 - 15:58:17 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 04:53:55 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 05/01/2014 - 22:24:15 - [] ----D C:\ProgramData\TheGreenBow
O43 - CFD: 15/11/2014 - 11:33:19 - [] ----D C:\ProgramData\TUbeItAdBllockAp =>PUP.TubeItAdBlock
O43 - CFD: 21/09/2014 - 08:52:04 - [] ----D C:\ProgramData\TuneUp Software
O43 - CFD: 14/02/2015 - 23:37:04 - [] ----D C:\ProgramData\WindSolutions
O43 - CFD: 26/10/2013 - 07:02:46 - [] ----D C:\ProgramData\WinterSoft
O43 - CFD: 04/01/2014 - 08:07:51 - [] ----D C:\ProgramData\WNR
O43 - CFD: 14/02/2015 - 21:29:04 - [] ----D C:\ProgramData\Wondershare
O43 - CFD: 21/09/2014 - 08:52:08 - [] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 07/09/2014 - 08:41:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3D Flash Animator 4.9.8.7
O43 - CFD: 22/09/2014 - 16:48:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AAA Logo 2010
O43 - CFD: 16/01/2000 - 13:41:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
O43 - CFD: 05/07/2013 - 22:57:53 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 15/12/2014 - 14:41:01 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 31/01/2015 - 07:30:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ahl_alhadeeth
O43 - CFD: 29/12/2013 - 04:52:56 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\All PD Proxy Serveur Unclocker V.2.5
O43 - CFD: 15/12/2014 - 15:49:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 06/02/2015 - 08:38:34 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
O43 - CFD: 16/03/2014 - 16:57:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BYOB
O43 - CFD: 19/12/2014 - 15:18:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DjVu Viewer
O43 - CFD: 19/12/2014 - 15:43:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DjVuLibre
O43 - CFD: 18/02/2015 - 17:56:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
O43 - CFD: 30/12/2014 - 22:36:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture
O43 - CFD: 25/11/2013 - 08:52:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
O43 - CFD: 30/10/2013 - 04:34:00 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flash Menu Factory
O43 - CFD: 01/10/2013 - 22:06:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fomine Net Send GUI
O43 - CFD: 17/05/2014 - 17:19:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
O43 - CFD: 27/06/2014 - 15:12:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeArc
O43 - CFD: 05/07/2013 - 22:57:55 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 26/02/2015 - 07:20:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoGebra 5
O43 - CFD: 29/12/2014 - 12:44:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostgum
O43 - CFD: 29/12/2014 - 12:43:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
O43 - CFD: 10/01/2015 - 22:21:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
O43 - CFD: 26/02/2014 - 00:52:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GrindEQ Math Utilities
O43 - CFD: 19/04/2014 - 22:10:58 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HSPA USB Modem
O43 - CFD: 02/03/2015 - 21:10:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InftyReader
O43 - CFD: 02/02/2014 - 14:39:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Insistsoft SSL VPN Server
O43 - CFD: 05/02/2015 - 20:09:29 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 27/01/2014 - 13:33:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Access Monitor
O43 - CFD: 16/05/2014 - 18:25:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 26/02/2015 - 06:24:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 07/07/2013 - 16:32:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Grand Robert
O43 - CFD: 11/07/2013 - 03:12:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Petit Robert 2012
O43 - CFD: 19/12/2014 - 15:29:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LizardTech
O43 - CFD: 14/07/2009 - 04:42:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 22/06/2014 - 08:12:00 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maple 18
O43 - CFD: 13/01/2015 - 23:35:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 22/05/2014 - 15:31:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
O43 - CFD: 01/08/2014 - 14:58:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobiconnect
O43 - CFD: 17/02/2015 - 13:45:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3 =>PUP.Mobogenie
O43 - CFD: 16/03/2014 - 11:55:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
O43 - CFD: 21/02/2015 - 07:10:19 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
O43 - CFD: 11/02/2015 - 16:19:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
O43 - CFD: 02/09/2014 - 21:07:11 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
O43 - CFD: 27/01/2014 - 17:36:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Line Software
O43 - CFD: 10/02/2014 - 14:05:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scientific WorkPlace 5.5
O43 - CFD: 11/08/2013 - 13:52:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scriptocean
O43 - CFD: 17/01/2000 - 16:40:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
O43 - CFD: 26/09/2014 - 17:21:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
O43 - CFD: 27/12/2014 - 20:16:50 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu X
O43 - CFD: 14/02/2015 - 21:38:27 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 14/07/2009 - 09:00:32 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 02/03/2015 - 17:05:49 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telecom NZ
O43 - CFD: 29/12/2014 - 12:46:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeXnicCenter
O43 - CFD: 01/11/2014 - 21:36:54 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOWeb
O43 - CFD: 06/07/2014 - 22:57:49 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
O43 - CFD: 06/07/2013 - 13:37:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
O43 - CFD: 06/07/2013 - 01:08:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
O43 - CFD: 22/04/2014 - 14:24:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldVPN Connector
O43 - CFD: 05/03/2015 - 15:59:52 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 25/01/2015 - 20:48:13 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\مصحف المدينة النبوية
O43 - CFD: 16/03/2014 - 17:30:10 - [] ----D C:\Users\Idir\AppData\Roaming\.freeciv
O43 - CFD: 14/02/2014 - 22:20:05 - [] ----D C:\Users\Idir\AppData\Roaming\.spotflux
O43 - CFD: 14/07/2013 - 10:15:50 - [0] ----D C:\Users\Idir\AppData\Roaming\3DFA
O43 - CFD: 10/02/2014 - 13:48:03 - [] ----D C:\Users\Idir\AppData\Roaming\ABBYY
O43 - CFD: 28/09/2013 - 11:17:00 - [0] ----D C:\Users\Idir\AppData\Roaming\ABBYY FineReader Engine 9.0
O43 - CFD: 25/09/2014 - 10:08:25 - [] ----D C:\Users\Idir\AppData\Roaming\ADDINSOFT
O43 - CFD: 09/07/2014 - 23:58:34 - [] ----D C:\Users\Idir\AppData\Roaming\Adobe
O43 - CFD: 25/01/2015 - 20:55:57 - [] ----D C:\Users\Idir\AppData\Roaming\AlMAdinahMushaf
O43 - CFD: 24/09/2014 - 06:46:23 - [] ----D C:\Users\Idir\AppData\Roaming\Apowersoft
O43 - CFD: 14/02/2015 - 19:44:31 - [] ----D C:\Users\Idir\AppData\Roaming\Apple Computer
O43 - CFD: 08/04/2014 - 20:54:39 - [] ----D C:\Users\Idir\AppData\Roaming\AVAST Software
O43 - CFD: 14/10/2013 - 20:50:41 - [] ----D C:\Users\Idir\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 06/07/2013 - 23:16:41 - [] ----D C:\Users\Idir\AppData\Roaming\benibela
O43 - CFD: 11/11/2013 - 13:45:46 - [] ----D C:\Users\Idir\AppData\Roaming\BitTorrent Sync =>P2P.BitTorrent
O43 - CFD: 01/10/2014 - 06:34:31 - [] ----D C:\Users\Idir\AppData\Roaming\BizAgi Ltd
O43 - CFD: 27/09/2013 - 11:30:41 - [] ----D C:\Users\Idir\AppData\Roaming\callas software
O43 - CFD: 11/08/2013 - 13:54:57 - [] ----D C:\Users\Idir\AppData\Roaming\com.prezi.PreziDesktop
O43 - CFD: 11/01/2014 - 00:27:30 - [] ----D C:\Users\Idir\AppData\Roaming\COMODO
O43 - CFD: 09/01/2014 - 00:56:26 - [] ----D C:\Users\Idir\AppData\Roaming\Disk Volume Serial Number Changer
O43 - CFD: 02/03/2015 - 14:47:19 - [] ----D C:\Users\Idir\AppData\Roaming\DMCache
O43 - CFD: 19/01/2014 - 20:08:35 - [] ----D C:\Users\Idir\AppData\Roaming\Downloaded Installations
O43 - CFD: 19/05/2014 - 04:22:58 - [] ----D C:\Users\Idir\AppData\Roaming\DriverCure =>PUP.Paretologic
O43 - CFD: 16/02/2015 - 14:15:53 - [0] ----D C:\Users\Idir\AppData\Roaming\DVDVideoSoft
O43 - CFD: 08/09/2013 - 03:15:50 - [] ----D C:\Users\Idir\AppData\Roaming\EbkReader
O43 - CFD: 31/03/2014 - 01:11:48 - [] ----D C:\Users\Idir\AppData\Roaming\Ectaco
O43 - CFD: 18/02/2015 - 18:24:16 - [] ----D C:\Users\Idir\AppData\Roaming\eTeks
O43 - CFD: 29/09/2014 - 07:28:14 - [] ----D C:\Users\Idir\AppData\Roaming\EurekaLog
O43 - CFD: 02/01/2014 - 01:53:19 - [] ----D C:\Users\Idir\AppData\Roaming\Faceless LLC
O43 - CFD: 30/12/2014 - 22:36:17 - [] ----D C:\Users\Idir\AppData\Roaming\FastStone
O43 - CFD: 19/01/2014 - 20:11:59 - [] ----D C:\Users\Idir\AppData\Roaming\FileOpen
O43 - CFD: 01/10/2014 - 06:53:07 - [] ----D C:\Users\Idir\AppData\Roaming\FileZilla
O43 - CFD: 06/07/2014 - 08:24:46 - [] ----D C:\Users\Idir\AppData\Roaming\Foxit Software
O43 - CFD: 15/12/2014 - 14:40:59 - [] ----D C:\Users\Idir\AppData\Roaming\FreeArc
O43 - CFD: 28/02/2015 - 12:53:11 - [] ----D C:\Users\Idir\AppData\Roaming\GeoGebra 5.0
O43 - CFD: 27/01/2014 - 08:20:02 - [] ----D C:\Users\Idir\AppData\Roaming\globalip
O43 - CFD: 15/02/2014 - 06:22:14 - [] ----D C:\Users\Idir\AppData\Roaming\GRETECH
O43 - CFD: 26/02/2014 - 00:59:30 - [] ----D C:\Users\Idir\AppData\Roaming\GrindEQ
O43 - CFD: 07/08/2014 - 04:32:48 - [] ----D C:\Users\Idir\AppData\Roaming\gtk-2.0
O43 - CFD: 15/01/2000 - 22:25:37 - [] ----D C:\Users\Idir\AppData\Roaming\Help
O43 - CFD: 14/02/2015 - 21:28:55 - [] ----D C:\Users\Idir\AppData\Roaming\HYXDevPsnList
O43 - CFD: 06/07/2013 - 00:02:06 - [] ----D C:\Users\Idir\AppData\Roaming\Identities
O43 - CFD: 02/03/2015 - 16:02:22 - [] ----D C:\Users\Idir\AppData\Roaming\IDM
O43 - CFD: 02/04/2014 - 23:59:21 - [] ----D C:\Users\Idir\AppData\Roaming\inkscape
O43 - CFD: 05/02/2015 - 20:08:02 - [] ----D C:\Users\Idir\AppData\Roaming\InstallShield
O43 - CFD: 26/05/2014 - 18:10:57 - [] ----D C:\Users\Idir\AppData\Roaming\InstallShield Installation Information
O43 - CFD: 05/02/2015 - 21:10:07 - [] ----D C:\Users\Idir\AppData\Roaming\Intel Corporation
O43 - CFD: 11/02/2015 - 22:00:04 - [0] ----D C:\Users\Idir\AppData\Roaming\IrfanView
O43 - CFD: 01/10/2014 - 06:34:32 - [] ----D C:\Users\Idir\AppData\Roaming\IsolatedStorage
O43 - CFD: 11/10/2014 - 21:52:30 - [0] ----D C:\Users\Idir\AppData\Roaming\ISP Monitor
O43 - CFD: 09/01/2014 - 00:56:26 - [] ----D C:\Users\Idir\AppData\Roaming\Keylack Software
O43 - CFD: 07/09/2014 - 23:17:04 - [] ----D C:\Users\Idir\AppData\Roaming\LyX2.1
O43 - CFD: 16/07/2013 - 05:43:24 - [] ----D C:\Users\Idir\AppData\Roaming\Macromedia
O43 - CFD: 22/06/2014 - 08:21:29 - [] ----D C:\Users\Idir\AppData\Roaming\Maple
O43 - CFD: 07/08/2014 - 05:09:03 - [0] ----D C:\Users\Idir\AppData\Roaming\MapleSim
O43 - CFD: 28/08/2013 - 11:04:30 - [] ----D C:\Users\Idir\AppData\Roaming\MAXON
O43 - CFD: 14/07/2009 - 09:00:32 - [0] ----D C:\Users\Idir\AppData\Roaming\Media Center Programs
O43 - CFD: 22/12/2014 - 12:53:59 - [] -S--D C:\Users\Idir\AppData\Roaming\Microsoft
O43 - CFD: 17/10/2014 - 22:02:56 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft Corporation
O43 - CFD: 20/05/2014 - 14:47:08 - [] ----D C:\Users\Idir\AppData\Roaming\MiKTeX
O43 - CFD: 28/09/2014 - 11:16:23 - [] ----D C:\Users\Idir\AppData\Roaming\Mobogenie =>PUP.Mobogenie
O43 - CFD: 14/10/2014 - 16:47:11 - [] ----D C:\Users\Idir\AppData\Roaming\Mozilla
O43 - CFD: 07/02/2014 - 23:51:15 - [] ----D C:\Users\Idir\AppData\Roaming\Nitro PDF
O43 - CFD: 31/10/2013 - 23:45:51 - [] ----D C:\Users\Idir\AppData\Roaming\Nokia
O43 - CFD: 15/12/2014 - 14:40:59 - [] ----D C:\Users\Idir\AppData\Roaming\Notepad++
O43 - CFD: 29/12/2013 - 00:40:40 - [0] ----D C:\Users\Idir\AppData\Roaming\ONSPEED_TOOLBAR
O43 - CFD: 09/01/2014 - 20:09:59 - [] ----D C:\Users\Idir\AppData\Roaming\OpenVPN Technologies
O43 - CFD: 04/10/2014 - 07:09:31 - [0] ----D C:\Users\Idir\AppData\Roaming\Opera
O43 - CFD: 24/10/2013 - 03:21:12 - [] ----D C:\Users\Idir\AppData\Roaming\Opera Software
O43 - CFD: 19/05/2014 - 04:22:58 - [] ----D C:\Users\Idir\AppData\Roaming\ParetoLogic =>PUP.Paretologic
O43 - CFD: 31/10/2013 - 23:45:42 - [] ----D C:\Users\Idir\AppData\Roaming\PC Suite
O43 - CFD: 11/02/2015 - 16:19:31 - [] ----D C:\Users\Idir\AppData\Roaming\pdfforge
O43 - CFD: 01/01/2014 - 23:03:11 - [] ----D C:\Users\Idir\AppData\Roaming\PrivateTunnel
O43 - CFD: 04/01/2014 - 07:55:47 - [] ----D C:\Users\Idir\AppData\Roaming\ProxySwitcher
O43 - CFD: 20/01/2014 - 10:11:51 - [] ----D C:\Users\Idir\AppData\Roaming\RedShift IT SRL
O43 - CFD: 21/09/2014 - 08:40:01 - [] ----D C:\Users\Idir\AppData\Roaming\RHEng =>PUP.Conduit
O43 - CFD: 02/03/2015 - 16:02:22 - [] ----D C:\Users\Idir\AppData\Roaming\rmi
O43 - CFD: 04/09/2014 - 20:58:31 - [] ----D C:\Users\Idir\AppData\Roaming\sAccessNet
O43 - CFD: 11/08/2013 - 13:55:06 - [] ----D C:\Users\Idir\AppData\Roaming\scriptocean
O43 - CFD: 09/01/2014 - 20:11:29 - [] ----D C:\Users\Idir\AppData\Roaming\Serial Port Tool
O43 - CFD: 02/03/2015 - 12:43:09 - [] ----D C:\Users\Idir\AppData\Roaming\shamela
O43 - CFD: 14/01/2000 - 22:23:27 - [] ----D C:\Users\Idir\AppData\Roaming\Shared
O43 - CFD: 01/03/2015 - 16:28:25 - [] ----D C:\Users\Idir\AppData\Roaming\Sierra Wireless
O43 - CFD: 22/09/2014 - 17:17:19 - [0] ----D C:\Users\Idir\AppData\Roaming\Skype
O43 - CFD: 02/01/2014 - 08:16:29 - [] ----D C:\Users\Idir\AppData\Roaming\SonicWALL
O43 - CFD: 30/04/2014 - 06:46:27 - [] ----D C:\Users\Idir\AppData\Roaming\SpeedBit
O43 - CFD: 01/01/2015 - 23:13:56 - [] ----D C:\Users\Idir\AppData\Roaming\StartMenuX
O43 - CFD: 18/02/2015 - 11:41:08 - [] ----D C:\Users\Idir\AppData\Roaming\SteelBytes
O43 - CFD: 09/11/2014 - 15:36:00 - [] ----D C:\Users\Idir\AppData\Roaming\Steganos
O43 - CFD: 14/11/2014 - 15:39:33 - [] ----D C:\Users\Idir\AppData\Roaming\Steganos VPN
O43 - CFD: 30/05/2014 - 14:32:26 - [] ----D C:\Users\Idir\AppData\Roaming\SYSTRAN
O43 - CFD: 04/09/2014 - 20:26:59 - [] ----D C:\Users\Idir\AppData\Roaming\Systweak
O43 - CFD: 31/03/2014 - 01:11:28 - [] ----D C:\Users\Idir\AppData\Roaming\Thinstall
O43 - CFD: 27/02/2015 - 20:34:31 - [] ----D C:\Users\Idir\AppData\Roaming\TikzEdt
O43 - CFD: 24/01/2014 - 22:26:44 - [] ----D C:\Users\Idir\AppData\Roaming\tor
O43 - CFD: 14/09/2014 - 07:25:42 - [] ----D C:\Users\Idir\AppData\Roaming\TuneUp Software
O43 - CFD: 02/02/2014 - 14:36:21 - [] ----D C:\Users\Idir\AppData\Roaming\Tunngle
O43 - CFD: 16/03/2014 - 12:02:33 - [] ----D C:\Users\Idir\AppData\Roaming\TuxPaint
O43 - CFD: 18/01/2000 - 05:02:16 - [0] ----D C:\Users\Idir\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 05/03/2015 - 13:14:35 - [] ----D C:\Users\Idir\AppData\Roaming\vlc
O43 - CFD: 10/10/2014 - 06:14:43 - [0] ----D C:\Users\Idir\AppData\Roaming\WebExtend
O43 - CFD: 24/12/2014 - 23:19:49 - [0] ----D C:\Users\Idir\AppData\Roaming\WebTest
O43 - CFD: 14/01/2000 - 22:43:59 - [] ----D C:\Users\Idir\AppData\Roaming\Windows
O43 - CFD: 15/02/2015 - 16:10:06 - [] ----D C:\Users\Idir\AppData\Roaming\WindSolutions
O43 - CFD: 06/07/2013 - 01:03:14 - [0] ----D C:\Users\Idir\AppData\Roaming\WinRAR
O43 - CFD: 09/01/2014 - 20:10:06 - [] ----D C:\Users\Idir\AppData\Roaming\WNR
O43 - CFD: 02/10/2013 - 07:20:54 - [] ----D C:\Users\Idir\AppData\Roaming\www.kiwix.org
O43 - CFD: 02/01/2014 - 05:16:32 - [] ----D C:\Users\Idir\AppData\Roaming\ZebraNetworkSystems
O43 - CFD: 05/03/2015 - 16:22:40 - [] ----D C:\Users\Idir\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 02/10/2013 - 07:10:13 - [0] -SH-D C:\Users\Idir\AppData\Local\.#
O43 - CFD: 10/02/2014 - 13:52:14 - [] ----D C:\Users\Idir\AppData\Local\ABBYY
O43 - CFD: 28/09/2013 - 11:17:00 - [0] ----D C:\Users\Idir\AppData\Local\ABBYY FineReader Engine 9.0
O43 - CFD: 19/12/2014 - 15:24:58 - [] ----D C:\Users\Idir\AppData\Local\Adobe
O43 - CFD: 23/11/2013 - 10:48:16 - [] ----D C:\Users\Idir\AppData\Local\Apple
O43 - CFD: 13/02/2015 - 07:29:39 - [] ----D C:\Users\Idir\AppData\Local\Apple Computer
O43 - CFD: 06/07/2013 - 00:01:53 - [] -SH-D C:\Users\Idir\AppData\Local\Application Data
O43 - CFD: 25/02/2015 - 11:28:55 - [] ----D C:\Users\Idir\AppData\Local\ApplicationHistory
O43 - CFD: 31/10/2013 - 22:25:22 - [] ----D C:\Users\Idir\AppData\Local\Apps
O43 - CFD: 24/09/2014 - 10:39:49 - [] ----D C:\Users\Idir\AppData\Local\assembly
O43 - CFD: 08/11/2013 - 04:57:30 - [] ----D C:\Users\Idir\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
O43 - CFD: 01/10/2014 - 06:34:31 - [] ----D C:\Users\Idir\AppData\Local\BizAgi Ltd
O43 - CFD: 01/10/2014 - 06:34:32 - [] ----D C:\Users\Idir\AppData\Local\BizAgi_Ltd
O43 - CFD: 01/11/2013 - 22:52:06 - [] ----D C:\Users\Idir\AppData\Local\cache
O43 - CFD: 24/10/2013 - 22:33:55 - [] ----D C:\Users\Idir\AppData\Local\Cool_Mirage
O43 - CFD: 27/04/2014 - 13:31:53 - [] ----D C:\Users\Idir\AppData\Local\CrashRpt
O43 - CFD: 06/01/2014 - 00:55:27 - [0] ----D C:\Users\Idir\AppData\Local\Deployment
O43 - CFD: 14/02/2015 - 19:55:23 - [] ----D C:\Users\Idir\AppData\Local\Diagnostics
O43 - CFD: 26/01/2014 - 21:54:05 - [] ----D C:\Users\Idir\AppData\Local\doEnter_Ltd
O43 - CFD: 13/08/2013 - 14:57:53 - [] ----D C:\Users\Idir\AppData\Local\Downloaded Installations
O43 - CFD: 22/04/2014 - 20:08:18 - [0] ----D C:\Users\Idir\AppData\Local\ElevatedDiagnostics
O43 - CFD: 02/12/2014 - 12:06:55 - [] ----D C:\Users\Idir\AppData\Local\globalUpdate =>PUP.GlobalUpdate
O43 - CFD: 29/09/2014 - 06:45:26 - [] ----D C:\Users\Idir\AppData\Local\Google
O43 - CFD: 22/06/2014 - 07:45:36 - [] ----D C:\Users\Idir\AppData\Local\gtk-2.0
O43 - CFD: 06/07/2013 - 00:01:53 - [] -SH-D C:\Users\Idir\AppData\Local\Historique
O43 - CFD: 01/12/2014 - 23:34:37 - [] ----D C:\Users\Idir\AppData\Local\Installer
O43 - CFD: 08/07/2013 - 11:39:54 - [0] ----D C:\Users\Idir\AppData\Local\InternetTV
O43 - CFD: 02/12/2013 - 18:20:11 - [] ----D C:\Users\Idir\AppData\Local\Intuisphere
O43 - CFD: 07/07/2014 - 23:26:08 - [0] ----D C:\Users\Idir\AppData\Local\ipe
O43 - CFD: 02/01/2014 - 05:40:34 - [] ----D C:\Users\Idir\AppData\Local\IsolatedStorage
O43 - CFD: 25/05/2014 - 07:01:12 - [] ----D C:\Users\Idir\AppData\Local\Macromedia
O43 - CFD: 09/06/2014 - 18:32:42 - [] ----D C:\Users\Idir\AppData\Local\Maple
O43 - CFD: 22/12/2014 - 12:56:41 - [] ----D C:\Users\Idir\AppData\Local\Microsoft
O43 - CFD: 17/10/2014 - 22:02:56 - [] ----D C:\Users\Idir\AppData\Local\Microsoft Corporation
O43 - CFD: 23/10/2013 - 05:10:49 - [] ----D C:\Users\Idir\AppData\Local\Microsoft Games
O43 - CFD: 04/08/2013 - 18:54:15 - [] ----D C:\Users\Idir\AppData\Local\Microsoft Help
O43 - CFD: 17/05/2014 - 12:54:48 - [] ----D C:\Users\Idir\AppData\Local\MiKTeX
O43 - CFD: 03/01/2014 - 17:41:26 - [] ----D C:\Users\Idir\AppData\Local\Mobogenie =>PUP.Mobogenie
O43 - CFD: 24/05/2014 - 17:03:03 - [] ----D C:\Users\Idir\AppData\Local\Mozilla
O43 - CFD: 08/11/2013 - 05:08:43 - [] ----D C:\Users\Idir\AppData\Local\MPCBrowser
O43 - CFD: 01/11/2013 - 20:23:10 - [] ----D C:\Users\Idir\AppData\Local\Nokia
O43 - CFD: 01/11/2013 - 20:26:51 - [] ----D C:\Users\Idir\AppData\Local\NokiaAccount
O43 - CFD: 26/10/2013 - 03:13:04 - [] ----D C:\Users\Idir\AppData\Local\ONSPEED
O43 - CFD: 09/01/2014 - 20:09:49 - [] ----D C:\Users\Idir\AppData\Local\OpenVPN Technologies
O43 - CFD: 02/11/2014 - 19:11:22 - [] ----D C:\Users\Idir\AppData\Local\Opera
O43 - CFD: 24/10/2013 - 03:21:13 - [] ----D C:\Users\Idir\AppData\Local\Opera Software
O43 - CFD: 22/01/2014 - 06:42:32 - [0] ----D C:\Users\Idir\AppData\Local\PackageAware
O43 - CFD: 11/02/2015 - 16:20:20 - [0] ----D C:\Users\Idir\AppData\Local\PDFCreator
O43 - CFD: 11/02/2015 - 16:20:27 - [] ----D C:\Users\Idir\AppData\Local\pdfforge
O43 - CFD: 14/09/2014 - 14:52:04 - [] ----D C:\Users\Idir\AppData\Local\Pokki
O43 - CFD: 06/07/2013 - 13:36:19 - [] ----D C:\Users\Idir\AppData\Local\Programs
O43 - CFD: 02/11/2014 - 19:09:40 - [0] ----D C:\Users\Idir\AppData\Local\Proxy Rental
O43 - CFD: 02/01/2014 - 00:58:14 - [] ----D C:\Users\Idir\AppData\Local\Shalsoft
O43 - CFD: 22/09/2014 - 17:17:18 - [0] ----D C:\Users\Idir\AppData\Local\Skype
O43 - CFD: 29/12/2013 - 22:40:18 - [] ----D C:\Users\Idir\AppData\Local\SlipStream
O43 - CFD: 01/03/2015 - 11:35:01 - [] ----D C:\Users\Idir\AppData\Local\Spoon
O43 - CFD: 19/01/2014 - 15:30:54 - [] ----D C:\Users\Idir\AppData\Local\SumRando
O43 - CFD: 17/06/2014 - 17:44:06 - [] ----D C:\Users\Idir\AppData\Local\Sun
O43 - CFD: 30/05/2014 - 14:32:26 - [] ----D C:\Users\Idir\AppData\Local\SYSTRAN
O43 - CFD: 31/12/2014 - 21:04:14 - [] ----D C:\Users\Idir\AppData\Local\Tbccint =>Toolbar.Conduit
O43 - CFD: 01/03/2015 - 16:30:33 - [] ----D C:\Users\Idir\AppData\Local\Telecom NZ
O43 - CFD: 05/03/2015 - 16:18:34 - [] ----D C:\Users\Idir\AppData\Local\Temp
O43 - CFD: 06/07/2013 - 00:01:53 - [] -SH-D C:\Users\Idir\AppData\Local\Temporary Internet Files
O43 - CFD: 10/07/2013 - 22:53:23 - [] ----D C:\Users\Idir\AppData\Local\Thinstall
O43 - CFD: 27/02/2015 - 20:46:51 - [] ----D C:\Users\Idir\AppData\Local\TikzEdt
O43 - CFD: 15/10/2014 - 15:42:04 - [] ----D C:\Users\Idir\AppData\Local\Toon Boom Animation
O43 - CFD: 14/09/2014 - 07:25:56 - [] ----D C:\Users\Idir\AppData\Local\TuneUp Software
O43 - CFD: 16/10/2014 - 21:48:23 - [] ----D C:\Users\Idir\AppData\Local\Tuxler.com
O43 - CFD: 18/01/2014 - 12:55:11 - [] ----D C:\Users\Idir\AppData\Local\Tweakware_VPN_v4
O43 - CFD: 14/11/2014 - 11:26:16 - [0] ----D C:\Users\Idir\AppData\Local\Unity
O43 - CFD: 02/02/2014 - 10:14:58 - [0] ----D C:\Users\Idir\AppData\Local\uTorrent =>P2P.µTorrent
O43 - CFD: 06/02/2015 - 16:54:16 - [] ----D C:\Users\Idir\AppData\Local\VirtualStore
O43 - CFD: 10/04/2014 - 13:28:46 - [] ----D C:\Users\Idir\AppData\Local\vpn_gui
O43 - CFD: 09/10/2013 - 00:45:06 - [] ----D C:\Users\Idir\AppData\Local\WikiquoteScreensaver
O43 - CFD: 27/02/2015 - 22:55:07 - [0] ----D C:\Users\Idir\AppData\Local\Windows Live
O43 - CFD: 14/02/2015 - 21:28:40 - [] ----D C:\Users\Idir\AppData\Local\Wondershare
O43 - CFD: 02/10/2013 - 07:20:54 - [] ----D C:\Users\Idir\AppData\Local\www.kiwix.org
O43 - CFD: 01/03/2015 - 11:35:03 - [0] ----D C:\Users\Idir\AppData\Local\Your Freedom
O43 - CFD: 14/07/2009 - 04:42:04 - [] R---D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 06/07/2013 - 00:02:17 - [] R---D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 06/10/2014 - 00:17:04 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Balancing Act
O43 - CFD: 08/05/2014 - 22:38:19 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC-Unlocker
O43 - CFD: 27/06/2014 - 15:12:28 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeArc
O43 - CFD: 20/11/2013 - 21:47:13 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 16/05/2014 - 18:25:11 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 14/07/2009 - 04:37:42 - [] R---D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 09/02/2015 - 22:07:47 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mandelbulber v2 win32
O43 - CFD: 18/10/2014 - 22:08:23 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk Messenger
O43 - CFD: 05/10/2014 - 18:20:04 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plate Tectonics
O43 - CFD: 05/10/2014 - 18:27:45 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quantum Wave Interference
O43 - CFD: 05/10/2014 - 21:02:34 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Radioactive Dating Game
O43 - CFD: 05/10/2014 - 19:16:33 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ramp- Forces and Motion
O43 - CFD: 23/02/2014 - 00:24:37 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 01/03/2015 - 11:35:09 - [] R---D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 05/10/2014 - 19:10:11 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stretching DNA
O43 - CFD: 26/05/2014 - 18:09:52 - [] ----D C:\Users\Idir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SYSTRAN
~ Program Folder: 504 Scanned in 00mn 02s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.01CE484FF6D70A39479BC6D619DE7ED6] - 01/03/2015 - 11:22:50 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [19984]
O44 - LFC:[MD5.0198C805B9410EF6641906D5B20967FC] - 01/03/2015 - 16:28:04 ---A- . (...) -- C:\drivers.log [390024]
O44 - LFC:[MD5.BCBC7B0B5FA253F901A17E3764B96356] - 02/03/2015 - 14:52:10 ---A- . (...) -- C:\Windows\smartkeydiagnostics.txt [92]
O44 - LFC:[MD5.96DC968A5A807060BEDA86223D04B2DF] - 03/03/2015 - 13:06:50 ---A- . (...) -- C:\Windows\PFRO.log [976368]
O44 - LFC:[MD5.891F63EBC9BF905619E887DA37DFAB82] - 04/03/2015 - 11:38:33 ---A- . (...) -- C:\Windows\setupact.log [47871]
O44 - LFC:[MD5.88DF01A3D297D298D131CFF226453468] - 04/03/2015 - 11:42:27 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [865130]
O44 - LFC:[MD5.0D162A28A6A9D430B7C75B9AF557418B] - 05/03/2015 - 15:49:54 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.418C09B833FAFA37316DC9F00119F673] - 05/03/2015 - 15:50:40 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1339855]
O44 - LFC:[MD5.8FD6779B3E462578C2E4D9593EEEC4E1] - 05/03/2015 - 16:18:35 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.C55578F7BCD590977170963454F06230] - 18/02/2015 - 23:13:39 ---A- . (...) -- C:\Windows\System32\ada5a0709b157f49c2ee0e36fc3c42bb-x86.cache-2 [88]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/02/2015 - 09:56:04 ---A- . (...) -- C:\Windows\System32\TGv1.0.jar [0]
O44 - LFC:[MD5.10FF11727A98CEC36D632D025AA50F41] - 19/02/2015 - 17:00:01 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [987384]
O44 - LFC:[MD5.ADB72F5D96C12A9CE7E3213F887554C5] - 21/02/2015 - 07:10:09 ---A- . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\Drivers\VBoxUSBMon.sys [104384]
O44 - LFC:[MD5.15B10D9407435E74135B4788207DCC8F] - 21/02/2015 - 07:10:17 ---A- . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\Drivers\VBoxDrv.sys [744520]
O44 - LFC:[MD5.E51B539FEC6A6485289F650E5E7D5156] - 21/02/2015 - 21:26:23 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [701616]
O44 - LFC:[MD5.4713ED2510365E9102172816D2CFB832] - 21/02/2015 - 21:26:23 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [71344]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/02/2015 - 21:52:23 ---A- . (...) -- C:\Windows\System32\gst.bin [0]
O44 - LFC:[MD5.F686D185C5DE79A6E7DC7FEC7119CF56] - 26/02/2015 - 06:24:01 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\WindowsAccessBridge.dll [96680]
~ Files: 18 Scanned in 00mn 40s



---\\ Latest files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.DDEB5E17DF75A5F66A73A1461DB840B2] - 16/02/2015 - 14:06:28 ---A- - C:\Windows\Prefetch\BITTORRENT.EXE-AAD9FA77.pf =>P2P.BitTorrent
O45 - LFCP:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 07/11/2013 - 19:35:04 ---A- - C:\Windows\Prefetch\FTDOWNLOADER V4.0-CODEDOWNLOA-82FF5C83.pf =>Adware.Downware
~ Prefetcher: 2 Scanned in 00mn 00s



---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 13 Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{2da563ec-e5f8-11e2-b818-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{2da563f4-e5f8-11e2-b818-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{332e0d33-c80e-11e3-80fa-001e33f3fa95}\AutoRun\command. (...) -- H:\autorun.exe (.not file.)
O51 - MPSK:{3665b702-f3ec-11e2-9662-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{553dcdc3-4274-11e3-94cc-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{9cc79089-796c-11e3-b9e8-00accd2aa1cc}\AutoRun\command - Orphan key
O51 - MPSK:{9e45794c-592d-11e3-9654-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{a84e712d-4a41-11e4-8e6f-000a2142a6fd}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{a89f19e7-2cd2-11e3-b34a-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{b224fa4f-85c7-11e3-9af1-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{b224fa5c-85c7-11e3-9af1-001e33f3fa95}\AutoRun\command - Orphan key
O51 - MPSK:{e775b295-0a4c-11e4-8e97-000a2142a6fd}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{e775b2a0-0a4c-11e4-8e97-000a2142a6fd}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"vidc.ffds"="ff_vfw.dll" . (.No owner - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.xvid"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"vidc.x264"="x264vfw.dll" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw.dll
O52 - TDSD: \Drivers32\"vidc.lags"="lagarith.dll" . (.No owner - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \Drivers32\"msacm.lameacm"="LameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow Video Codec" . (.No owner - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"x264vfw.dll"="x264 Video Codec" . (.x264vfw project - x264vfw - H.264/MPEG-4 AVC codec.) -- C:\Windows\System32\x264vfw.dll
O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.No owner - Lagarith.) -- C:\Windows\System32\lagarith.dll
O52 - TDSD: \drivers.desc\"LameACM.acm"="Lame ACM MP3 Codec" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\LameACM.acm
O52 - TDSD: \drivers.desc\"DivXa32.acm"="DivX Audio Codec" . (.Packed With Joy ! - DivX;-) Audio Codec.) -- C:\Windows\System32\DivXa32.acm
~ TDSD: 13 Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (...) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CancelAutoPlay_byt [Key] . (...) -- C:\Program Files\Mobiconnect\CancelAutoPlay_byt.exe
O53 - SMSR:HKLM\...\startupreg\HSPALauncher [Key] . (.No owner - HSDPALauncher MFC Application.) -- C:\Program Files\HSPA USB Modem\HSPALauncher.exe
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O53 - SMSR:HKLM\...\startupreg\ISUSPM [Key] . (.Macrovision Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
O53 - SMSR:HKLM\...\startupreg\Le Petit Robert V3 Hyperappel [Key] . (.Dictionnaire Le Robert - Le Petit Robert Hyperappel.) -- C:\Program Files\Le Robert\Le Petit Robert 2012\RobertHA.exe
O53 - SMSR:HKLM\...\startupreg\NetFxUpdate_v1.1.4322 [Key] . (.Microsoft - UpdateUtil Application.) -- C:\Windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
O53 - SMSR:HKLM\...\startupreg\PD-Proxy [Key] . (...) -- J:\avast6\PD-Proxy_VPN\PD-Proxy_2.2.0\PD-Launcher.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (...) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe (.not file.) =>.Oracle Corporation
O53 - SMSR:HKLM\...\startupreg\UIExec [Key] . (...) -- C:\Program Files\Mobiconnect\UIexec.exe
O53 - SMSR:HKLM\...\startupreg\Wi-Free [Key] . (...) -- C:\Program Files\Wi-Free\launcher.exe (.not file.)
~ SMSR Keys: 21 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1
~ MWPS: 1 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145
~ MWPE Keys: 1 Scanned in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976]
O58 - SDL:14/07/2009 - 01:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [297552]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [146512]
O58 - SDL:13/07/2009 - 22:13:48 ---A- . (.LSI Corp - SoftModem Device Driver.) -- C:\Windows\System32\Drivers\AGRSM.sys [1035776]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [14400]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79952]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\amdsbs.sys [159312]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [23616]
O58 - SDL:09/04/2014 - 21:00:50 ---A- . (.Wondershare - Wondershare Virtual Audio Device.) -- C:\Windows\System32\Drivers\Apowersoft_AudioDevice.sys [26032]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [76368]
O58 - SDL:14/07/2009 - 01:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [86608]
O58 - SDL:29/02/2012 - 21:46:08 ---A- . (.Astrill - Astrill Virtual Network Driver.) -- C:\Windows\System32\Drivers\asvpndrv.sys [25856]
O58 - SDL:18/11/2014 - 19:12:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [24184] =>.ALWIL Software
O58 - SDL:18/11/2014 - 19:12:55 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\System32\Drivers\aswmonflt.sys [70384]
O58 - SDL:23/02/2011 - 14:55:10 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\Drivers\aswRdr.sys [25432]
O58 - SDL:18/11/2014 - 19:12:55 ---A- . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\Drivers\aswRdr2.sys [81768]
O58 - SDL:18/11/2014 - 19:12:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software
O58 - SDL:23/11/2014 - 13:11:01 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys [787800]
O58 - SDL:21/04/2014 - 17:01:48 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\Drivers\aswsnx.sys.1400346138399 [776976]
O58 - SDL:21/11/2014 - 07:13:12 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys [423784]
O58 - SDL:21/04/2014 - 17:01:48 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\aswsp.sys.1400346138399 [411552]
O58 - SDL:18/11/2014 - 19:12:56 ---A- . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\Drivers\aswstm.sys [91496]
O58 - SDL:01/09/2014 - 06:47:58 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\aswTap.sys [38984]
O58 - SDL:18/11/2014 - 19:12:55 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [206248] =>.ALWIL Software
O58 - SDL:21/09/2009 - 17:58:28 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\System32\Drivers\athr.sys [1218048]
O58 - SDL:13/07/2009 - 22:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\System32\Drivers\b57nd60x.sys [229888]
O58 - SDL:13/07/2009 - 22:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568]
O58 - SDL:13/07/2009 - 22:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248]
O58 - SDL:14/07/2009 - 00:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [272128]
O58 - SDL:13/07/2009 - 22:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336]
O58 - SDL:13/07/2009 - 22:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160]
O58 - SDL:13/07/2009 - 22:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904]
O58 - SDL:13/07/2009 - 22:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbdx.sys [430080]
O58 - SDL:14/07/2009 - 01:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [15952]
O58 - SDL:29/08/2008 - 17:54:40 ---A- . (.Mobile Connector - USB/Serial Device Driver.) -- C:\Windows\System32\Drivers\cmusbser.sys [103552]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [70720]
O58 - SDL:16/11/2008 - 18:39:44 ---A- . (.Deterministic Networks, Inc. - Deterministic Network Enhancer.) -- C:\Windows\System32\Drivers\dne2000.sys [131984]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:01/03/2015 - 11:22:50 ---A- . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys [19984]
O58 - SDL:13/07/2009 - 22:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbdx.sys [3100160]
O58 - SDL:14/11/2013 - 09:39:03 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:14/11/2013 - 09:39:06 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ewusbmdm.sys [199168]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - USB NDIS Miniport Driver.) -- C:\Windows\System32\Drivers\ewusbwwan.sys [381952]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - ew_cdcacm Driver.) -- C:\Windows\System32\Drivers\ew_cdcacm.sys [108032]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - ew_hwupgrade Driver.) -- C:\Windows\System32\Drivers\ew_hwupgrade.sys [19200]
O58 - SDL:14/11/2013 - 09:39:05 ---A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\ew_hwusbdev.sys [95232]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - ew_jubusenum Driver.) -- C:\Windows\System32\Drivers\ew_jubusenum.sys [77824]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcacm Driver.) -- C:\Windows\System32\Drivers\ew_jucdcacm.sys [101248]
O58 - SDL:14/11/2013 - 09:39:05 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_jucdcecm.sys [70528]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - ew_juextctrl Driver.) -- C:\Windows\System32\Drivers\ew_juextctrl.sys [27776]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - ew_jucdcndis Driver.) -- C:\Windows\System32\Drivers\ew_juwwanecm.sys [208384]
O58 - SDL:14/11/2013 - 09:39:04 ---A- . (.Huawei Technologies Co., Ltd. - Filter Driver.) -- C:\Windows\System32\Drivers\ew_usbenumfilter.sys [11904]
O58 - SDL:14/11/2013 - 09:39:05 ---A- . (.Huawei Technologies Co., Ltd. - ew_cdcndis Driver.) -- C:\Windows\System32\Drivers\ew_wwanecm.sys [315520]
O58 - SDL:18/03/2009 - 18:35:40 ---A- . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\System32\Drivers\hamachi.sys [26176]
O58 - SDL:13/07/2009 - 22:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:14/07/2009 - 01:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [67152]
O58 - SDL:19/11/2012 - 12:10:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x86.) -- C:\Windows\System32\Drivers\iaStorA.sys [526392]
O58 - SDL:19/11/2012 - 12:10:28 ---A- . (.Intel Corporation - Intel Rapid Storage Technology Filter driver - x86.) -- C:\Windows\System32\Drivers\iaStorF.sys [25656]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332352]
O58 - SDL:29/11/2014 - 00:37:06 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [115752]
O58 - SDL:13/11/2012 - 15:43:38 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd32.sys [9037312]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41040]
O58 - SDL:07/04/2014 - 21:56:40 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\jkftxmhf.sys [403440]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [95824]
O58 - SDL:14/07/2009 - 01:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89168]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [54864]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96848]
O58 - SDL:26/04/2011 - 18:09:42 ---A- . (.MBB Incorporated - CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter.sys [9216]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\System32\Drivers\megasas.sys [30800]
O58 - SDL:14/07/2009 - 01:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [235584]
O58 - SDL:14/11/2013 - 09:39:06 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [861696]
O58 - SDL:02/01/2014 - 04:57:58 ---A- . (.SoftEther Project at University of Tsukuba, - SoftEther VPN.) -- C:\Windows\System32\Drivers\Neo_0013.sys [26208]
O58 - SDL:02/01/2014 - 05:02:36 ---A- . (.SoftEther Project at University of Tsukuba, - SoftEther VPN.) -- C:\Windows\System32\Drivers\Neo_0016.sys [26208]
O58 - SDL:16/12/2014 - 20:38:54 ---A- . (.SoftEther VPN Project at University of Tsuk - SoftEther VPN.) -- C:\Windows\System32\Drivers\Neo_0018.sys [26208]
O58 - SDL:18/11/2014 - 13:49:54 ---A- . (.SoftEther VPN Project at University of Tsuk - SoftEther VPN.) -- C:\Windows\System32\Drivers\Neo_0039.sys [26208]
O58 - SDL:18/01/2015 - 20:44:53 ---A- . (.SoftEther VPN Project at University of Tsuk - SoftEther VPN.) -- C:\Windows\System32\Drivers\Neo_0086.sys [26208]
O58 - SDL:15/08/2014 - 22:13:34 ---A- . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\Windows\System32\Drivers\netaapl.sys [18944]
O58 - SDL:14/07/2009 - 01:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [44624]
O58 - SDL:01/09/2009 - 19:06:02 ---A- . (.NeoRouter Inc. - NeoRouter Virtual Network Driver.) -- C:\Windows\System32\Drivers\nrtap.sys [24576]
O58 - SDL:14/07/2009 - 01:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117312]
O58 - SDL:14/07/2009 - 01:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [142416]
O58 - SDL:18/10/2012 - 02:53:46 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\Drivers\pccsmcfd.sys [19072]
O58 - SDL:09/08/2013 - 07:35:42 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\pwftap.sys [31360]
O58 - SDL:20/11/2014 - 19:26:31 ---A- . (.SoftEther VPN Project at University of Tsuk - SoftEther VPN.) -- C:\Windows\System32\Drivers\pxwfp.sys [18016]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1383488]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106064]
O58 - SDL:10/06/2011 - 06:34:52 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\System32\Drivers\Rt86win7.sys [394856]
O58 - SDL:13/07/2009 - 20:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480]
O58 - SDL:18/11/2014 - 13:03:25 ---A- . (.SoftEther VPN Project at University of Tsuk - SoftEther VPN.) -- C:\Windows\System32\Drivers\see.sys [43104]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [40016]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [77888]
O58 - SDL:14/07/2009 - 01:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:03/11/2009 - 19:21:56 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [25216]
O58 - SDL:16/09/2009 - 07:02:40 ---A- . (.Tunngle.net - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901t.sys [27136]
O58 - SDL:15/07/2012 - 10:48:16 ---A- . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapoas.sys [26112]
O58 - SDL:25/11/2013 - 20:37:48 ---A- . (.Spotflux, Inc. - Spotflux Network Device Driver.) -- C:\Windows\System32\Drivers\tapSF0901.sys [33728]
O58 - SDL:16/11/2013 - 20:45:58 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tapstrong.sys [32872]
O58 - SDL:27/11/2013 - 11:09:30 ---A- . (.TheGreenBow - TheGreenBow VPN Miniport Enumerator.) -- C:\Windows\System32\Drivers\TGBMPEnum.sys [32440]
O58 - SDL:21/01/2013 - 10:59:08 ---A- . (.TheGreenBow - TheGreenBow Virtual Miniport Adapter.) -- C:\Windows\System32\Drivers\TGBVPNVirtM.sys [112824]
O58 - SDL:28/09/2013 - 02:56:48 ---A- . (.Trend Micro Inc. - TrendMicro Common Module.) -- C:\Windows\System32\Drivers\tmcomm.sys [289352]
O58 - SDL:22/03/2013 - 12:29:04 ---A- . (.The OpenVPN Project - VPN Tunnel Driver.) -- C:\Windows\System32\Drivers\tun3326.sys [30392]
O58 - SDL:09/11/2007 - 05:00:52 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\System32\Drivers\TVALZ_O.SYS [23640]
O58 - SDL:07/04/2014 - 21:55:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\ubdivcxv.sys [410784]
O58 - SDL:15/08/2014 - 22:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:21/11/2014 - 15:16:54 ---A- . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\Drivers\VBoxDrv.sys [744520]
O58 - SDL:21/11/2014 - 15:16:32 ---A- . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\Drivers\VBoxNetAdp.sys [116184]
O58 - SDL:21/11/2014 - 15:16:32 ---A- . (.Oracle Corporation - VirtualBox Bridged Networking Driver.) -- C:\Windows\System32\Drivers\VBoxNetFlt.sys [126496]
O58 - SDL:21/11/2014 - 15:16:32 ---A- . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\Drivers\VBoxUSBMon.sys [104384]
O58 - SDL:14/07/2009 - 01:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [16976]
O58 - SDL:14/07/2009 - 01:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [141904]
O58 - SDL:07/04/2014 - 22:06:10 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\Drivers\yzshmpux.sys [410784]
O58 - SDL:29/08/2011 - 11:42:56 ---A- . (.ZTE Incorporated - ZTE Incorporated.) -- C:\Windows\System32\Drivers\ZTEusbmdm6k.sys [107520]
O58 - SDL:29/08/2011 - 11:42:56 ---A- . (.ZTE Incorporated - ZTE Incorporated.) -- C:\Windows\System32\Drivers\ZTEusbnmea.sys [107520]
O58 - SDL:29/08/2011 - 11:42:56 ---A- . (.ZTE Incorporated - ZTE Incorporated.) -- C:\Windows\System32\Drivers\ZTEusbser6k.sys [107520]
O58 - SDL:13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 21:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 21:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 21:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 21:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 21:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 21:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 21:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 21:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 21:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 21:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 21:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 21:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:26/04/2011 - 18:07:52 ---A- . (.Smith Micro Inc. - Smith Micro NDIS 5.0 Protocol Driver.) -- C:\Windows\System32\PCTINDIS5.sys [32408]
~ Drivers: 130 Scanned in 00mn 05s



---\\ Last modified or created user files (O61)
O61 - LFC: 01/03/2015 - 16:24:02 ---A- . (...) -- C:\Users\Idir\AppData\Local\Spoon\Sandboxes\Spoon.net Sandbox Manager\3.33.539.0\xsandbox.bin [16]
O61 - LFC: 01/03/2015 - 16:24:02 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\Servers\spoon.net\Cache\setup32\3-33-539__en-us__Default__X86__0\setup32.exe [31404064]
O61 - LFC: 05/03/2015 - 16:25:15 ---A- . (.Nicolas Coolman.) -- C:\Users\Idir\Documents\Download\ZHPDiag2-2015.3.5.26.exe [6876286] =>.Nicolas Coolman
O61 - LFC: 19/11/2049 - 16:24:56 ---A- . (.Microsoft Corporation.) -- C:\Users\Idir\AppData\Roaming\IDM\bin\dao350.dll [570128]
O61 - LFC: 26/02/2015 - 16:24:14 ----- . (...) -- C:\Users\Idir\AppData\Local\Temp\javagiac0.5524580616580171.dll [12304384]
O61 - LFC: 26/02/2015 - 16:25:13 ---A- . (.International GeoGebra Institute.) -- C:\Users\Idir\Documents\Download\GeoGebra-Windows-Installer-5-0-66-0.exe [58661448]
O61 - LFC: 26/02/2015 - 16:25:13 ---A- . (.Oracle Corporation.) -- C:\Users\Idir\Documents\Download\jxpiinstall_2.exe [639912]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (...) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\ksync.exe [8597816]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\Spoon-IEExtension-x64.dll [404448]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\Spoon-IEExtension.dll [366560]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\Spoon-Plugin-x64.dll [2712544]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\Spoon-Plugin.dll [2163168]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\Spoon-Sandbox.exe [5999232]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\Spoon.exe [12458984]
O61 - LFC: 27/02/2015 - 16:24:00 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\npMozillaSpoonPlugin.dll [312800]
O61 - LFC: 27/02/2015 - 16:24:01 ---A- . (...) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\XVM.exe [4774816]
O61 - LFC: 27/02/2015 - 16:24:01 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\SpoonMapi.dll [100864]
O61 - LFC: 27/02/2015 - 16:24:01 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\SpoonPlay.exe [5973032]
O61 - LFC: 27/02/2015 - 16:24:01 ---A- . (.Code Systems Corporation.) -- C:\Users\Idir\AppData\Local\Spoon\3.33.539.0\XLaunch.exe [487936]
O61 - LFC: 27/02/2015 - 16:24:02 ---A- . (...) -- C:\Users\Idir\AppData\Local\Spoon\Cmd\Spoon.exe [115680]
O61 - LFC: 27/02/2015 - 16:24:02 ---A- . (...) -- C:\Users\Idir\AppData\Local\Spoon\Cmd\Turbo.exe [115680]
O61 - LFC: 28/02/2015 - 16:24:14 ----- . (.Java(TM) Native Access (JNA).) -- C:\Users\Idir\AppData\Local\Temp\jna-2274212\jna3812043208707572633.dll [227897]
O61 - LFC: 28/02/2015 - 16:24:14 ----- . (.Java(TM) Native Access (JNA).) -- C:\Users\Idir\AppData\Local\Temp\jna\jna9209616412789475510.dll [441220]
O61 - LFC: 28/02/2015 - 16:24:14 ---A- . (...) -- C:\Users\Idir\AppData\Local\Temp\jogamp_0000\file_cache\jln8004528559063668079\jln6433138602443625729\gluegen-rt.dll [16896]
O61 - LFC: 28/02/2015 - 16:24:14 ---A- . (...) -- C:\Users\Idir\AppData\Local\Temp\jogamp_0000\file_cache\jln8004528559063668079\jln6433138602443625729\jogl_desktop.dll [570880]
O61 - LFC: 28/02/2015 - 16:24:14 ---A- . (...) -- C:\Users\Idir\AppData\Local\Temp\jogamp_0000\file_cache\jln8004528559063668079\jln6433138602443625729\jogl_mobile.dll [270336]
O61 - LFC: 28/02/2015 - 16:24:14 ---A- . (...) -- C:\Users\Idir\AppData\Local\Temp\jogamp_0000\file_cache\jln8004528559063668079\jln6433138602443625729\nativewindow_awt.dll [13824]
O61 - LFC: 28/02/2015 - 16:24:14 ---A- . (...) -- C:\Users\Idir\AppData\Local\Temp\jogamp_0000\file_cache\jln8004528559063668079\jln6433138602443625729\nativewindow_win32.dll [27136]
O61 - LFC: 28/02/2015 - 16:24:14 ---A- . (...) -- C:\Users\Idir\AppData\Local\Temp\jogamp_0000\file_cache\jln8004528559063668079\jln6433138602443625729\newt.dll [32768]
~ 27212 Fichiers temporaires (Temporary files)
~ 4707 Fichiers cookies (Cookies files)
~ Files: 29 Scanned in 01mn 33s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 18/11/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 18/11/2014 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 18/11/2014 - C:\Windows\system32\drivers\aswRdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 18/11/2014 - C:\Windows\System32\Drivers\aswRvrt.sys (aswRvrt) .(...) - LEGACY_ASWRVRT
O64 - Services: CurCS - 23/11/2014 - C:\Windows\system32\drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 21/11/2014 - C:\Windows\system32\drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 18/11/2014 - C:\Windows\system32\drivers\aswStm.sys (aswStm) .(.AVAST Software - Stream Filter.) - LEGACY_ASWSTM
O64 - Services: CurCS - 18/11/2014 - C:\Windows\System32\Drivers\aswVmm.sys (aswVmm) .(...) - LEGACY_ASWVMM
O64 - Services: CurCS - 29/11/2014 - C:\Windows\System32\DRIVERS\idmwfp.sys (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP
O64 - Services: CurCS - 08/10/1745 - C:\Windows\system32\drivers\mbamchameleon.sys (mbamchameleon) .(...) - LEGACY_MBAMCHAMELEON
O64 - Services: CurCS - 08/10/1745 - C:\Users\Idir\AppData\Local\Temp\mbr.sys (mbr) .(...) - LEGACY_MBR
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 21/11/2014 - C:\Windows\System32\DRIVERS\VBoxDrv.sys (VBoxDrv) .(.Oracle Corporation - VirtualBox Support Driver.) - LEGACY_VBOXDRV
O64 - Services: CurCS - 21/11/2014 - C:\Windows\System32\DRIVERS\VBoxUSBMon.sys (VBoxUSBMon) .(.Oracle Corporation - VirtualBox USB Monitor Driver.) - LEGACY_VBOXUSBMON
~ Legacy: 96 Scanned in 00mn 04s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (...) -- D:\CONEN\BROWSE~1.2\NETSCA~1\NETSCP.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe (.not file.)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- D:\CONEN\BROWSE~1.2\NETSCA~1\NETSCP.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: prefs.js [Idir - efo35b2t.default-1417095408250] user_pref("extensions.crossrider.bic", "14a1000d39f7a0020fbd8e4418b196c3"); =>PUP.CrossRider
O69 - SBI: prefs.js [Idir - efo35b2t.default-1417095408250] user_pref("extensions.mywebsearch.prevKwdEnabled", true); =>Adware.MyWebSearch
O69 - SBI: prefs.js [Idir - efo35b2t.default-1417095408250] user_pref("extensions.toolbar.mindspark._64Members_.browser.search.defaultenginename.prev", "Ask Web Search");
O69 - SBI: prefs.js [Idir - efo35b2t.default-1417095408250] user_pref("extensions.toolbar.mindspark._64Members_.browser.search.defaultenginename.tb", "Ask Web Search");
O69 - SBI: prefs.js [Idir - efo35b2t.default-1417095408250] user_pref("extensions.toolbar.mindspark._64Members_.browser.search.selectedEngine.tb", "Ask Web Search");
O69 - SBI: SearchScopes [HKCU] F31CCDA9742F40C0B083D902C3C171D2 - (MyPlayCity) - http://my.myplaycity.com
O69 - SBI: SearchScopes [HKCU] {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} - (Search The Web) - http://www.mystart.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {5D79A8C6-57E7-43BB-BE9A-50E335B5A95C} [DefaultScope] - (Salaf Guide Customized Web Search) - http://trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {AB03C7E4-1CCF-4A50-8E8E-43DE2B598135} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo! Search) - http://search.yahoo.com
~ Keys: Scanned in 00mn 01s



---\\ Crack & Keygen Files (CKF) (O82)
C:\Users\Idir\AppData\Local\Temp\_nitro-Keygen.exe =>.Crack,Keygen
C:\Users\Idir\Downloads\DC Unlocker Cracked Version\dccrap.exe =>.Crack,Keygen
C:\Users\Idir\AppData\Local\Temp\_nitro-Keygen.exe =>.Crack,Keygen
C:\Users\Idir\Downloads\DC Unlocker Cracked Version\dccrap.exe =>.Crack,Keygen
~ Files: Scanned in 02mn 04s



---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168448]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [591360]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [667136]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473088]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [285184]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [241664]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [543232]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [589312]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [497152]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [46592]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [162816]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [743424]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [99328]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102400]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]
~ Services: 33 Scanned in 00mn 01s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.3E34E0A44149DA9D9DC03D31377514AF] [SPRF][09/10/2013] (...) -- C:\Users\Idir\AppData\Roaming\wikiquotes.dat [40116]
[MD5.95630DC824ED72FD037083480DAC9F0A] [SPRF][17/12/2004] (.Texas Instruments Incorporated - Derive 6 Application.) -- C:\Users\Idir\Desktop\Derive6.exe [1334784]
[MD5.B1FE3C3557764D5DFEB49B956DAE3515] [SPRF][22/12/2014] (...) -- C:\Users\Idir\Desktop\gs915w32.exe [13264811]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][20/03/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][20/03/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.1245E33C050E61191059EAA33D9CE6C9] [SPRF][20/03/2006] (.Macrovision Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272]
~ Files: 6 Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{7551584E-CB54-4F3E-B508-BBD9B99D9ADA}" | In - Public - P6 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
O87 - FAEL: "{002FBA0E-B10C-4DA0-BFAA-679485C7C63E}" | In - Public - P17 - TRUE | .(.mobogenie.com - downloader.) -- C:\Program Files\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie
~ Firewall: 2 Scanned in 00mn 06s



---\\ Random Export Key (REK) (O91)
[HKLM\Software\5b68adeb138e415] => Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s



---\\ Search Tracing Registry Key (O100)
HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32 =>Toolbar.AVGSearch
HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS =>Toolbar.AVGSearch
HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32 =>Hijacker.BabSolution
HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS =>Hijacker.BabSolution
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BitTorrent [1]_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\bittorrent_2_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\bittorrent_2_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\BitTorrent_RASAPI32 =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\BitTorrent_RASMANCS =>P2P.BitTorrent
HKLM\SOFTWARE\Microsoft\Tracing\CodecPerformerSetup_RASAPI32 =>PUP.CodecPerformer
HKLM\SOFTWARE\Microsoft\Tracing\CodecPerformerSetup_RASMANCS =>PUP.CodecPerformer
HKLM\SOFTWARE\Microsoft\Tracing\conduitinstaller_RASAPI32 =>Adware.Bloson
HKLM\SOFTWARE\Microsoft\Tracing\conduitinstaller_RASMANCS =>Adware.Bloson
HKLM\SOFTWARE\Microsoft\Tracing\FTdownloader V4_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\FTdownloader V4_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32 =>PUP.Funmoods
HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS =>PUP.Funmoods
HKLM\SOFTWARE\Microsoft\Tracing\Ge-Force-codedownloader_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Microsoft\Tracing\Ge-Force-codedownloader_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id948396ids2s_RASAPI32 =>PUP.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\MediaGet_id948396ids2s_RASMANCS =>PUP.MediaGet
HKLM\SOFTWARE\Microsoft\Tracing\MobogenieDownloader_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\MobogenieDownloader_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_Setup_2_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_Setup_2_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_Setup_3_RASAPI32 =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\Mobogenie_Setup_3_RASMANCS =>PUP.Mobogenie
HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32 =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS =>Toolbar.DeltaSearch
HKLM\SOFTWARE\Microsoft\Tracing\PrivitizeVPN_1_RASAPI32 =>Hijacker.PrivitizeVPN
HKLM\SOFTWARE\Microsoft\Tracing\PrivitizeVPN_1_RASMANCS =>Hijacker.PrivitizeVPN
HKLM\SOFTWARE\Microsoft\Tracing\qualitink_Setup_RASAPI32 =>Adware.Qualitink
HKLM\SOFTWARE\Microsoft\Tracing\qualitink_Setup_RASMANCS =>Adware.Qualitink
HKLM\SOFTWARE\Microsoft\Tracing\RegCurePro_RASAPI32 =>Rogue.RegCure
HKLM\SOFTWARE\Microsoft\Tracing\RegCurePro_RASMANCS =>Rogue.RegCure
HKLM\SOFTWARE\Microsoft\Tracing\ShopperPro_RASAPI32 =>PUP.ShopperPro
HKLM\SOFTWARE\Microsoft\Tracing\ShopperPro_RASMANCS =>PUP.ShopperPro
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicAssistant_v0-1-6_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicAssistant_v0-1-6_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_derive_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_derive_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hide-your-ip-address_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hide-your-ip-address_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_internet-explorer-9_2_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_internet-explorer-9_2_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_internet-explorer-9_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_internet-explorer-9_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_andy-os_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_andy-os_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_bexplore_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_bexplore_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_calc4m_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_calc4m_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_djvu-viewer-plug-in_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_djvu-viewer-plug-in_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_free-video-editor_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_free-video-editor_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_google_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_google_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_mobilenews_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_mobilenews_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_nokia-pc-suite_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_nokia-pc-suite_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_opera-mobile_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_opera-mobile_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_opera_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_opera_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_safeip_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_safeip_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_skyfire_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_skyfire_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_sothink-swf-easy_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_sothink-swf-easy_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_theme-nokia-3d_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_theme-nokia-3d_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_uc-browser_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_uc-browser_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_ultrasurf-firefox-tool_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_ultrasurf-firefox-tool_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_usb-show_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_usb-show_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_utorrent_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_utorrent_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-19-3[1]_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-19-3[1]_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-19-3_RASAPI32 =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-19-3_RASMANCS =>Toolbar.Conduit
HKLM\SOFTWARE\Microsoft\Tracing\Spyhunter4xCrack__7934_il20618_RASAPI32 =>Crapware.SpyHunter
HKLM\SOFTWARE\Microsoft\Tracing\Spyhunter4xCrack__7934_il20618_RASMANCS =>Crapware.SpyHunter
HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASAPI32 =>Adware.Qualitink
HKLM\SOFTWARE\Microsoft\Tracing\updatequalitink_RASMANCS =>Adware.Qualitink
HKLM\SOFTWARE\Microsoft\Tracing\utilqualitink_RASAPI32 =>Adware.Qualitink
HKLM\SOFTWARE\Microsoft\Tracing\utilqualitink_RASMANCS =>Adware.Qualitink
HKLM\SOFTWARE\Microsoft\Tracing\uTorrentPortable_3_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrentPortable_3_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASMANCS =>Adware.Downware
~ BTK: 1057 Scanned in 00mn 04s



---\\ Search CLSID Registry Key (O101)
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate
~ BCK: 6820 Scanned in 00mn 28s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/02/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 22/07/1658 0 | (clr_optimization_v2.0.50727_32) . (...) - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
SS - | Auto 22/07/1658 0 | (ehSched) . (...) - C:\Windows\ehome\ehsched.exe
SS - | Disabled 22/07/1658 0 | (FileGateway) . (...) - C:\Users\Idir\Desktop\Setup_product_21516.exe
SS - | Auto 22/07/1658 0 | (globalUpdate) . (...) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Demand 22/07/1658 0 | (globalUpdatem) . (...) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 16/07/2013 68096 | (Macromedia Licensing Service) . (...) - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
SS - | Auto 22/07/1658 0 | (MobiConnect. RunOuc) . (...) - C:\Program Files\MobiConnect\UpdateDog\ouc.exe
SS - | Demand 31/10/2014 114288 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 22/07/1658 0 | (nlsX86cc) . (...) - C:\Windows\system32\nlssrv32.exe
SS - | Auto 22/07/1658 0 | (SPBIUpd) . (...) - C:\Program Files\Common Files\ShopperPro\spbiu.exe =>PUP.ShopperPro
SS - | Demand 22/07/1658 0 | (UI0Detect) . (...) - C:\Windows\System32\UI0Detect.exe
SS - | Demand 22/07/1658 0 | (vds) . (...) - C:\Windows\System32\vds.exe
SS - | Demand 22/07/1658 0 | (wmiApSrv) . (...) - C:\Windows\System32\wbem\WmiApSrv.exe
SR - | Auto 18/11/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 10/04/2013 276048 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SR - | Auto 19/11/2012 14904 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 03/02/2015 127168 | (MobogenieService) . (.Mobogenie.com.) - C:\Program Files\Mobogenie3\MobogenieService.exe =>PUP.Mobogenie
SR - | Auto 22/09/2010 226672 | (SwiCardDetectSvc) . (.Sierra Wireless, Inc..) - C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe
SR - | Auto 01/04/2013 276224 | (UI Assistant Service) . (...) - C:\Program Files\Mobiconnect\AssistantServices.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 31s



---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Idir at 05/03/2015 16:28:26
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStorF.sys ACPI.sys halmacpi.dll storport.sys iaStorA.sys
C:\Windows\system32\DRIVERS\iaStorF.sys Intel Corporation Intel Rapid Storage Technology Filter driver
C:\Windows\system32\DRIVERS\iaStorA.sys Intel Corporation Intel Rapid Storage Technology driver
1 ntkrnlpa!IofCallDriver[0x83A3D428] >> \Device\Harddisk0\DR0[0x88C5F030]
3 CLASSPNP[0x8C5C859E] >> ntkrnlpa!IofCallDriver[0x83A3D428] >> [0x88C5E320]
5 iaStorF[0x8C6117EE] >> ntkrnlpa!IofCallDriver[0x83A3D428] >> [0x87B83228]
7 ACPI[0x8BC9B3B2] >> ntkrnlpa!IofCallDriver[0x83A3D428] >> \Device\0000007f[0x87B836B0]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 16 Scanned in 00mn 02s



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Idir at 05/03/2015 16:28:28
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (01/03/2015)
Clés trouvées (Keys found) : 39
Valeurs trouvées (Values found) : 4
Dossiers trouvés (Folders found) : 31
Fichiers trouvés (Files found) : 23

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23368BDF-8C2E-F7AD-8833-67E079DD668C}] =>PUP.TubeItAdBlock^
[HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^
[HKLM\SYSTEM\CurrentControlSet\Services\MobogenieService] =>PUP.Mobogenie^
[HKLM\SYSTEM\CurrentControlSet\Services\SPBIUpd] =>PUP.ShopperPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie3] =>PUP.Mobogenie^
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}] =>PUP.ToolbarCleaner
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c95a4e8e-816d-4655-8c79-d736da1adb6d}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply] =>PUP.DealPly
[HKCU\Software\StartSearch] =>Hijacker.Agent
[HKLM\Software\Microsoft\Tracing\Mobogenie_RASMANCS] =>PUP.Mobogenie
[HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Tracing\Mobogenie_RASAPI32] =>PUP.Mobogenie
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\ConduitUninstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\ConduitUninstaller_RASMANCS] =>Toolbar.Conduit
[HKCU\Software\ParetoLogic] =>PUP.Paretologic
[HKLM\Software\ParetoLogic] =>PUP.Paretologic
[HKCU\Software\USyndication] =>Trojan.USyndication
[HKCU\Software\usyndication.com] =>Trojan.USyndication
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKLM\Software\Classes\Toolbar.CT1001007] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT1561552] =>Toolbar.Conduit
C:\Program Files\Enigma Software Group =>PUP.EnigmaSoftware^
C:\Program Files\globalUpdate =>PUP.GlobalUpdate^
C:\Program Files\Mobogenie =>PUP.Mobogenie^
C:\Program Files\Mobogenie3 =>PUP.Mobogenie^
C:\Program Files\RandeomPrice =>PUP.RandomPrice^
C:\Program Files\Tbccint =>Toolbar.Conduit^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\FindBesoTDEal =>PUP.FindBestDeal^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\ProgramData\Media Get LLC =>PUP.MediaGet^
C:\ProgramData\ParetoLogic =>PUP.Paretologic^
C:\ProgramData\PC Drivers Headquarters =>PUP.Optional^
C:\ProgramData\RandeomPrice =>PUP.RandomPrice^
C:\ProgramData\SoftWarehouse =>Adware.Boxore^
C:\ProgramData\Tbccint =>Toolbar.Conduit^
C:\ProgramData\TUbeItAdBllockAp =>PUP.TubeItAdBlock^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobogenie3 =>PUP.Mobogenie^
C:\Users\Idir\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\Idir\AppData\Roaming\BitTorrent Sync =>P2P.BitTorrent^
C:\Users\Idir\AppData\Roaming\DriverCure =>PUP.Paretologic^
C:\Users\Idir\AppData\Roaming\Mobogenie =>PUP.Mobogenie^
C:\Users\Idir\AppData\Roaming\ParetoLogic =>PUP.Paretologic^
C:\Users\Idir\AppData\Roaming\RHEng =>PUP.Conduit^
C:\Users\Idir\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\Idir\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch^
C:\Users\Idir\AppData\Local\globalUpdate =>PUP.GlobalUpdate^
C:\Users\Idir\AppData\Local\Mobogenie =>PUP.Mobogenie^
C:\Users\Idir\AppData\Local\Tbccint =>Toolbar.Conduit^
C:\Users\Idir\AppData\Local\uTorrent =>P2P.µTorrent^
C:\Program Files\GamingWonderlandEI =>Adware.MyWebSearch
C:\Users\Idir\AppData\Local\Installer =>Adware.InstallPedia
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified =>Hijacker.Application^
C:\Program Files\Mobogenie3\MoboGenieHelper.exe =>PUP.Mobogenie^
C:\Program Files\Mobogenie3\mobogenieP2sp.exe =>PUP.Mobogenie^
C:\Windows\Tasks\ParetoLogic Update Version3_triggeronce.job =>PUP.Paretologic^
C:\Windows\System32\Tasks\ParetoLogic Update Version3_triggeronce =>PUP.Paretologic^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\AppDataLow\Software\TbccintSearchScopes] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\Tbccint] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\qualitink] =>Adware.Qualitink^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Media Get LLC] =>PUP.MediaGet^
[HKCU\Software\Mobogenie3] =>PUP.Mobogenie^
[HKCU\Software\Mobogenie] =>PUP.Mobogenie^
[HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^
[HKCU\Software\Tbccint] =>Toolbar.Conduit^
[HKCU\Software\Tbccint_HKLM] =>Toolbar.Conduit^
[HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\EnigmaSoftwareGroup] =>PUP.EnigmaSoftware^
[HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate^
[HKLM\Software\ShopperPro] =>PUP.ShopperPro^
[HKLM\Software\Uniblue] =>PUP.UniblueSystem^
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate^
~ Additionnel Scan: 443352 Items scanned in 02mn 23s



---\\ Additional information about modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.MountPoints2 Shell Key (MPSK) (O51)
~ AMI: 5 Scanned in 00mn 00s



---\\ Summary of the detections found on your workstation
http://www.nicolascoolman.fr/blog/ =>Hijacker.Application
http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie
http://www.nicolascoolman.fr/blog/ =>PUP.TubeItAdBlock
http://nicolascoolman.fr/hijacker-omigaplus =>Hijacker.OmigaPlus
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://nicolascoolman.fr/pup-shopperpro =>PUP.ShopperPro
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.fr/30068076-pup-paretologic =>PUP.Paretologic
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-qualitink =>Adware.Qualitink
http://nicolascoolman.fr/hijacker-babsolution =>Hijacker.BabSolution
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/pup-mediaget =>PUP.MediaGet
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.fr/pup-startsearch =>PUP.StartSearch
http://nicolascoolman.fr/trojan-usyndication =>Trojan.USyndication
http://www.nicolascoolman.fr/blog/ =>PUP.EnigmaSoftware
http://www.nicolascoolman.fr/blog/ =>PUP.UniblueSystem
http://nicolascoolman.fr/pup-randomprice =>PUP.RandomPrice
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://www.nicolascoolman.fr/blog/ =>PUP.FindBestDeal
http://nicolascoolman.fr/pup-tarma =>PUP.Tarma
http://www.nicolascoolman.fr/blog/ =>PUP.Optional
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom
Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
http://www.nicolascoolman.fr/blog/ =>PUP.CodecPerformer
http://nicolascoolman.fr/adware-bloson =>Adware.Bloson
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.fr/toolbar-deltasearch =>Toolbar.DeltaSearch
http://nicolascoolman.fr/27068497-hijacker-privitizevpn =>Hijacker.PrivitizeVPN
http://www.nicolascoolman.fr/blog/ =>Rogue.RegCure
http://nicolascoolman.fr/crapware-spyhunter =>Crapware.SpyHunter
http://nicolascoolman.fr/adware-recordnrip =>Adware.RecordNRip
http://nicolascoolman.fr/pup-toolbarcleaner =>PUP.ToolbarCleaner
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/pup-toparcadehits =>PUP.ToparcadeHits
http://nicolascoolman.fr/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://nicolascoolman.fr/pup-dealply =>PUP.DealPly
http://www.nicolascoolman.fr/blog/ =>Hijacker.Agent
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://nicolascoolman.fr/adware-magnipic =>Adware.MagniPic
http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox
http://nicolascoolman.fr/adware-installpedia =>Adware.InstallPedia
~ MSI: 51 link(s) detected in 00mn 00s



End of the scan (2186 lines in 09mn 26s)(4.10)

Publicité


Signaler le contenu de ce document

Publicité