cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2015.6.4.54 - Nicolas Coolman (31-05-2015)
~ Launched by TAREKO (15-06-2015 21:01:13)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Web forum address : http://forum.nicolascoolman.fr
~ Translated by
~ Version State : Updated version.
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Deactivate by user


---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.17842
MFIE: Mozilla Firefox 39.0 (Defaut)
GCIE: Google Chrome v43.0.2357.124

---\\ Windows product information
~ Langage: Anglais
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
~ Windows Partial Key : BPWYD
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1 Single Language, 64-bit (Build 9600)

---\\ System protection software
Avira Antivirus v15.0.10.434
Malwarebytes Anti-Malware version 2.1.6.1022
Windows Defender W8 (Deactivate)

---\\ System optimization software
CCleaner v4.17

---\\ Sharing software PeerToPeer
GreedyTorrent v1.01 beta build 170 =>P2P.GreedyTorrent
qBittorrent 3.1.12 v3.1.12 =>P2P.BitTorrent

---\\ Surveillance software
Adobe Flash Player 17 NPAPI

---\\ Information on the system
~ Processor: Intel64 Family 6 Model 60 Stepping 3, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8104.3 MB (77% free)
System Restore: Activé (Enable)
System drive C: has 59 GB (13%) free of 448 GB

---\\ Connection to the system mode
~ Computer Name: TAREK
~ User Name: TAREKO
~ All Users Names: TAREKO, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\TAREKO\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TAREKO\AppData\Roaming\
~ %Desktop% : C:\Users\TAREKO\Desktop\
~ %Favorites% : C:\Users\TAREKO\Favorites\
~ %LocalAppData% : C:\Users\TAREKO\AppData\Local\
~ %StartMenu% : C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 59 Go of 448 Go)
D: Hard drive, Flash drive, Thumb drive (Free 8 Go of 25 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
H: Hard drive, Flash drive, Thumb drive (Free 0 Go of 15 Go)
J: Floppy drive, Flash card reader, USB Key (Free 3 Go of 7 Go)
T: Hard drive, Flash drive, Thumb drive (Free 27 Go of 443 Go)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 44 Scanned in 00mn 00s



---\\ Search Generic System Files
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28-01-2015 - 0:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Application de démarrage de Windows.) (.29-10-2014 - 2:25:54.) -- C:\Windows\System32\Wininit.exe [145920]
[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22-05-2015 - 18:50:20.) -- C:\Windows\System32\wininet.dll [2426880]
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.29-10-2014 - 2:22:52.) -- C:\Windows\System32\Winlogon.exe [572416]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.24-09-2014 - 7:46:16.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.24-09-2014 - 9:00:42.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22-08-2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22-08-2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22-08-2013 - 9:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.24-09-2014 - 8:13:04.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.24-09-2014 - 7:54:58.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.D887446F3F6051C60C26F4FD1FC8D43F] - (.Microsoft Corporation - Pilote de port i8042.) (.07-10-2014 - 4:29:50.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.24-09-2014 - 7:46:18.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.31233271EDE50D1BBB220F78AFA60486] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.08-10-2014 - 8:32:10.) -- C:\Windows\system32\Drivers\MRxSmb.sys [405504]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22-08-2013 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.15-10-2014 - 9:32:37.) -- C:\Windows\system32\Drivers\ntfs.sys [2025792]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22-08-2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22-08-2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.24-09-2014 - 7:17:10.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22-08-2013 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.24-09-2014 - 7:54:58.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/54
~ Mes musiques (My Musics) : 1/64
~ Mes Videos (My Videos) : 1/12
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/929
~ Mon Bureau (My Desktop) : 1/1685
~ Menu demarrer (Programs) : 1/64
~ Hidden Files: Scanned in 00mn 01s



---\\ Process running
[MD5.66177D4C99FD8B578C7C56DE445E4D5D] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312] [PID.6332]
[MD5.12475C3B6999F456994C2C8BDD16F066] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [376944] [PID.5820]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.6840]
~ Processes Running: Scanned in 00mn 00s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: Extension [TAREKO - 44hub6l8.default-1431635997526] {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi =>.Adblock Plus Extension Mozilla Firefox
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Lync.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npMeetingJoinPluginOC.dll
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\google.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.40416.0.) -- C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plugin allows you to have a better experience with Microsoft Share.) -- C:\Program Files\Microsoft Office\Office15\NPSPWRAP.dll
P2 - FPN: [HKLM] [adobe.com/AdobeAAMDetect] - (.Adobe Systems - A plugin to detect whether the Adobe Application Manager is installed.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\TAREKO\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)
P2 - FPN: [HKCU] [@spoon.net/Spoon Plugin 3.33] - (...) -- C:\Users\TAREKO\AppData\Local\Spoon\3.33.7.431\npMozillaSpoonPlugin.dll (.not file.)
~ Firefox Browser: 25 Scanned in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (11.00.9600.17840 (winblue_r11.150522-0826)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 26 Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
O1 - Hosts: 178.255.41.176 pes6gate-ec.winning-eleven.net
O1 - Hosts: 212.227.67.195 we9stun.winning-eleven.net
O1 - Hosts: 127.0.0.2 d3.connectify.me
O1 - Hosts: 127.0.0.2 b.connectify.me
O1 - Hosts: 127.0.0.2 bc.connectify.me
O1 - Hosts: 127.0.0.2 data.connectify.me
O1 - Hosts: 127.0.0.2 news.connectify.me
~ Nombre lignes détournées 7/19 (Hosts file redirected)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects (O2)
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.dll =>.Microsoft Corporation
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} Orphan key
~ BHO: 7 Scanned in 00mn 00s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RtsFT] . (.Realtek semiconductor - RTFTrack.) -- C:\Windows\RTFTrack.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [RtHDVBg_Dolby] . (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [BTMTrayAgent] . (.Motorola Solutions, Inc. - Bluetooth Shell Extension.) -- C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll
O4 - HKLM\..\Run: [UMonit64] . (.No owner - ChangeIcon MFC Application.) -- C:\WINDOWS\SysWOW64\UMonit64.exe
O4 - HKLM\..\Run: [OnekeyStudio] . (.Lenovo - Lenovo Onekey Theater Application.) -- C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
O4 - HKLM\..\Run: [Energy Management] . (.Lenovo (Beijing) Limited - Lenovo Energy Management Software 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [EnergyUtility] . (.Lenovo(beijing) Limited - Lenovo Battery Management Software Ver 8.0.) -- C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\WINDOWS\system32\nvspcap64.dll
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\TAREKO\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [同步助手移动服务] . (.同步网络平台 - 同步助手服务.) -- C:\Program Files (x86)\Tongbu\tbMobileService.exe
O4 - HKCU\..\Run: [download.ninja] C:\Program Files\Download Ninja\download.ninja.exe (.not file.)
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKCU\..\Run: [Skype] C:\Users\TAREKO\Downloads\SkypePortable\SkypePortable.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] C:\Users\TEMP.TAREK\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKCU\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\TAREKO\AppData\Local\FluxSoftware\Flux\flux.exe
O4 - HKCU\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\TAREKO\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [GreedyTorrent] . (...) -- C:\Program Files (x86)\GreedyTorrent\GTor.exe =>P2P.GreedyTorrent
O4 - HKLM\..\Wow6432Node\Run: [YouCam Tray] . (.CyberLink Corp. - CyberLink YouCam Tray.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [RemoteControl10] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Intel AppUp(SM) center] . (.Intel Corporation - Intel Services Manager.) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe =>.Elaborate Bytes AG
O4 - HKLM\..\Wow6432Node\Run: [BrMfcWnd] . (.No owner - Status Monitor Application.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter3] . (.Brother Industries, Ltd. - ControlCenter Program.) -- C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [HSPALauncher] . (.No owner - HSDPALauncher MFC Application.) -- C:\Program Files (x86)\HSPA USB Modem\HSPALauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
O4 - HKLM\..\Wow6432Node\Run: [BrHelp] . (.Brother Industries, Ltd. - Brother Help Application.) -- C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [DU Meter] . (.Hagel Technologies Ltd. - DU Meter Monitor.) -- C:\Program Files (x86)\DU Meter\DUMeter.exe
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\TAREKO\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [同步助手移动服务] . (.同步网络平台 - 同步助手服务.) -- C:\Program Files (x86)\Tongbu\tbMobileService.exe
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [download.ninja] C:\Program Files\Download Ninja\download.ninja.exe (.not file.)
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe =>.DT Soft Ltd
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [Skype] C:\Users\TAREKO\Downloads\SkypePortable\SkypePortable.exe (.not file.)
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [uTorrent] C:\Users\TEMP.TAREK\AppData\Roaming\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [f.lux] . (.Flux Software LLC - f.lux.) -- C:\Users\TAREKO\AppData\Local\FluxSoftware\Flux\flux.exe
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [BitTorrent] . (.BitTorrent Inc. - BitTorrent.) -- C:\Users\TAREKO\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-2125108019-1014452923-2971699372-1002\..\Run: [GreedyTorrent] . (...) -- C:\Program Files (x86)\GreedyTorrent\GTor.exe =>P2P.GreedyTorrent
~ Application: Scanned in 00mn 00s



---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Se&nd to OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office15\ONBttnIE.dll (.not file.)
O9 - Extra button: Skype for Business Click to Call [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: OneNote Lin&ked Notes [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office15\ONBTTN~1.dll (.not file.)
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\WINDOWS\system32\napinsp.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\WINDOWS\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\WINDOWS\system32\NLAapi.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 8 Scanned in 00mn 00s



---\\ Site in Trusted Zone (O15)
O15 - Trusted Zone: [HKCU\...\EscDomains] http.connectify.me
O15 - Trusted Zone: [HKCU\...\EscDomains] http.fastspring.com
O15 - Trusted Zone: [HKLM\...\EscDomains] http.connectify.me
O15 - Trusted Zone: [HKLM\...\EscDomains] http.fastspring.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4AC464E8-5C85-4873-A3D6-F522DA79B4B0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC1371F6-78EE-43B8-A6D7-113840CA2C0A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{4AC464E8-5C85-4873-A3D6-F522DA79B4B0}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC1371F6-78EE-43B8-A6D7-113840CA2C0A}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - AppInit_DLLs: . (.NVIDIA Corporation - NVIDIA shim initialization dll, Version 353.) - C:\WINDOWS\system32\nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Avira Mail Protection (AntiVirMailService) . (.Avira Operations GmbH & Co. KG - Antivirus MailScanner WFP Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) . (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) . (.Avira Operations GmbH & Co. KG - AntiVir WebGuard WFP Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - YSLoader.exe.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor (Bluetooth Device Monitor) . (.Motorola Solutions, Inc. - Bluetooth Device Monitor.) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service (Bluetooth OBEX Service) . (.Motorola Solutions, Inc. - Bluetooth OBEX Service.) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrcmSetSecurity (BrcmSetSecurity) . (.Intel - BrcmSetSecurity.) - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
O23 - Service: CyberGhost 5 Client Service (CGVPNCliService) . (.CyberGhost S.R.L - CyberGhost VPN Service.) - C:\Program Files\CyberGhost 5\Service.exe
O23 - Service: DU Meter Service (DUMeterSvc) . (.Hagel Technologies Ltd. - DU Meter Service.) - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) . (.Foxit Software Inc. - Foxit Cloud Safe Update Service.) - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service (Intel(R) ME Service) . (.Intel Corporation - Intel(R) ME Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Wireless Bluetooth(R) 4.0 Radio Management (Intel(R) Wireless Bluetooth(R) 4.0 Radio Management) . (.Intel Corporation - Intel(R) Wireless Bluetooth(R) Radio Manage.) - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon - No Comment.) - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NitroPDFDriverCreatorReadSpool8 (NitroDriverReadSpool8) . (.Nitro PDF Software - Nitro PDF Spool Service.) - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\WINDOWS\SysWOW64\NLSSRV32.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.0.) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service: Realtek11nSU (Realtek11nSU) . (.Realtek - RtlService MFC Application.) - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
O23 - Service: RealtekWlanU (RealtekWlanU) . (.Realtek - RtlService MFC Application.) - C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: RosettaStoneDaemon (RosettaStoneDaemon) . (.Rosetta Stone Ltd. - Rosetta Stone Ltd. application.) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
O23 - Service: Realtek DHCP Service (RTLDHCPService) . (.Realtek - RtlDHCP.) - C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
O23 - Service: RunSwUSB (RunSwUSB) . (...) - C:\Windows\runSW.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: VeriFaceSrv (VeriFaceSrv) . (...) - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) . (.Intel® Corporation - Intel® PROSet/Wireless Zero Configure Servi.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
~ Services: 38 Scanned in 00mn 02s



---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s



---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn 00s



---\\ Task Planned Automatically (039)
[MD5.00CC35F515079F5F94FABC3AC5C7D363] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [268464]
[MD5.816B4925CC73512A2DEBF625DABCCAB6] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4796696]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002Core] (.Facebook Inc..) -- C:\Users\TAREKO\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002UA] (.Facebook Inc..) -- C:\Users\TAREKO\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.5C9B001D8970C2DA36254A916F3DA8F7] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.E237A21F0275CEC3C8A90DBE6C7C780A] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [257816]
[MD5.CB3DDD52F03BEA6E81A27EDF0261A44D] [APT] [Synaptics TouchPad Enhancements] (.Synaptics Incorporated.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2985200]
[MD5.12475C3B6999F456994C2C8BDD16F066] [APT] [{48AD6472-A111-406C-A9AE-AA1752B6B72C}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [376944]
[MD5.00000000000000000000000000000000] [APT] [{BB7B76AD-9030-4B66-B154-ACF7EF5299ED}] (...) -- T:\Program Files (x86)\JDownloader\JDUninstall.exe (.not file.) [0]
[MD5.12475C3B6999F456994C2C8BDD16F066] [APT] [{DDFB7D67-0FD3-44C2-BB50-8732F7296C12}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [376944]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002Core.job [922]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002Core [922]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002UA.job [944]
O39 - APT: FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2125108019-1014452923-2971699372-1002UA [944]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [858]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [858]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [862]
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [862]
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Windows\Tasks\Synaptics TouchPad Enhancements.job [264]
O39 - APT: Synaptics TouchPad Enhancements - (.Synaptics Incorporated.) -- C:\Windows\System32\Tasks\Synaptics TouchPad Enhancements [264]
~ Scheduled Task: 20 Scanned in 00mn 04s



---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Disable SSL3 [64Bits] - {7D715857-A67C-4C2F-A929-038448584D63} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\WINDOWS\System32\ie4uinit.exe
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s



---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: C:\Windows\System32\drivers\ahcache.sys (ahcache) . (.Microsoft Corporation - Application Compatibility Cache.) - C:\Windows\System32\DRIVERS\ahcache.sys
O41 - Driver: (avipbb) . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys
O41 - Driver: (avkmgr) . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) - C:\Windows\system32\DRIVERS\avkmgr.sys
O41 - Driver: (BasicDisplay) . (.Microsoft Corporation - Microsoft Basic Display Driver.) - C:\Windows\system32\drivers\BasicDisplay.sys
O41 - Driver: (BasicRender) . (.Microsoft Corporation - Microsoft Basic Render Driver.) - C:\Windows\system32\drivers\BasicRender.sys
O41 - Driver: cdrom.inf (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys
O41 - Driver: oem46.inf (cnnctfy3) . (.Connectify - NDISRD helper driver.) - C:\Windows\system32\DRIVERS\cnnctfy3.sys
O41 - Driver: C:\Windows\System32\drivers\dam.sys (dam) . (.Microsoft Corporation - DAM Kernel Driver.) - C:\Windows\System32\drivers\dam.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (Dfsc) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: oem1.inf (dtsoftbus01) . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\system32\drivers\dtsoftbus01.sys
O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys
O41 - Driver: mssmbios.inf (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: netnb.inf (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: npsvctrig.inf (npsvctrig) . (.Microsoft Corporation - Named pipe service triggers.) - C:\Windows\system32\drivers\npsvctrig.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (VBoxDrv) . (.Oracle Corporation - VirtualBox Support Driver.) - C:\Windows\system32\DRIVERS\VBoxDrv.sys
O41 - Driver: (VBoxUSBMon) . (.Oracle Corporation - VirtualBox USB Monitor Driver.) - C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
O41 - Driver: C:\Windows\System32\drivers\vwififlt.sys (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys
~ Drivers: 48 Scanned in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: "FIFA 14" - (...) [HKLM][64Bits] -- {6049054B-DB11-48E1-A583-9A565D5C8856}_is1
O42 - Logiciel: 250 TCF - (...) [HKLM][64Bits] -- {5938AC2E-7808-4A25-97A2-7DD5C9D485A9}
O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0920-000001000000}
O42 - Logiciel: AVS Audio Editor 7.1 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Audio Editor_is1
O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Update Manager_is1
O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS4YOU Software Navigator_is1
O42 - Logiciel: Action! - (.Mirillis.) [HKLM][64Bits] -- Mirillis Action!
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7B77622E-DE90-48EA-B2C7-227B1DE58A01}
O42 - Logiciel: Adobe After Effects CC 2014 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {2B22C750-5C3B-4738-B621-BA786AC7A494}
O42 - Logiciel: Adobe Flash Player 17 NPAPI - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player NPAPI
O42 - Logiciel: Adobe Photoshop CC 2014 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D7A4F897-B20A-42D0-862D-CB5F6DB7391D}
O42 - Logiciel: Aegisub 3.2.1 - (.Aegisub Team.) [HKLM][64Bits] -- {24BC8B57-716C-444F-B46B-A3349B9164C5}_is1
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {B678797F-DF38-4556-8A31-8B818E261868}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: AviSynth 2.5 - (...) [HKLM][64Bits] -- AviSynth
O42 - Logiciel: Avira Antivirus v15.0.10.434 - (.Avira Operations GmbH & Co. KG.) [HKLM][64Bits] -- Avira Antivirus
O42 - Logiciel: Beepa Fraps v3.5.9 - (...) [HKLM][64Bits] -- Beepa Fraps v3.5.9
O42 - Logiciel: BitTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- BitTorrent =>P2P.BitTorrent
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Brother MFL-Pro Suite DCP-195C - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {6BF66AED-3EA4-4106-B240-5CE96C9B76B0}
O42 - Logiciel: Brother MFL-Pro Suite DCP-J152W - (.Brother Industries, Ltd..) [HKLM][64Bits] -- {B742757A-7658-4E09-A51A-085CF0F7F4D3}
O42 - Logiciel: Byki - (.Transparent Language, Inc..) [HKLM][64Bits] -- {FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4}
O42 - Logiciel: Byki Express - (.Transparent Language, Inc..) [HKLM][64Bits] -- Byki Express
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM][64Bits] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: CPUID CPU-Z 1.70 - (...) [HKLM][64Bits] -- CPUID CPU-Z_is1
O42 - Logiciel: CPUID HWMonitor 1.26 - (...) [HKLM][64Bits] -- CPUID HWMonitor_is1
O42 - Logiciel: Calendrier de bureau 2.1.5.3390 - (.DesktopCal, Inc..) [HKCU][64Bits] -- DesktopCal
O42 - Logiciel: CamStudio 2.7.2 - (.CamStudio Open Source.) [HKLM][64Bits] -- {04B83666-3A62-452B-85D3-70F8117F2329}_is1
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
O42 - Logiciel: Combined Community Codec Pack 2014-07-13 - (.CCCP Project.) [HKLM][64Bits] -- Combined Community Codec Pack_is1
O42 - Logiciel: Connectify - (.Connectify.) [HKLM][64Bits] -- Connectify
O42 - Logiciel: Cracklock 3.9.44 - (.William Blum.) [HKLM][64Bits] -- Cracklock_is1
O42 - Logiciel: CyberGhost 5 - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost 5_is1
O42 - Logiciel: D3DGear - (.D3DGear Technologies.) [HKLM][64Bits] -- D3DGear_is1
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
O42 - Logiciel: DU Meter - (.Hagel Technologies Ltd..) [HKLM][64Bits] -- DUMeter3_is1
O42 - Logiciel: Energy Management - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}
O42 - Logiciel: Energy Management - (.Lenovo.) [HKLM][64Bits] -- {D0956C11-0F60-43FE-99AD-524E833471BB}
O42 - Logiciel: Express English - (.ONH1986.) [HKLM][64Bits] -- Express English3.9.1
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM][64Bits] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: FormatFactory 3.5.0.0 - (.Format Factory.) [HKLM][64Bits] -- FormatFactory
O42 - Logiciel: Foxit Cloud - (.Foxit Software Inc..) [HKLM][64Bits] -- {41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1
O42 - Logiciel: Foxit Reader - (.Foxit Software Inc..) [HKLM][64Bits] -- Foxit Reader_is1
O42 - Logiciel: Galerie de photos - (.Microsoft Corporation.) [HKLM][64Bits] -- {439B34FF-F74E-4807-B5E2-4B758551DA6B}
O42 - Logiciel: Genesys USB Mass Storage Device - (.Genesys Logic.) [HKLM][64Bits] -- {959B7F35-2819-40C5-A0CD-3C53B5FCC935}
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: Google Earth - (.Google.) [HKLM][64Bits] -- {4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E} =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: GreedyTorrent v1.01 beta build 170 - (.Alex N J (www.alexnj.com).) [HKLM][64Bits] -- GreedyTorrent_is1 =>P2P.GreedyTorrent
O42 - Logiciel: Guide de l’utilisateur - (.Lenovo.) [HKLM][64Bits] -- {F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: HP USB Disk Storage Format Tool - (...) [HKLM][64Bits] -- {0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM][64Bits] -- InstallShield_{06ADE2A0-E46A-4A84-A211-64CF50520185}
O42 - Logiciel: HSPA USB Modem - (.Nom de votre société.) [HKLM][64Bits] -- {06ADE2A0-E46A-4A84-A211-64CF50520185}
O42 - Logiciel: Human Anatomy Atlas 3.0.1 - (...) [HKLM][64Bits] -- Human Anatomy Atlas 3.0.1
O42 - Logiciel: ImgBurn - (.LIGHTNING UK!.) [HKLM][64Bits] -- ImgBurn
O42 - Logiciel: InfraRecorder 0.53 (x64 edition) - (.Christian Kindahl.) [HKLM][64Bits] -- {2C22EA92-CB30-4932-0053-000001000000}
O42 - Logiciel: Intel AppUp(SM) center - (.Intel.) [HKLM][64Bits] -- Intel AppUp(SM) center 33057
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Intel(R) Processor Graphics - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {E83FDB2A-C81C-403D-8FD3-A816A89AF80C}
O42 - Logiciel: Intel(R) SDK for OpenCL - CPU Only Runtime Package - (.Intel Corporation.) [HKLM][64Bits] -- {FCB3772C-B7D0-4933-B1A9-3707EBACC573}
O42 - Logiciel: Intel(R) Update Manager - (.Intel Corporation.) [HKLM][64Bits] -- {12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}
O42 - Logiciel: Intel(R) WiDi - (.Intel Corporation.) [HKLM][64Bits] -- {90621A56-901E-417D-A8CB-E8E3A6793C29}
O42 - Logiciel: Intel® PROSet/Wireless WiFi Software - (.Intel Corporation.) [HKLM][64Bits] -- {D61F48DA-627B-404E-9315-32A651B18B64}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {44B72151-611E-429D-9765-9BA093D7E48A}
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager
O42 - Logiciel: Java 8 Update 31 - (.Oracle Corporation.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83218031F0}
O42 - Logiciel: Lenovo EasyCamera - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Lenovo OneKey Recovery - (.CyberLink Corp..) [HKLM][64Bits] -- {46F4D124-20E5-4D12-BE52-EC177A7A4B42}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo PowerDVD10 - (.CyberLink Corp..) [HKLM][64Bits] -- {DEC235ED-58A4-4517-A278-C41E8DAEAB3B}
O42 - Logiciel: Lenovo VeriFace - (.Lenovo.) [HKLM][64Bits] -- Lenovo VeriFace
O42 - Logiciel: Lenovo YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Lenovo YouCam - (.CyberLink Corp..) [HKLM][64Bits] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: Logiciel Intel® PROSet/Wireless - (.Intel Corporation.) [HKLM][64Bits] -- {aaf3655f-6961-4be2-aa4e-6de4dc1dc8f4}
O42 - Logiciel: Lyrics Plugin for Windows Media Player - (.Lyrics Plugin.) [HKLM][64Bits] -- {43002AE2-4093-49E0-A03D-990EE184C568} =>.Microsoft Corporation
O42 - Logiciel: MKVToolNix 7.4.0 (64bit) - (.Moritz Bunkus.) [HKLM][64Bits] -- MKVToolNix
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: Maelstrom - (.Maelstrom.) [HKCU][64Bits] -- Maelstrom
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.6.1022 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM][64Bits] -- Maxthon3
O42 - Logiciel: Metric Collection SDK 35 - (.Lenovo Group Limited.) [HKLM][64Bits] -- {C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0117-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneDrive - (.Microsoft Corporation.) [HKCU][64Bits] -- OneDriveSetup.exe
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0409-1000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0409-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0409-1000-0000000FF1CE}
O42 - Logiciel: Mozilla Firefox 39.0 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 39.0 (x86 en-US)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA GeForce Experience 2.4.5.28 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.15.0428 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA Pilote graphique 353.06 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: Nitro Pro 8 - (.Nitro.) [HKLM][64Bits] -- {34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}
O42 - Logiciel: Onekey Theater - (.Lenovo.) [HKLM][64Bits] -- {91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}
O42 - Logiciel: Oracle VM VirtualBox 4.3.18 - (.Oracle Corporation.) [HKLM][64Bits] -- {74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}
O42 - Logiciel: Package de pilotes Windows - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) - (.Lenovo.) [HKLM][64Bits] -- 71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42
O42 - Logiciel: Package de pilotes Windows - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13. - (.Lenovo.) [HKLM][64Bits] -- 8A223E56FB1ED4F697B54E5BF96F1EB63B512684
O42 - Logiciel: Potplayer-64 Bits - (.Daum Kakao Corp..) [HKLM][64Bits] -- PotPlayer64
O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM][64Bits] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}
O42 - Logiciel: Prezi - (.Nom de votre société.) [HKLM][64Bits] -- {63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}
O42 - Logiciel: Pro Evolution Soccer 2013 - (.KONAMI.) [HKLM][64Bits] -- {C2523AE6-F335-4D0B-BC15-1C07E4ACE629}
O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1
O42 - Logiciel: Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Dr - (.Qualcomm Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}
O42 - Logiciel: REALTEK Wireless LAN Driver and Utility - (.Alfa Network, Inc..) [HKLM][64Bits] -- {9C049499-055C-4a0c-A916-1D12314F45EB}
O42 - Logiciel: REALTEK Wireless LAN Driver and Utility - (.REALTEK Semiconductor Corp..) [HKLM][64Bits] -- {9C049509-055C-4CFF-A116-1D12312225EB}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Revo Uninstaller Pro 3.0.8 - (.VS Revo Group, Ltd..) [HKLM][64Bits] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1
O42 - Logiciel: Rosetta Stone Ltd Services - (.Rosetta Stone Ltd..) [HKLM][64Bits] -- {3165E4A6-D5DE-46B0-8597-D55E2B826B84}
O42 - Logiciel: Rosetta Stone TOTALe - (.Rosetta Stone, Ltd.) [HKLM][64Bits] -- {6B6BC189-D606-4BC7-9758-E6C364F76A55}
O42 - Logiciel: SHAREit - (.Lenovo Group Limited.) [HKLM][64Bits] -- SHAREit_is1
O42 - Logiciel: Shared C Run-time for x64 - (.McAfee.) [HKLM][64Bits] -- {EF79C448-6946-4D71-8134-03407888C054}
O42 - Logiciel: Skype™ 7.1 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Sony Mobile Update Engine - (.Sony Mobile Communications AB.) [HKLM][64Bits] -- Update Engine
O42 - Logiciel: Sony PC Companion 2.10.259 - (.Sony.) [HKLM][64Bits] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}
O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM][64Bits] -- Steam
O42 - Logiciel: SugarSync Manager - (.SugarSync, Inc..) [HKLM][64Bits] -- SugarSync
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey
O42 - Logiciel: System Requirements Lab CYRI - (.Husdawg, LLC.) [HKLM][64Bits] -- {19B0831B-0C18-4103-86E4-90FCD04CD3B9}
O42 - Logiciel: TAP-Windows 9.9.2 - (...) [HKLM][64Bits] -- TAP-Windows
O42 - Logiciel: TechPowerUp GPU-Z - (.TechPowerUp.) [HKLM][64Bits] -- TechPowerUp GPU-Z
O42 - Logiciel: Tongbu Assistant 2.1.9.2 - (.Xiamen Tongbu Network Ltd..) [HKLM][64Bits] -- Tongbu2
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}
O42 - Logiciel: Update for Skype for Business 2015 (KB3054791) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{591150FB-47D4-495C-9E76-F8D354A2577D}
O42 - Logiciel: UserGuide - (.Lenovo.) [HKLM][64Bits] -- InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}
O42 - Logiciel: Virtua Tennis 4™ - (.SEGA.) [HKLM][64Bits] -- GFWL_{53450FA2-E900-456E-9715-501000008200}
O42 - Logiciel: Virtua Tennis 4™ - (.SEGA.) [HKLM][64Bits] -- {53450FA2-E900-456E-9715-501000008200}
O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM][64Bits] -- VirtualCloneDrive
O42 - Logiciel: Win32DiskImager version 0.9.5 - (.ImageWriter Developers.) [HKLM][64Bits] -- {D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst
O42 - Logiciel: Windows 7 USB/DVD Download Tool - (.Microsoft Corporation.) [HKLM][64Bits] -- {CCF298AF-9CE1-4B26-B251-486E98A34789}
O42 - Logiciel: XBMC - (.Team XBMC.) [HKCU][64Bits] -- XBMC
O42 - Logiciel: f.lux - (...) [HKCU][64Bits] -- Flux
O42 - Logiciel: ffdshow v1.3.4531 [2014-06-28] - (...) [HKLM][64Bits] -- ffdshow_is1
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM][64Bits] -- {F46AA0F1-E284-4878-A462-5F11B9166C0E}
O42 - Logiciel: jtv NIHONTV 4.8.01 - (.MediaChance.) [HKLM][64Bits] -- jtv NIHONTV 4.8.01
O42 - Logiciel: mIRC - (.mIRC Co. Ltd..) [HKLM][64Bits] -- mIRC
O42 - Logiciel: qBittorrent 3.1.12 - (.The qBittorrent project.) [HKLM][64Bits] -- qBittorrent =>P2P.BitTorrent
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent =>P2P.BitTorrent
O42 - Logiciel: دعم تطبيق Apple - (.Apple Inc..) [HKLM][64Bits] -- {78002155-F025-4070-85B3-7C0453561701}
~ Logic: 91 Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AdsFix]
[HKCU\Software\Akeo Consulting]
[HKCU\Software\Aplicaciones generadas con el Asistente para aplicaciones local]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BST]
[HKCU\Software\BVRP Software]
[HKCU\Software\Brother]
[HKCU\Software\BugSplat]
[HKCU\Software\CamStudioOpenSource for Nick]
[HKCU\Software\Canneverbe Limited]
[HKCU\Software\Chromium]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Code Sector]
[HKCU\Software\Code Systems]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Creabit]
[HKCU\Software\CyberGhost]
[HKCU\Software\CyberLink]
[HKCU\Software\D3DGear]
[HKCU\Software\DAUM]
[HKCU\Software\DSS]
[HKCU\Software\Disc Soft]
[HKCU\Software\DownloadManager]
[HKCU\Software\Drivers]
[HKCU\Software\Elaborate Bytes]
[HKCU\Software\Facebook]
[HKCU\Software\Foxit Software]
[HKCU\Software\Fraps3]
[HKCU\Software\FreeTime]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\GreedyTorrent] =>P2P.GreedyTorrent
[HKCU\Software\Haali]
[HKCU\Software\Hagel]
[HKCU\Software\IM Providers]
[HKCU\Software\ImgBurn]
[HKCU\Software\InfraRecorder]
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\Kiloo Games]
[HKCU\Software\LAV]
[HKCU\Software\Lenovo]
[HKCU\Software\MPC-HC]
[HKCU\Software\Macromedia]
[HKCU\Software\Magicbit]
[HKCU\Software\MainConcept]
[HKCU\Software\Maxthon3]
[HKCU\Software\Michael Herf]
[HKCU\Software\Mine]
[HKCU\Software\Mirage]
[HKCU\Software\Mirillis]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NITRO]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Oracle]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\PowerISO]
[HKCU\Software\QtProject]
[HKCU\Software\Realtek]
[HKCU\Software\RegisteredApplications]
[HKCU\Software\SAMP]
[HKCU\Software\Skype]
[HKCU\Software\SolidWorks]
[HKCU\Software\Sony]
[HKCU\Software\Synaptics]
[HKCU\Software\Sysinternals]
[HKCU\Software\System Requirements Lab]
[HKCU\Software\System32]
[HKCU\Software\TechSmith]
[HKCU\Software\Teiron]
[HKCU\Software\Trolltech]
[HKCU\Software\VS Revo Group]
[HKCU\Software\Valve]
[HKCU\Software\VirtualDub.org]
[HKCU\Software\VirtualdubFFMpegInputDriver]
[HKCU\Software\Visible Body]
[HKCU\Software\WKGSI]
[HKCU\Software\Win]
[HKCU\Software\Winamp]
[HKCU\Software\Wintertree]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\bunkus.org]
[HKCU\Software\ej-technologies]
[HKCU\Software\i-FunBox.com]
[HKCU\Software\iMacros]
[HKCU\Software\ihelper]
[HKCU\Software\mIRC]
[HKCU\Software\mkvmergeGUI]
[HKCU\Software\techPowerUp]
[HKCU\Software\vuuorf66uo5aokch0a2xo8nb6i5642sr]
[HKCU\Software\应用程序向导生成的本地应用程序]
[HKLM\Software\7-Zip]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdsFix]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Brother]
[HKLM\Software\CPUID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Code Sector]
[HKLM\Software\CyberGhost]
[HKLM\Software\CyberLink]
[HKLM\Software\DAUM]
[HKLM\Software\DTS]
[HKLM\Software\Dolby]
[HKLM\Software\Foxit Software]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Hagel]
[HKLM\Software\IM Providers]
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel Corporation]
[HKLM\Software\Intel]
[HKLM\Software\KONAMIPES6]
[HKLM\Software\Khronos]
[HKLM\Software\Lenovo]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nitro]
[HKLM\Software\ODBC]
[HKLM\Software\Oracle]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\SonicFocus]
[HKLM\Software\Sony Mobile]
[HKLM\Software\Synaptics]
[HKLM\Software\Sysinternals]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node\610b548c-8d28-431d-bef6-2c8e823ff180] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\8ffc9d8e-ade0-4037-84d7-9fc4d130a636] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\AGEIA Technologies]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AdsFix]
[HKLM\Software\Wow6432Node\Aegisub]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\Apple Inc.]
[HKLM\Software\Wow6432Node\Arcai]
[HKLM\Software\Wow6432Node\Avira]
[HKLM\Software\Wow6432Node\Brother Industries, Ltd.]
[HKLM\Software\Wow6432Node\Brother]
[HKLM\Software\Wow6432Node\CLE International]
[HKLM\Software\Wow6432Node\Canneverbe Limited]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Combined-Community-Codec-Pack]
[HKLM\Software\Wow6432Node\CyberGhost]
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\D3DGear]
[HKLM\Software\Wow6432Node\Disc Soft]
[HKLM\Software\Wow6432Node\EA Sports]
[HKLM\Software\Wow6432Node\Elaborate Bytes]
[HKLM\Software\Wow6432Node\Foxit Software]
[HKLM\Software\Wow6432Node\GNU]
[HKLM\Software\Wow6432Node\Genesys Logic]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\HSPA]
[HKLM\Software\Wow6432Node\HaaliMkx]
[HKLM\Software\Wow6432Node\Hagel]
[HKLM\Software\Wow6432Node\Hewlett-Packard Company]
[HKLM\Software\Wow6432Node\IM Providers]
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KONAMI]
[HKLM\Software\Wow6432Node\Khronos]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Lenovo]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\Macrovision]
[HKLM\Software\Wow6432Node\Malwarebytes Anti-Rootkit]
[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\Wow6432Node\McAfee]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\NVIDIA Corporation]
[HKLM\Software\Wow6432Node\Nalpeiron]
[HKLM\Software\Wow6432Node\Nitro]
[HKLM\Software\Wow6432Node\Nuance]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\ONH1986]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\PowerISO]
[HKLM\Software\Wow6432Node\PowerPivot]
[HKLM\Software\Wow6432Node\Qualcomm Atheros Communications Inc.]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\RtWLan]
[HKLM\Software\Wow6432Node\Sega]
[HKLM\Software\Wow6432Node\Sharpcast]
[HKLM\Software\Wow6432Node\SiteSee]
[HKLM\Software\Wow6432Node\Skype]
[HKLM\Software\Wow6432Node\Sony Mobile]
[HKLM\Software\Wow6432Node\Sony]
[HKLM\Software\Wow6432Node\SwUSB]
[HKLM\Software\Wow6432Node\Sysinternals]
[HKLM\Software\Wow6432Node\TechSmith]
[HKLM\Software\Wow6432Node\Transparent Language, Inc.]
[HKLM\Software\Wow6432Node\Valve]
[HKLM\Software\Wow6432Node\WinPcap]
[HKLM\Software\Wow6432Node\Wow6432Node]
[HKLM\Software\Wow6432Node\X-AVCSD]
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\oldsch00l]
[HKLM\Software\Wow6432Node\w0rm]
[HKLM\Software\Wow6432Node]
~ Key Software: 498 Scanned in 00mn 00s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 16-01-2015 - 23:21:19 - [] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 05-10-2014 - 20:20:17 - [] ----D C:\Program Files (x86)\Aegisub
O43 - CFD: 13-09-2014 - 21:55:42 - [] ----D C:\Program Files (x86)\Apple Software Update =>.Apple Inc
O43 - CFD: 14-06-2015 - 12:49:18 - [] ----D C:\Program Files (x86)\Avira
O43 - CFD: 14-08-2014 - 20:13:38 - [] ----D C:\Program Files (x86)\AviSynth 2.5
O43 - CFD: 08-01-2015 - 21:17:31 - [] ----D C:\Program Files (x86)\AVS4YOU
O43 - CFD: 05-12-2014 - 12:56:39 - [] ----D C:\Program Files (x86)\Beepa Fraps v3.5.9
O43 - CFD: 13-09-2014 - 21:55:31 - [] ----D C:\Program Files (x86)\Bonjour
O43 - CFD: 29-04-2015 - 22:24:37 - [] ----D C:\Program Files (x86)\Brother
O43 - CFD: 29-04-2015 - 22:24:25 - [] ----D C:\Program Files (x86)\Browny02
O43 - CFD: 13-05-2015 - 11:32:39 - [] ----D C:\Program Files (x86)\CDBurnerXP
O43 - CFD: 25-12-2013 - 1:52:12 - [] ----D C:\Program Files (x86)\Cisco
O43 - CFD: 05-11-2014 - 11:37:26 - [] ----D C:\Program Files (x86)\CLE International
O43 - CFD: 16-08-2014 - 13:08:47 - [] ----D C:\Program Files (x86)\Combined Community Codec Pack
O43 - CFD: 06-02-2015 - 22:13:23 - [] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 15-06-2015 - 19:23:18 - [] ----D C:\Program Files (x86)\Connectify
O43 - CFD: 29-04-2015 - 22:24:24 - [] ----D C:\Program Files (x86)\ControlCenter4
O43 - CFD: 09-05-2015 - 22:18:48 - [] ----D C:\Program Files (x86)\Cracklock
O43 - CFD: 25-12-2013 - 2:09:30 - [] ----D C:\Program Files (x86)\Cyberlink
O43 - CFD: 16-01-2015 - 23:20:16 - [] ----D C:\Program Files (x86)\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 08-08-2014 - 7:22:36 - [] ----D C:\Program Files (x86)\DU Meter
O43 - CFD: 05-08-2014 - 6:21:53 - [] ----D C:\Program Files (x86)\Elaborate Bytes
O43 - CFD: 26-08-2014 - 4:31:56 - [] ----D C:\Program Files (x86)\ffdshow
O43 - CFD: 04-08-2014 - 14:01:54 - [] ----D C:\Program Files (x86)\Foxit Software
O43 - CFD: 13-08-2014 - 0:19:13 - [] ----D C:\Program Files (x86)\Gifcam
O43 - CFD: 25-10-2014 - 7:58:26 - [] ----D C:\Program Files (x86)\Google
O43 - CFD: 30-08-2014 - 20:28:47 - [] ----D C:\Program Files (x86)\GPU-Z
O43 - CFD: 13-03-2015 - 20:02:54 - [] ----D C:\Program Files (x86)\GreedyTorrent =>P2P.GreedyTorrent
O43 - CFD: 04-01-2015 - 23:06:00 - [] ----D C:\Program Files (x86)\HSPA USB Modem
O43 - CFD: 12-02-2015 - 11:58:10 - [] ----D C:\Program Files (x86)\ImageWriter
O43 - CFD: 11-03-2015 - 11:26:28 - [] ----D C:\Program Files (x86)\ImgBurn
O43 - CFD: 01-05-2015 - 9:25:01 - [] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 03-12-2014 - 18:59:27 - [] ----D C:\Program Files (x86)\Intel
O43 - CFD: 13-06-2015 - 22:15:48 - [] ----D C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 12-06-2015 - 22:18:11 - [] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 13-09-2014 - 21:56:38 - [] ----D C:\Program Files (x86)\iTunes
O43 - CFD: 23-01-2015 - 21:55:02 - [] ----D C:\Program Files (x86)\Java
O43 - CFD: 06-09-2014 - 20:15:33 - [] ----D C:\Program Files (x86)\KONAMI
O43 - CFD: 14-12-2014 - 23:09:13 - [] ----D C:\Program Files (x86)\Lenovo
O43 - CFD: 15-06-2015 - 11:11:50 - [] ----D C:\Program Files (x86)\Malwarebytes Anti-Malware
O43 - CFD: 15-05-2015 - 23:59:58 - [] ----D C:\Program Files (x86)\Maxthon
O43 - CFD: 03-10-2014 - 9:11:57 - [] ----D C:\Program Files (x86)\MediaChance
O43 - CFD: 30-12-2014 - 12:38:28 - [] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 11-01-2015 - 14:48:29 - [] ----D C:\Program Files (x86)\Microsoft ASP.NET
O43 - CFD: 25-12-2013 - 2:04:48 - [] ----D C:\Program Files (x86)\Microsoft Office
O43 - CFD: 14-05-2015 - 12:27:10 - [] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 01-09-2014 - 20:03:37 - [] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 30-12-2014 - 12:42:09 - [] ----D C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 08-01-2015 - 20:54:15 - [] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 17-01-2015 - 13:08:52 - [] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 10-10-2014 - 18:33:13 - [] ----D C:\Program Files (x86)\mIRC
O43 - CFD: 05-12-2014 - 18:45:08 - [] ----D C:\Program Files (x86)\Mirillis
O43 - CFD: 26-11-2014 - 12:25:36 - [] ----D C:\Program Files (x86)\MKVToolNix
O43 - CFD: 15-06-2015 - 8:05:13 - [] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 15-06-2015 - 11:11:50 - [] ----D C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 03-12-2014 - 18:26:20 - [] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 27-09-2014 - 1:04:22 - [0] ----D C:\Program Files (x86)\Myjad
O43 - CFD: 25-12-2013 - 2:14:18 - [0] ----D C:\Program Files (x86)\New Folder
O43 - CFD: 25-12-2013 - 2:05:36 - [] ----D C:\Program Files (x86)\Nitro
O43 - CFD: 03-12-2014 - 18:59:29 - [] ----D C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 24-10-2014 - 13:01:04 - [] ----D C:\Program Files (x86)\ONH1986
O43 - CFD: 05-12-2014 - 12:56:57 - [] ----D C:\Program Files (x86)\Portable
O43 - CFD: 09-05-2015 - 22:42:43 - [] ----D C:\Program Files (x86)\Prezi
O43 - CFD: 14-06-2015 - 15:10:39 - [] ----D C:\Program Files (x86)\Pro Evolution Soccer 2015
O43 - CFD: 11-03-2015 - 19:19:43 - [] ----D C:\Program Files (x86)\qBittorrent =>P2P.BitTorrent
O43 - CFD: 09-10-2014 - 9:00:14 - [] ----D C:\Program Files (x86)\Realtek
O43 - CFD: 03-12-2014 - 18:26:20 - [] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 16-01-2015 - 23:08:36 - [] ----D C:\Program Files (x86)\Rosetta Stone
O43 - CFD: 16-01-2015 - 23:08:18 - [] ----D C:\Program Files (x86)\RosettaStoneLtdServices
O43 - CFD: 26-08-2014 - 4:14:36 - [] ----D C:\Program Files (x86)\Sega
O43 - CFD: 04-02-2015 - 0:56:28 - [] R---D C:\Program Files (x86)\Skype
O43 - CFD: 10-09-2014 - 15:35:43 - [] ----D C:\Program Files (x86)\Sony
O43 - CFD: 10-09-2014 - 21:08:23 - [] ----D C:\Program Files (x86)\Sony Mobile
O43 - CFD: 25-12-2013 - 2:09:54 - [] ----D C:\Program Files (x86)\SugarSync
O43 - CFD: 10-08-2014 - 10:41:10 - [] ----D C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 06-02-2015 - 22:15:21 - [0] ----D C:\Program Files (x86)\TechSmith
O43 - CFD: 25-12-2013 - 1:46:14 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 13-03-2015 - 16:06:08 - [] ----D C:\Program Files (x86)\Tongbu
O43 - CFD: 24-10-2014 - 18:14:31 - [] ----D C:\Program Files (x86)\Transparent
O43 - CFD: 27-09-2014 - 2:15:33 - [] ----D C:\Program Files (x86)\Visible Body - Cracked by m!DVT
O43 - CFD: 29-08-2014 - 0:56:29 - [0] ----D C:\Program Files (x86)\Webteh
O43 - CFD: 11-03-2015 - 5:30:17 - [] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 08-01-2015 - 20:54:14 - [] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 08-03-2015 - 17:36:45 - [] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 08-03-2015 - 17:36:45 - [] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 08-03-2015 - 17:36:45 - [] ----D C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 22-08-2013 - 16:36:30 - [] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 08-03-2015 - 17:36:45 - [] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 08-03-2015 - 17:36:45 - [] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 03-12-2014 - 18:59:34 - [] -SH-D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 22-08-2013 - 16:36:30 - [] ----D C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 11-02-2015 - 23:32:37 - [] ----D C:\Program Files (x86)\winMd5Sum
O43 - CFD: 08-08-2014 - 15:46:21 - [] ----D C:\Program Files (x86)\WinPcap
O43 - CFD: 12-08-2014 - 20:20:02 - [] ----D C:\Program Files (x86)\XBMC
O43 - CFD: 15-06-2015 - 14:44:33 - [] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 21-08-2014 - 12:45:20 - [] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 16-01-2015 - 23:21:19 - [] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 13-09-2014 - 21:56:18 - [] ----D C:\Program Files (x86)\Common Files\Apple
O43 - CFD: 08-01-2015 - 21:17:28 - [] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 05-09-2014 - 12:05:58 - [] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 03-12-2014 - 18:45:40 - [] ----D C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 25-12-2013 - 1:44:13 - [] ----D C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 23-01-2015 - 21:54:49 - [] ----D C:\Program Files (x86)\Common Files\Java
O43 - CFD: 14-12-2014 - 23:09:11 - [] ----D C:\Program Files (x86)\Common Files\LENOVO
O43 - CFD: 16-01-2015 - 23:23:51 - [] ----D C:\Program Files (x86)\Common Files\Macrovision Shared
O43 - CFD: 30-12-2014 - 12:41:34 - [] ----D C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 25-12-2013 - 2:05:36 - [] ----D C:\Program Files (x86)\Common Files\Nitro
O43 - CFD: 25-12-2013 - 1:43:19 - [] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 22-08-2013 - 16:36:33 - [] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 04-02-2015 - 0:56:28 - [] ----D C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 14-06-2015 - 14:38:33 - [] ----D C:\Program Files (x86)\Common Files\Steam
O43 - CFD: 08-03-2015 - 17:36:43 - [] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 08-01-2015 - 20:51:59 - [] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 13-09-2014 - 21:56:38 - [] ----D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
O43 - CFD: 16-01-2015 - 23:21:22 - [] ----D C:\ProgramData\Adobe
O43 - CFD: 13-09-2014 - 21:55:40 - [] ----D C:\ProgramData\Apple
O43 - CFD: 13-09-2014 - 21:56:18 - [] ----D C:\ProgramData\Apple Computer
O43 - CFD: 22-08-2013 - 15:45:52 - [] -SH-D C:\ProgramData\Application Data
O43 - CFD: 14-06-2015 - 14:30:38 - [] ----D C:\ProgramData\Avira
O43 - CFD: 15-08-2014 - 2:20:29 - [] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 21-11-2014 - 22:27:24 - [] ----D C:\ProgramData\Brother
O43 - CFD: 04-08-2014 - 19:17:39 - [] -SH-D C:\ProgramData\Bureau
O43 - CFD: 13-05-2015 - 11:32:44 - [] ----D C:\ProgramData\Canneverbe Limited
O43 - CFD: 24-01-2015 - 17:47:04 - [] ----D C:\ProgramData\Connectify
O43 - CFD: 29-04-2015 - 22:24:24 - [] ----D C:\ProgramData\ControlCenter4
O43 - CFD: 04-08-2014 - 19:48:52 - [] ----D C:\ProgramData\CyberLink
O43 - CFD: 16-01-2015 - 23:23:07 - [] ----D C:\ProgramData\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 22-08-2013 - 15:45:52 - [] -SH-D C:\ProgramData\Desktop
O43 - CFD: 22-08-2013 - 15:45:52 - [] -SH-D C:\ProgramData\Documents
O43 - CFD: 25-12-2013 - 2:14:21 - [] ----D C:\ProgramData\Downloaded Installations
O43 - CFD: 03-12-2014 - 20:57:21 - [] ----D C:\ProgramData\EICRA GAMER
O43 - CFD: 27-08-2014 - 4:04:13 - [] ----D C:\ProgramData\Electronic Arts
O43 - CFD: 20-08-2014 - 19:08:23 - [] ----D C:\ProgramData\Energy Management
O43 - CFD: 16-01-2015 - 23:23:52 - [] ----D C:\ProgramData\FLEXnet
O43 - CFD: 08-08-2014 - 7:20:33 - [] ----D C:\ProgramData\Hagel Technologies
O43 - CFD: 04-08-2014 - 13:00:46 - [0] ----D C:\ProgramData\IDM
O43 - CFD: 24-08-2014 - 14:06:21 - [] ----D C:\ProgramData\Intel
O43 - CFD: 25-12-2013 - 1:57:24 - [] ----D C:\ProgramData\Intel(R) Update Manager
O43 - CFD: 25-12-2013 - 1:52:10 - [] ----D C:\ProgramData\Intel.sav
O43 - CFD: 03-01-2015 - 1:05:32 - [] ----D C:\ProgramData\Kaspersky Lab
O43 - CFD: 14-06-2015 - 15:24:24 - [] ----D C:\ProgramData\KONAMI
O43 - CFD: 25-12-2013 - 2:10:31 - [] ----D C:\ProgramData\Lenovo
O43 - CFD: 14-06-2015 - 21:48:56 - [] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 15-06-2015 - 14:22:24 - [] ----D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
O43 - CFD: 20-09-2014 - 12:29:11 - [] ----D C:\ProgramData\McAfee
O43 - CFD: 04-08-2014 - 19:17:39 - [] -SH-D C:\ProgramData\Menu Démarrer
O43 - CFD: 08-03-2015 - 7:24:44 - [] -S--D C:\ProgramData\Microsoft
O43 - CFD: 14-06-2015 - 17:17:54 - [] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 01-09-2014 - 20:03:33 - [] ----D C:\ProgramData\Microsoft OneDrive
O43 - CFD: 30-12-2014 - 16:53:22 - [] ----D C:\ProgramData\Microsoft Toolkit
O43 - CFD: 05-12-2014 - 12:32:23 - [] ----D C:\ProgramData\Mirillis
O43 - CFD: 04-08-2014 - 19:17:39 - [] -SH-D C:\ProgramData\Modèles
O43 - CFD: 11-08-2014 - 12:42:43 - [] ----D C:\ProgramData\Mozilla
O43 - CFD: 25-12-2013 - 2:05:36 - [] ----D C:\ProgramData\Nitro
O43 - CFD: 14-06-2015 - 13:47:49 - [] ----D C:\ProgramData\NVIDIA
O43 - CFD: 14-06-2015 - 13:53:45 - [] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 26-08-2014 - 19:41:30 - [0] ----D C:\ProgramData\Office2013
O43 - CFD: 25-12-2013 - 2:16:16 - [] ----D C:\ProgramData\OneKey Recovery
O43 - CFD: 23-01-2015 - 22:09:27 - [] ----D C:\ProgramData\Oracle
O43 - CFD: 05-10-2014 - 20:20:14 - [] ----D C:\ProgramData\Package Cache
O43 - CFD: 03-12-2014 - 18:59:43 - [] ----D C:\ProgramData\PRICache
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 08-03-2015 - 17:36:42 - [] ----D C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 25-12-2013 - 1:52:40 - [] ----D C:\ProgramData\Roaming
O43 - CFD: 16-01-2015 - 23:08:36 - [] ----D C:\ProgramData\Rosetta Stone
O43 - CFD: 16-01-2015 - 23:08:36 - [] ----D C:\ProgramData\Rosetta Stone Backups
O43 - CFD: 16-01-2015 - 23:08:18 - [] ----D C:\ProgramData\RosettaStoneLtdServices
O43 - CFD: 04-02-2015 - 0:56:32 - [] ----D C:\ProgramData\Skype
O43 - CFD: 10-09-2014 - 15:35:43 - [] ----D C:\ProgramData\Sony
O43 - CFD: 10-09-2014 - 21:08:23 - [] ----D C:\ProgramData\Sony Mobile
O43 - CFD: 22-08-2013 - 15:45:52 - [] -SH-D C:\ProgramData\Start Menu
O43 - CFD: 14-06-2015 - 15:11:00 - [] ----D C:\ProgramData\Steam
O43 - CFD: 09-08-2014 - 10:35:09 - [] ----D C:\ProgramData\Sun
O43 - CFD: 10-08-2014 - 10:41:10 - [] ----D C:\ProgramData\SystemRequirementsLab
O43 - CFD: 25-12-2013 - 2:16:05 - [] ----D C:\ProgramData\Temp
O43 - CFD: 22-08-2013 - 15:45:52 - [] -SH-D C:\ProgramData\Templates
O43 - CFD: 24-10-2014 - 18:14:31 - [] ----D C:\ProgramData\Transparent
O43 - CFD: 17-08-2014 - 22:58:33 - [] ----D C:\ProgramData\VS Revo Group
O43 - CFD: 03-12-2014 - 19:03:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 08-03-2015 - 17:40:20 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 11-03-2015 - 5:30:18 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 14-06-2015 - 15:31:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 03-12-2014 - 19:03:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alfa 11n USB Wireless LAN Utility
O43 - CFD: 14-06-2015 - 14:31:57 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
O43 - CFD: 08-01-2015 - 21:17:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 05-12-2014 - 12:56:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beepa Fraps v3.5.9
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
O43 - CFD: 24-01-2015 - 17:40:22 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
O43 - CFD: 17-01-2015 - 12:37:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
O43 - CFD: 09-05-2015 - 22:18:47 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cracklock
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
O43 - CFD: 05-12-2014 - 12:46:32 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D3DGear
O43 - CFD: 16-01-2015 - 23:20:24 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 03-12-2014 - 18:59:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
O43 - CFD: 03-12-2014 - 19:03:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
O43 - CFD: 03-12-2014 - 18:59:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
O43 - CFD: 24-09-2014 - 10:21:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
O43 - CFD: 05-05-2015 - 22:37:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
O43 - CFD: 06-02-2015 - 22:22:16 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth =>.Google Inc
O43 - CFD: 13-03-2015 - 20:02:54 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GreedyTorrent =>P2P.GreedyTorrent
O43 - CFD: 11-02-2015 - 1:46:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
O43 - CFD: 04-01-2015 - 22:51:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HSPA USB Modem
O43 - CFD: 12-02-2015 - 11:58:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
O43 - CFD: 11-03-2015 - 11:26:28 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
O43 - CFD: 08-03-2015 - 7:52:07 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center
O43 - CFD: 03-12-2014 - 18:59:39 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
O43 - CFD: 03-12-2014 - 19:03:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
O43 - CFD: 13-06-2015 - 22:15:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
O43 - CFD: 23-01-2015 - 21:54:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 03-12-2014 - 18:59:40 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KONAMI
O43 - CFD: 16-12-2014 - 23:45:04 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
O43 - CFD: 22-08-2013 - 16:36:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 15-06-2015 - 7:13:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 15-05-2015 - 23:59:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 14-06-2015 - 17:17:21 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 13-05-2015 - 18:50:31 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
O43 - CFD: 05-12-2014 - 18:45:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mirillis
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
O43 - CFD: 27-09-2014 - 1:04:21 - [0] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Myjad
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 03-12-2014 - 19:03:30 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneKey Recovery
O43 - CFD: 22-12-2014 - 13:09:27 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PESEdit.com 2013 Patch
O43 - CFD: 11-03-2015 - 19:19:44 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent =>P2P.BitTorrent
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
O43 - CFD: 16-01-2015 - 23:08:36 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
O43 - CFD: 04-02-2015 - 0:56:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 01-05-2015 - 9:25:06 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
O43 - CFD: 14-06-2015 - 15:31:39 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 13-06-2015 - 23:23:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
O43 - CFD: 08-03-2015 - 17:40:24 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 24-09-2014 - 7:17:17 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 03-12-2014 - 18:59:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tongbu Network
O43 - CFD: 03-12-2014 - 18:59:41 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transparent Language, Inc
O43 - CFD: 11-02-2015 - 23:32:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winMd5Sum
O43 - CFD: 03-12-2014 - 19:03:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 15-06-2015 - 14:44:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman
O43 - CFD: 04-08-2014 - 14:33:26 - [] ----D C:\Users\TAREKO\AppData\Roaming\Acapela Group
O43 - CFD: 16-01-2015 - 23:21:22 - [] ----D C:\Users\TAREKO\AppData\Roaming\Adobe
O43 - CFD: 12-05-2015 - 23:28:09 - [] ----D C:\Users\TAREKO\AppData\Roaming\Aegisub
O43 - CFD: 15-10-2014 - 13:20:33 - [] ----D C:\Users\TAREKO\AppData\Roaming\ahelper
O43 - CFD: 14-09-2014 - 16:34:46 - [] ----D C:\Users\TAREKO\AppData\Roaming\Apple Computer
O43 - CFD: 14-06-2015 - 14:31:55 - [] ----D C:\Users\TAREKO\AppData\Roaming\Avira
O43 - CFD: 08-01-2015 - 21:17:45 - [] ----D C:\Users\TAREKO\AppData\Roaming\AVS4YOU
O43 - CFD: 15-06-2015 - 20:54:56 - [] ----D C:\Users\TAREKO\AppData\Roaming\BitTorrent =>P2P.BitTorrent
O43 - CFD: 15-06-2015 - 20:38:21 - [] ----D C:\Users\TAREKO\AppData\Roaming\BitTorrent Maelstrom =>P2P.BitTorrent
O43 - CFD: 31-08-2014 - 14:27:08 - [] R---D C:\Users\TAREKO\AppData\Roaming\Brother
O43 - CFD: 29-08-2014 - 0:56:27 - [] ----D C:\Users\TAREKO\AppData\Roaming\BSplayer PRO
O43 - CFD: 13-05-2015 - 11:32:40 - [] ----D C:\Users\TAREKO\AppData\Roaming\Canneverbe Limited
O43 - CFD: 09-05-2015 - 22:23:14 - [] ----D C:\Users\TAREKO\AppData\Roaming\com.prezi.PreziDesktop
O43 - CFD: 29-04-2015 - 22:33:26 - [] ----D C:\Users\TAREKO\AppData\Roaming\ControlCenter4
O43 - CFD: 20-03-2015 - 19:30:10 - [] ----D C:\Users\TAREKO\AppData\Roaming\CoSoSys
O43 - CFD: 04-08-2014 - 19:48:42 - [] ----D C:\Users\TAREKO\AppData\Roaming\CyberLink
O43 - CFD: 15-06-2015 - 20:41:02 - [] ----D C:\Users\TAREKO\AppData\Roaming\DAEMON Tools Lite =>.DT Soft Ltd
O43 - CFD: 28-09-2014 - 20:43:10 - [] ----D C:\Users\TAREKO\AppData\Roaming\Dangle
O43 - CFD: 12-01-2015 - 1:07:12 - [] ----D C:\Users\TAREKO\AppData\Roaming\DesktopCal
O43 - CFD: 15-06-2015 - 15:28:39 - [] ----D C:\Users\TAREKO\AppData\Roaming\DMCache
O43 - CFD: 10-06-2015 - 19:12:45 - [] ----D C:\Users\TAREKO\AppData\Roaming\DownloadNinja
O43 - CFD: 04-08-2014 - 13:53:04 - [0] ----D C:\Users\TAREKO\AppData\Roaming\EncryptStick
O43 - CFD: 08-01-2015 - 18:39:27 - [] ----D C:\Users\TAREKO\AppData\Roaming\Faasoft Video Converter
O43 - CFD: 04-09-2014 - 10:02:31 - [] ----D C:\Users\TAREKO\AppData\Roaming\FireShot
O43 - CFD: 29-01-2015 - 18:22:35 - [] ----D C:\Users\TAREKO\AppData\Roaming\fontconfig
O43 - CFD: 06-12-2014 - 23:07:24 - [] ----D C:\Users\TAREKO\AppData\Roaming\Foxit Software
O43 - CFD: 16-05-2015 - 13:09:37 - [] ----D C:\Users\TAREKO\AppData\Roaming\googleico
O43 - CFD: 03-12-2014 - 19:17:03 - [] ----D C:\Users\TAREKO\AppData\Roaming\Identities
O43 - CFD: 15-06-2015 - 20:41:02 - [] ----D C:\Users\TAREKO\AppData\Roaming\IDM
O43 - CFD: 15-09-2014 - 0:35:13 - [] ----D C:\Users\TAREKO\AppData\Roaming\iFunbox_UserCache
O43 - CFD: 11-03-2015 - 13:40:05 - [] ----D C:\Users\TAREKO\AppData\Roaming\ImgBurn
O43 - CFD: 27-09-2014 - 0:45:31 - [] ----D C:\Users\TAREKO\AppData\Roaming\iMobie
O43 - CFD: 11-03-2015 - 11:32:00 - [] ----D C:\Users\TAREKO\AppData\Roaming\InfraRecorder
O43 - CFD: 12-08-2014 - 15:12:59 - [] ----D C:\Users\TAREKO\AppData\Roaming\InstallShield
O43 - CFD: 04-08-2014 - 19:23:38 - [] ----D C:\Users\TAREKO\AppData\Roaming\Intel
O43 - CFD: 04-08-2014 - 19:26:47 - [] ----D C:\Users\TAREKO\AppData\Roaming\Intel Corporation
O43 - CFD: 04-08-2014 - 20:08:40 - [] ----D C:\Users\TAREKO\AppData\Roaming\Macromedia
O43 - CFD: 16-05-2015 - 0:00:06 - [] ----D C:\Users\TAREKO\AppData\Roaming\Maxthon3
O43 - CFD: 14-05-2015 - 21:27:12 - [] -S--D C:\Users\TAREKO\AppData\Roaming\Microsoft
O43 - CFD: 10-10-2014 - 21:11:09 - [] ----D C:\Users\TAREKO\AppData\Roaming\mIRC
O43 - CFD: 05-12-2014 - 12:32:23 - [] ----D C:\Users\TAREKO\AppData\Roaming\Mirillis
O43 - CFD: 29-08-2014 - 4:02:08 - [0] ----D C:\Users\TAREKO\AppData\Roaming\mkvtoolnix
O43 - CFD: 11-08-2014 - 12:43:07 - [] ----D C:\Users\TAREKO\AppData\Roaming\Mozilla
O43 - CFD: 17-08-2014 - 23:09:31 - [] ----D C:\Users\TAREKO\AppData\Roaming\MPC-HC
O43 - CFD: 12-05-2015 - 23:00:34 - [0] ----D C:\Users\TAREKO\AppData\Roaming\mpv
O43 - CFD: 05-11-2014 - 22:18:55 - [] ----D C:\Users\TAREKO\AppData\Roaming\Nitro
O43 - CFD: 16-10-2014 - 23:37:08 - [] ----D C:\Users\TAREKO\AppData\Roaming\Nitro PDF
O43 - CFD: 15-06-2015 - 12:57:01 - [] ----D C:\Users\TAREKO\AppData\Roaming\NVIDIA
O43 - CFD: 09-08-2014 - 20:28:38 - [] ----D C:\Users\TAREKO\AppData\Roaming\Oracle
O43 - CFD: 28-08-2014 - 23:51:03 - [] ----D C:\Users\TAREKO\AppData\Roaming\PotPlayerMini64
O43 - CFD: 11-03-2015 - 19:21:13 - [] ----D C:\Users\TAREKO\AppData\Roaming\qBittorrent =>P2P.BitTorrent
O43 - CFD: 19-12-2014 - 11:56:39 - [] ----D C:\Users\TAREKO\AppData\Roaming\reaper
O43 - CFD: 12-06-2015 - 21:40:12 - [] ----D C:\Users\TAREKO\AppData\Roaming\Skype
O43 - CFD: 01-01-2015 - 9:54:46 - [] ----D C:\Users\TAREKO\AppData\Roaming\SolidWorks
O43 - CFD: 29-08-2014 - 2:01:42 - [] ----D C:\Users\TAREKO\AppData\Roaming\TechSmith
O43 - CFD: 15-10-2014 - 13:20:32 - [] ----D C:\Users\TAREKO\AppData\Roaming\Teiron
O43 - CFD: 13-08-2014 - 16:07:35 - [] ----D C:\Users\TAREKO\AppData\Roaming\TeraCopy
O43 - CFD: 01-01-2015 - 9:54:29 - [] ----D C:\Users\TAREKO\AppData\Roaming\Thinstall
O43 - CFD: 19-02-2015 - 18:14:04 - [] ----D C:\Users\TAREKO\AppData\Roaming\uTorrent =>P2P.µTorrent
O43 - CFD: 22-08-2014 - 22:40:16 - [] ----D C:\Users\TAREKO\AppData\Roaming\XBMC
O43 - CFD: 15-06-2015 - 21:01:23 - [] ----D C:\Users\TAREKO\AppData\Roaming\ZHP =>.Nicolas Coolman
O43 - CFD: 12-06-2015 - 22:49:05 - [] ----D C:\Users\TAREKO\AppData\Local\Adobe
O43 - CFD: 30-12-2014 - 20:48:54 - [] ----D C:\Users\TAREKO\AppData\Local\Aegisub
O43 - CFD: 13-09-2014 - 21:55:42 - [] ----D C:\Users\TAREKO\AppData\Local\Apple
O43 - CFD: 13-09-2014 - 21:57:03 - [] ----D C:\Users\TAREKO\AppData\Local\Apple Computer
O43 - CFD: 03-12-2014 - 18:55:33 - [] -SH-D C:\Users\TAREKO\AppData\Local\Application Data
O43 - CFD: 17-01-2015 - 12:43:22 - [0] ----D C:\Users\TAREKO\AppData\Local\CrashDumps
O43 - CFD: 02-12-2014 - 9:28:41 - [] ----D C:\Users\TAREKO\AppData\Local\CyberGhost
O43 - CFD: 04-08-2014 - 19:48:29 - [] ----D C:\Users\TAREKO\AppData\Local\CyberLink
O43 - CFD: 11-03-2015 - 9:36:38 - [0] ----D C:\Users\TAREKO\AppData\Local\Diagnostics
O43 - CFD: 27-09-2014 - 0:46:01 - [] ----D C:\Users\TAREKO\AppData\Local\DigiDNA
O43 - CFD: 03-12-2014 - 19:34:46 - [] -SH-D C:\Users\TAREKO\AppData\Local\EmieBrowserModeList
O43 - CFD: 03-12-2014 - 19:34:46 - [] -SH-D C:\Users\TAREKO\AppData\Local\EmieSiteList
O43 - CFD: 03-12-2014 - 19:34:46 - [] -SH-D C:\Users\TAREKO\AppData\Local\EmieUserList
O43 - CFD: 04-02-2015 - 0:48:34 - [] ----D C:\Users\TAREKO\AppData\Local\Facebook
O43 - CFD: 08-03-2015 - 7:26:32 - [] ----D C:\Users\TAREKO\AppData\Local\FluxSoftware
O43 - CFD: 29-08-2014 - 0:58:52 - [] ----D C:\Users\TAREKO\AppData\Local\fontconfig
O43 - CFD: 08-05-2015 - 18:44:08 - [] ----D C:\Users\TAREKO\AppData\Local\Foxit Reader
O43 - CFD: 27-08-2014 - 4:02:52 - [] ----D C:\Users\TAREKO\AppData\Local\Game Updater
O43 - CFD: 25-10-2014 - 7:58:26 - [] ----D C:\Users\TAREKO\AppData\Local\Google
O43 - CFD: 06-06-2015 - 19:17:54 - [] ----D C:\Users\TAREKO\AppData\Local\GWX
O43 - CFD: 03-12-2014 - 18:55:33 - [] -SH-D C:\Users\TAREKO\AppData\Local\Historique
O43 - CFD: 04-08-2014 - 17:20:57 - [] ----D C:\Users\TAREKO\AppData\Local\Intel_Corporation
O43 - CFD: 15-12-2014 - 17:55:49 - [] ----D C:\Users\TAREKO\AppData\Local\Lenovo
O43 - CFD: 20-08-2014 - 11:57:14 - [] ----D C:\Users\TAREKO\AppData\Local\Macromedia
O43 - CFD: 11-06-2015 - 23:01:08 - [] ----D C:\Users\TAREKO\AppData\Local\Maelstrom
O43 - CFD: 20-02-2015 - 14:50:58 - [] ----D C:\Users\TAREKO\AppData\Local\Microsoft
O43 - CFD: 30-12-2014 - 12:38:23 - [0] ----D C:\Users\TAREKO\AppData\Local\Microsoft Help
O43 - CFD: 05-12-2014 - 17:56:24 - [] ----D C:\Users\TAREKO\AppData\Local\Mirillis
O43 - CFD: 11-08-2014 - 12:43:07 - [] ----D C:\Users\TAREKO\AppData\Local\Mozilla
O43 - CFD: 27-09-2014 - 0:43:42 - [] ----D C:\Users\TAREKO\AppData\Local\Myjad_Inc
O43 - CFD: 04-08-2014 - 14:52:47 - [] ----D C:\Users\TAREKO\AppData\Local\NVIDIA
O43 - CFD: 04-08-2014 - 16:14:44 - [] ----D C:\Users\TAREKO\AppData\Local\NVIDIA Corporation
O43 - CFD: 14-06-2015 - 17:45:03 - [] ----D C:\Users\TAREKO\AppData\Local\Packages
O43 - CFD: 13-09-2014 - 22:54:23 - [0] ----D C:\Users\TAREKO\AppData\Local\pangu
O43 - CFD: 04-08-2014 - 13:49:39 - [] ----D C:\Users\TAREKO\AppData\Local\Programs
O43 - CFD: 11-03-2015 - 19:20:50 - [] ----D C:\Users\TAREKO\AppData\Local\qBittorrent =>P2P.BitTorrent
O43 - CFD: 27-08-2014 - 3:19:28 - [] ----D C:\Users\TAREKO\AppData\Local\Setup Integrity Check
O43 - CFD: 04-02-2015 - 0:56:34 - [] ----D C:\Users\TAREKO\AppData\Local\Skype
O43 - CFD: 11-09-2014 - 0:22:15 - [] ----D C:\Users\TAREKO\AppData\Local\Sony
O43 - CFD: 24-09-2014 - 10:00:45 - [0] ----D C:\Users\TAREKO\AppData\Local\Spoon
O43 - CFD: 13-06-2015 - 23:36:26 - [] ----D C:\Users\TAREKO\AppData\Local\Steam
O43 - CFD: 29-08-2014 - 2:13:04 - [] ----D C:\Users\TAREKO\AppData\Local\TechSmith
O43 - CFD: 15-06-2015 - 20:59:47 - [] ----D C:\Users\TAREKO\AppData\Local\Temp
O43 - CFD: 03-12-2014 - 18:55:33 - [] -SH-D C:\Users\TAREKO\AppData\Local\Temporary Internet Files
O43 - CFD: 05-11-2014 - 12:32:07 - [] ----D C:\Users\TAREKO\AppData\Local\VirtualStore
O43 - CFD: 17-08-2014 - 22:58:35 - [] ----D C:\Users\TAREKO\AppData\Local\VS Revo Group
O43 - CFD: 14-03-2015 - 1:49:16 - [] ----D C:\Users\TAREKO\AppData\Local\Windows Live
O43 - CFD: 03-12-2014 - 18:56:48 - [] R---D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 22-08-2013 - 16:36:32 - [] R---D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 11-03-2015 - 9:12:54 - [] R---D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14-08-2014 - 20:13:21 - [0] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
O43 - CFD: 08-01-2015 - 21:17:29 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
O43 - CFD: 01-01-2015 - 0:51:44 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Calendrier de bureau
O43 - CFD: 15-06-2015 - 19:25:46 - [0] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
O43 - CFD: 08-03-2015 - 7:26:34 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
O43 - CFD: 08-01-2015 - 18:33:47 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 14-01-2015 - 14:16:40 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 11-03-2015 - 11:29:17 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InfraRecorder
O43 - CFD: 13-06-2015 - 22:15:10 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 03-12-2014 - 18:56:48 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
O43 - CFD: 08-05-2015 - 14:47:05 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maelstrom
O43 - CFD: 22-08-2013 - 16:36:32 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 03-12-2014 - 18:56:48 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ONH1986
O43 - CFD: 05-12-2014 - 12:56:58 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
O43 - CFD: 21-10-2014 - 12:14:56 - [0] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
O43 - CFD: 11-03-2015 - 9:12:54 - [] R---D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 03-12-2014 - 18:56:48 - [] R---D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 03-12-2014 - 19:03:29 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
O43 - CFD: 10-02-2015 - 12:41:59 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
O43 - CFD: 11-02-2015 - 23:32:37 - [0] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\winMd5Sum
O43 - CFD: 03-12-2014 - 19:03:29 - [] ----D C:\Users\TAREKO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
~ Program Folder: 380 Scanned in 00mn 00s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.446EEF9A831C79DCE705CAB833833023] - 05-06-2015 - 20:35:24 ---A- . (...) -- C:\IFRToolLog.txt [1239]
O44 - LFC:[MD5.0341BF7622E0D547446DB254868EF965] - 11-06-2015 - 16:44:41 ---A- . (.Microsoft Corporation - Bibliothèque de contrôles de l’expérience u.) -- C:\Windows\System32\comctl32.dll [653824]
O44 - LFC:[MD5.6CCC851608DD076C13E37737BB75A9DC] - 11-06-2015 - 19:42:07 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [4177920]
O44 - LFC:[MD5.62B3D51F60859F595317D7C3AEC5E5F2] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Connecteur Microsoft Search pour Outlook.) -- C:\Windows\System32\mssphtb.dll [248832]
O44 - LFC:[MD5.F52C9F18BE8899CF503D7D40E62C47C3] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Indexeur Microsoft Windows Search.) -- C:\Windows\System32\SearchIndexer.exe [903168]
O44 - LFC:[MD5.3B8D14C7D33E3991090C726DD4CF7088] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Microsoft Search Protocol Handler.) -- C:\Windows\System32\mssph.dll [468480]
O44 - LFC:[MD5.279C2DB5C56A3674DCB98165E85237CF] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Microsoft Tripoli Query.) -- C:\Windows\System32\tquery.dll [3633664]
O44 - LFC:[MD5.98D0A8C3BF81774D76EAAB5977B69AB3] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) -- C:\Windows\System32\SearchProtocolHost.exe [337408]
O44 - LFC:[MD5.44603DA5A87FB491EF59C889EBBB4DDB] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Pilote XHCI USB.) -- C:\Windows\System32\Drivers\USBXHCI.SYS [325464]
O44 - LFC:[MD5.42FFA34D6A1ABBC6064E0D8A452039D3] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Plateforme de recherche Microsoft Vista.) -- C:\Windows\System32\mssvp.dll [774144]
O44 - LFC:[MD5.F2CBC74E403A4251279D0BA9D0ECFBDB] - 11-06-2015 - 19:43:06 ---A- . (.Microsoft Corporation - Recherche intégrée Microsoft.) -- C:\Windows\System32\mssrch.dll [2551808]
O44 - LFC:[MD5.3C03E08CBB76B7081173924C52D329EE] - 11-06-2015 - 19:52:17 ---A- . (.Microsoft Corporation - Programme principal d’automation de l’inter.) -- C:\Windows\System32\UIAutomationCore.dll [1249280]
O44 - LFC:[MD5.CD7DC91A7F84B4C81A06B511545DE867] - 11-06-2015 - 19:52:19 ---A- . (.Microsoft Corporation - Authorization Framework.) -- C:\Windows\System32\authz.dll [275968]
O44 - LFC:[MD5.D044FD35EEC3BF683B963DE10A5E00C3] - 11-06-2015 - 21:40:44 ---A- . (.Microsoft Corporation - Remote Access TAPI Compliance Layer.) -- C:\Windows\System32\rastapi.dll [222208]
O44 - LFC:[MD5.11E5CD954CC38080471E7CC2CA1558AE] - 11-06-2015 - 22:12:00 ---A- . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll [1032704]
O44 - LFC:[MD5.35622F5A652C4E16774234DCA0026E74] - 11-06-2015 - 22:12:00 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [633856]
O44 - LFC:[MD5.1E31F06BE53F11CF5E660284E68587AC] - 11-06-2015 - 22:12:00 ---A- . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll [374272]
O44 - LFC:[MD5.614604C8D322D0779E426917CAFE4F3E] - 11-06-2015 - 22:12:01 ---A- . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll [262144]
O44 - LFC:[MD5.ACD6FE6C82B93813F023FC01A51CB940] - 11-06-2015 - 22:12:01 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [92160]
O44 - LFC:[MD5.9EFAF10AF9BFA6CDBDDE3D8C5EDC3453] - 11-06-2015 - 22:12:01 ---A- . (.Microsoft Corporation - Objets homologues Internet Explorer.) -- C:\Windows\System32\iepeers.dll [145408]
O44 - LFC:[MD5.3854BFE1C0F14872C94501421CC40813] - 11-06-2015 - 22:12:05 ---A- . (.Microsoft Corporation - Microsoft ® JScript Diagnostics.) -- C:\Windows\System32\jscript9diag.dll [814080]
O44 - LFC:[MD5.2BC2D3A41BB755487FD55C09938F00BC] - 11-06-2015 - 22:12:06 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [417792]
O44 - LFC:[MD5.83781DF625A4448B39410D7FA2BDC48D] - 11-06-2015 - 22:12:06 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [816640]
O44 - LFC:[MD5.083BCA14FCE290D682D8DAC9372CBF23] - 11-06-2015 - 22:12:06 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [801280]
O44 - LFC:[MD5.7F8F9AE03D1BA4354671E05F07A40F1A] - 11-06-2015 - 22:12:06 ---A- . (.Microsoft Corporation - Microsoft SmartScreen Filter.) -- C:\Windows\System32\ieapfltr.dll [800768]
O44 - LFC:[MD5.33B5F1A727FACDEA7CDA0E35FFAADDCF] - 11-06-2015 - 22:12:07 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [584192]
O44 - LFC:[MD5.FF84182188CA8F0DC28CFED06C9B7816] - 11-06-2015 - 22:12:07 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [2125824]
O44 - LFC:[MD5.7B4A7D55E905ED9A0A4B1263BA7C6944] - 11-06-2015 - 22:12:08 ---A- . (.Microsoft Corporation - ActiveX Interface Marshaling Library.) -- C:\Windows\System32\actxprxy.dll [2865152]
O44 - LFC:[MD5.6ABFC5736EC920C4436F32111F5CBCEE] - 11-06-2015 - 22:12:09 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1545728]
O44 - LFC:[MD5.6E295C7364DAEB151CC0E98434B6AC92] - 11-06-2015 - 22:12:09 ---A- . (.Microsoft Corporation - Utilitaire à l’exécution pour Internet Expl.) -- C:\Windows\System32\iertutil.dll [2885632]
O44 - LFC:[MD5.AE5A2843B4A2E1E558B9EE13EF62CCE5] - 11-06-2015 - 22:12:11 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [14404096]
O44 - LFC:[MD5.417F80E4AFBA1AA9EBBD618F1C6D9165] - 11-06-2015 - 22:12:12 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [2426880]
O44 - LFC:[MD5.CFA52E2FE8E623042A1EEF96EB1B9481] - 11-06-2015 - 22:12:12 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [6026240]
O44 - LFC:[MD5.A29BAFC1543F9D2234AFFFEA9BCE76C8] - 11-06-2015 - 22:12:15 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [24917504]
O44 - LFC:[MD5.3F8C7B8A4C345D0378AC79746E927158] - 11-06-2015 - 22:23:01 ---A- . (.Microsoft Corporation - Contrôle d’édition de texte enrichi, v7.5.) -- C:\Windows\System32\msftedit.dll [3097600]
O44 - LFC:[MD5.B0B46D29B9F34D19B819B48E208871A5] - 11-06-2015 - 22:33:02 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\UtcResources.dll [36864]
O44 - LFC:[MD5.3ECB752A6963B1CBC9AD65ED89C8ACED] - 11-06-2015 - 22:33:02 ---A- . (.Microsoft Corporation - Microsoft Windows Diagnostics Tracking.) -- C:\Windows\System32\diagtrack.dll [1430528]
O44 - LFC:[MD5.4A5D524C19BEB337797D6448020025B4] - 11-06-2015 - 22:33:43 ---A- . (.Microsoft Corporation - DLL de spouleur local.) -- C:\Windows\System32\localspl.dll [1091072]
O44 - LFC:[MD5.9DF4C369F556A4FBAE7E1D86F1AA5593] - 11-06-2015 - 22:33:43 ---A- . (.Microsoft Corporation - DLL d’interface utilisateur de feuille des.) -- C:\Windows\System32\compstui.dll [309760]
O44 - LFC:[MD5.4DC765353D890B9813AC809C0EFF488A] - 11-06-2015 - 22:33:43 ---A- . (.Microsoft Corporation - DLL d’objets PrintUI.) -- C:\Windows\System32\puiobj.dll [477184]
O44 - LFC:[MD5.574F2184043FAF24B588BA12B3CC99CC] - 11-06-2015 - 22:41:10 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [410336]
O44 - LFC:[MD5.E87D4371B24BC9E5BAE95AEA60FFD959] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - Application Experience Program Cache.) -- C:\Windows\System32\aepic.dll [193536]
O44 - LFC:[MD5.F0CACB26E37A19A8049F7C4448ECC2F5] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - Application Experience Program Inventory Co.) -- C:\Windows\System32\aeinv.dll [1119232]
O44 - LFC:[MD5.16D44C27EE81892ED918DA21544665DC] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - Compatibility Appraiser.) -- C:\Windows\System32\appraiser.dll [1020928]
O44 - LFC:[MD5.FC504D3310BBDABA4449C598C3F8113B] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - Compatibility Upgrade Migration Host.) -- C:\Windows\System32\acmigration.dll [45568]
O44 - LFC:[MD5.2C14C7A76B728DF9F2A0425166FDEE8F] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - Device Inventory Library.) -- C:\Windows\System32\devinv.dll [422912]
O44 - LFC:[MD5.009FD5658121B32791D55D0F34B63883] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - General Telemetry.) -- C:\Windows\System32\generaltel.dll [700416]
O44 - LFC:[MD5.90BFB92CF2AB75A01BF40D22BD1670A8] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\aepdu.dll [227328]
O44 - LFC:[MD5.ACDA86BD8FE54376586173BD55F678F9] - 11-06-2015 - 23:12:17 ---A- . (.Microsoft Corporation - Mise à jour des données de compatibilité de.) -- C:\Windows\System32\invagent.dll [756736]
O44 - LFC:[MD5.8E8E66D376776BC541E3179D2F5EAF76] - 12-06-2015 - 10:49:16 ---A- . (.Microsoft Corporation - Outil de suppression de logiciels malveilla.) -- C:\Windows\System32\MRT.exe [140135120]
O44 - LFC:[MD5.B171A7369829AFC5BBB32F1CCFDFD9C2] - 12-06-2015 - 22:17:27 ---A- . (...) -- C:\Windows\win.ini [269]
O44 - LFC:[MD5.6AC68DDFCAC19A300D738AF3493E46AA] - 14-06-2015 - 10:29:06 ---A- . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\Drivers\nvvad64v.sys [46768]
O44 - LFC:[MD5.1DAA514FDC61ABF63AC7EBA3C2D1095C] - 14-06-2015 - 12:37:33 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [4408727]
O44 - LFC:[MD5.E519A99D99C05B8E595BF6EA5A97D185] - 14-06-2015 - 12:37:33 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\System32\nvcpl.dll [6872904]
O44 - LFC:[MD5.A1F75503A8DCA37FD38D38BB229812F3] - 14-06-2015 - 12:37:33 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.0.) -- C:\Windows\System32\nvsvcr.dll [2558608]
O44 - LFC:[MD5.28C5C7222F0CF2194F03A3778180D5AC] - 14-06-2015 - 12:37:33 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\System32\nvmctray.dll [385168]
O44 - LFC:[MD5.84D65060583B135867E2FCFA913D9DEB] - 14-06-2015 - 12:37:34 ---A- . (.NVIDIA Corporation - NVIDIA Display Shell Extension.) -- C:\Windows\System32\nvshext.dll [62608]
O44 - LFC:[MD5.36ADC305374F12E2D395BCF803FB591F] - 14-06-2015 - 12:37:34 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.0.) -- C:\Windows\System32\nvsvc64.dll [3491984]
O44 - LFC:[MD5.5141D408272B3681ED6A0E8CCF771EF9] - 14-06-2015 - 12:37:34 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 353.0.) -- C:\Windows\System32\nvvsvc.exe [937288]
O44 - LFC:[MD5.FFEBE2767AB7A1732727143D8885FB16] - 14-06-2015 - 12:37:34 ---A- . (.NVIDIA Corporation - NVIDIA French language resource library.) -- C:\Windows\System32\nv3dappshextr.dll [75080]
O44 - LFC:[MD5.50833CA71C8C6B42B98536A52713544D] - 14-06-2015 - 12:37:34 ---A- . (.NVIDIA Corporation - NVIDIA Shell Extensions.) -- C:\Windows\System32\nv3dappshext.dll [1059472]
O44 - LFC:[MD5.390184FAD8FCC1B6DA25AEBAE928C3B6] - 14-06-2015 - 12:49:24 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [28600]
O44 - LFC:[MD5.83586138F23A4C284EB68AFC852D7AFA] - 14-06-2015 - 12:49:25 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys [43576]
O44 - LFC:[MD5.8AC1617AB2D28FEB6AA7A99CD519E507] - 14-06-2015 - 13:44:58 ---A- . (...) -- C:\Windows\System32\nvcompiler.dll [42719888]
O44 - LFC:[MD5.3C45F553479FF1EFC851CA7931ADABF7] - 14-06-2015 - 13:44:58 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\System32\nvdispco6435306.dll [1898312]
O44 - LFC:[MD5.393EA17561266EFEB42F617C357170C0] - 14-06-2015 - 13:44:58 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\System32\nvdispgenco6435306.dll [1557832]
O44 - LFC:[MD5.0A3C9AA1CEAD27AAF5821DF57C092C54] - 14-06-2015 - 13:44:58 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 353.06.) -- C:\Windows\System32\nvcuda.dll [14495448]
O44 - LFC:[MD5.EAB88B9A62A1C0D7D647B2F6AF109796] - 14-06-2015 - 13:44:58 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 353.0.) -- C:\Windows\System32\nvcuvid.dll [2932368]
O44 - LFC:[MD5.09AFE3B5E7C857EFCF2A345C8E35574E] - 14-06-2015 - 13:44:58 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 353.06.) -- C:\Windows\System32\nvd3dumx.dll [15864064]
O44 - LFC:[MD5.BDBADB22270DEFD75A411B0EAECCB8BA] - 14-06-2015 - 13:44:59 ---A- . (.NVIDIA Corporation - NVIDIA Frame Buffer Capture Library, Versio.) -- C:\Windows\System32\NvFBC64.dll [1050440]
O44 - LFC:[MD5.81A179BC07909A1D122F38E14E6BDF53] - 14-06-2015 - 13:44:59 ---A- . (.NVIDIA Corporation - NVIDIA In-band Frame Rendering Library, Ver.) -- C:\Windows\System32\NvIFR64.dll [1059984]
O44 - LFC:[MD5.C5AEB14E6F881ECFB6FF6A45E82FA224] - 14-06-2015 - 13:44:59 ---A- . (.NVIDIA Corporation - NVIDIA OpenGL In-band Frame Readback Librar.) -- C:\Windows\System32\NvIFROpenGL.dll [408208]
O44 - LFC:[MD5.AD8BEBFEF735A99502C726A0F8D2AC78] - 14-06-2015 - 13:44:59 ---A- . (.NVIDIA Corporation - NVIDIA Video Encoder API, Version 3.0.) -- C:\Windows\System32\nvEncodeAPI64.dll [503408]
O44 - LFC:[MD5.017E0B4AEFCB291E7CF1CD4BF120A7A8] - 14-06-2015 - 13:44:59 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [10995528]
O44 - LFC:[MD5.F57473090465323A774A648B35CAC3E8] - 14-06-2015 - 13:45:01 ---A- . (.NVIDIA Corporation - NVIDIA CUDA 7.5.8 OpenCL 1.1 Driver, Versio.) -- C:\Windows\System32\nvopencl.dll [16185352]
O44 - LFC:[MD5.9B34CEAB71176AAB18BE01F846EB4549] - 14-06-2015 - 13:45:01 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\System32\nvoglv64.dll [30480528]
O44 - LFC:[MD5.AFB72583B82529352FF77033E68883DE] - 14-06-2015 - 13:45:01 ---A- . (.NVIDIA Corporation - NVIDIA OpenGL Shim Driver, Version 353.06.) -- C:\Windows\System32\nvoglshim64.dll [150648]
O44 - LFC:[MD5.BED3EDDC4B361B9023022B8ED4B04AEA] - 14-06-2015 - 13:45:01 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\Drivers\nvpciflt.sys [31560]
O44 - LFC:[MD5.5A8A5D76E5DEB1E49C63663095959FAA] - 14-06-2015 - 13:45:03 ---A- . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 353.06.) -- C:\Windows\System32\nvwgf2umx.dll [17486856]
O44 - LFC:[MD5.626D1BAD7A1975A8FEE8876A8AD0EEA7] - 14-06-2015 - 14:27:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [132120]
O44 - LFC:[MD5.43B6D229C7DBA9F0FC0FC0C318DB5350] - 14-06-2015 - 14:27:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [152744]
O44 - LFC:[MD5.91E24273FCA076EA9E65DAFA98901225] - 14-06-2015 - 15:30:49 ---A- . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\System32\explorer.exe [2207488]
O44 - LFC:[MD5.6E7E7B65B739AA02D48786EB2B827DAE] - 14-06-2015 - 16:32:04 ---A- . (...) -- C:\Windows\BRRBCOM.INI [7889]
O44 - LFC:[MD5.8752CC895B972F48D82F9ADB3D96E351] - 14-06-2015 - 17:15:53 ----- . (.Microsoft Corporation - Microsoft Malware Protection Signature Upda.) -- C:\Windows\System32\MpSigStub.exe [295552]
O44 - LFC:[MD5.1E9E32AEC3E1EB1B31B8169F33168B56] - 14-06-2015 - 21:48:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O44 - LFC:[MD5.28B597A61C9AC9B59BC0573D70A62CBF] - 14-06-2015 - 21:48:56 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]
O44 - LFC:[MD5.0FAF73287423A594DBB38B8D88A639B2] - 15-06-2015 - 11:05:11 ---A- . (.Kaspersky Lab ZAO - Kaspersky Lab System Lock Driver (64-bit).) -- C:\Windows\System32\Drivers\34476310.sys [52320]
O44 - LFC:[MD5.0307CF4184F4F22DB75F36ACCCEF7ED1] - 15-06-2015 - 13:47:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736]
O44 - LFC:[MD5.3CCA30DE2D39FE208F496D325C16B580] - 15-06-2015 - 15:16:19 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.CE85100A679156B44313982E26890A28] - 15-06-2015 - 15:57:37 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1827432]
O44 - LFC:[MD5.3622C4077935E1757CE9122C591C14BF] - 15-06-2015 - 15:57:37 ---A- . (...) -- C:\Windows\System32\perfc009.dat [136128]
O44 - LFC:[MD5.CC705131E68D7CAF833759B9CCD3373C] - 15-06-2015 - 15:57:37 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [159382]
O44 - LFC:[MD5.D16279DE10B6E3EBDD6C75B1E67E594A] - 15-06-2015 - 15:57:37 ---A- . (...) -- C:\Windows\System32\perfh009.dat [723514]
O44 - LFC:[MD5.F21F5B6574F2B04221BC0965FF2996CD] - 15-06-2015 - 15:57:37 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [802432]
O44 - LFC:[MD5.E7FD6907D1592A121FA85A265ABF29C6] - 15-06-2015 - 20:04:48 ---A- . (...) -- C:\AdsFix_15_06_2015_20_04_57.txt [94226]
O44 - LFC:[MD5.FB76B8B0A864FCD53C972322A4CCD938] - 15-06-2015 - 20:08:25 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.E9CD058C79EA15B4AA93E259FA713B07] - 15-06-2015 - 20:22:30 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408]
O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 15-06-2015 - 20:55:20 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-TAREK-Windows-8.1-Single-Language-(64-bit).dat [207]
O44 - LFC:[MD5.F95943EC4AADAE197B01A261FE166D15] - 15-06-2015 - 20:55:40 ---A- . (...) -- C:\Windows\System32\VfService.trf [16896]
~ Files: 100 Scanned in 00mn 08s



---\\ Latest files created in Windows Prefetcher (O45)
O45 - LFCP:[MD5.997028E2614F0489D8DD339DA909D241] - 15-06-2015 - 20:50:15 ---A- - C:\Windows\Prefetch\BITTORRENT.EXE-48A8206C.pf =>P2P.BitTorrent
O45 - LFCP:[MD5.E68CFE611175C62298238C847E4D1411] - 15-06-2015 - 12:22:04 ---A- - C:\Windows\Prefetch\QBITTORRENT.EXE-E16051E4.pf =>P2P.BitTorrent
~ Prefetcher: 2 Scanned in 00mn 00s



---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Fournisseur de sécurité TLS/SSL.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Live Security Package.) -- C:\Windows\System32\livessp.dll
~ LSA: 9 Scanned in 00mn 00s



---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\57356014.sys . (...) -- C:\Windows\System32\Drivers\57356014.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (...) -- C:\Windows\System32\Drivers\vga.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\57356014.sys . (...) -- C:\Windows\System32\Drivers\57356014.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicDisplay.sys . (.Microsoft Corporation - Microsoft Basic Display Driver.) -- C:\Windows\System32\Drivers\BasicDisplay.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\BasicRender.sys . (.Microsoft Corporation - Microsoft Basic Render Driver.) -- C:\Windows\System32\Drivers\BasicRender.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dxgkrnl.sys . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\FsDepends.sys . (.Microsoft Corporation - File System Dependency Manager Mini Filter Driver.) -- C:\Windows\System32\Drivers\FsDepends.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (...) -- C:\Windows\System32\Drivers\rdpencdd.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (...) -- C:\Windows\System32\Drivers\vga.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ CSB: 23 Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (MPSK) (O51)
O51 - MPSK:{1e794c12-9cd6-11e4-bec6-28d24448a393}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
O51 - MPSK:{5c748c08-8d08-11e4-bebb-28d24448a393}\AutoRun\command. (...) -- G:\autorun.exe (.not file.)
O51 - MPSK:{7dc56522-9440-11e4-bec0-28d24448a393}\AutoRun\command. (...) -- G:\autorun.exe (.not file.)
O51 - MPSK:{7dc5683f-9440-11e4-bec0-28d24448a393}\AutoRun\command. (...) -- G:\autorun.exe (.not file.)
O51 - MPSK:{d6f63452-3810-11e4-be86-28d24448a393}\AutoRun\command. (...) -- H:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsv64.dll" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll
O52 - TDSD: \Drivers32\"VIDC.FICV"="ficvdec_x64.dll" . (...) -- C:\Windows\System32\ficvdec_x64.dll
O52 - TDSD: \Drivers32\"VIDC.WVC1"="d3dgeardecoder64.dll" . (.D3DGear Technologies. - D3DGear.) -- C:\Windows\System32\d3dgeardecoder64.dll
O52 - TDSD: \Drivers32\"VIDC.WMV3"="d3dgeardecoder64.dll" . (.D3DGear Technologies. - D3DGear.) -- C:\Windows\System32\d3dgeardecoder64.dll
O52 - TDSD: \Drivers32\"VIDC.MJPG"="d3dgeardecoder64.dll" . (.D3DGear Technologies. - D3DGear.) -- C:\Windows\System32\d3dgeardecoder64.dll
O52 - TDSD: \Drivers32\"VIDC.M4S2"="d3dgeardecoder64.dll" . (.D3DGear Technologies. - D3DGear.) -- C:\Windows\System32\d3dgeardecoder64.dll
O52 - TDSD: \Drivers32\"VIDC.FVFW"="d3dgeardecoder64.dll" . (.D3DGear Technologies. - D3DGear.) -- C:\Windows\System32\d3dgeardecoder64.dll
O52 - TDSD: \Drivers32\"VIDC.FFVH"="d3dgeardecoder64.dll" . (.D3DGear Technologies. - D3DGear.) -- C:\Windows\System32\d3dgeardecoder64.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"frapsv64.dll"="Fraps Video Decompressor" . (.Beepa P/L - Fraps.) -- C:\Windows\System32\frapsv64.dll
O52 - TDSD: \drivers.desc\"d3dgeardecoder64.dll"="D3DGear Hight Performance Decoder" . (.D3DGear Technologies. - D3DGear.) -- C:\Windows\System32\d3dgeardecoder64.dll
~ TDSD: 12 Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ MSCP: 2 Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableCursorSuppression"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ MWPS: 19 Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
~ MWPE Keys: 3 Scanned in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:15-06-2015 - 11:05:11 ---A- . (.Kaspersky Lab ZAO - Kaspersky Lab System Lock Driver (64-bit).) -- C:\Windows\System32\Drivers\34476310.sys [52320]
O58 - SDL:22-08-2013 - 13:43:41 ---A- . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\Drivers\3ware.sys [108896]
O58 - SDL:25-12-2013 - 2:14:26 ---A- . (.Lenovo Corporation - ACPI Virtual Power Controller Driver.) -- C:\Windows\System32\Drivers\AcpiVpc.sys [33560]
O58 - SDL:22-08-2013 - 13:43:41 ---A- . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) -- C:\Windows\System32\Drivers\adp80xx.sys [782176]
O58 - SDL:22-08-2013 - 13:43:41 ---A- . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [79200]
O58 - SDL:22-08-2013 - 13:43:41 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\System32\Drivers\amdsbs.sys [259424]
O58 - SDL:22-08-2013 - 13:43:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [25952]
O58 - SDL:22-08-2013 - 13:43:41 ---A- . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [114016]
O58 - SDL:14-06-2015 - 14:27:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Minifilter Driver.) -- C:\Windows\System32\Drivers\avgntflt.sys [152744] =>.Avira Operations GmbH
O58 - SDL:14-06-2015 - 14:27:58 ---A- . (.Avira Operations GmbH & Co. KG - Avira Driver for Security Enhancement.) -- C:\Windows\System32\Drivers\avipbb.sys [132120] =>.Avira Operations GmbH
O58 - SDL:04-02-2015 - 17:51:10 ---A- . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\Drivers\avkmgr.sys [28600] =>.Avira Operations GmbH
O58 - SDL:04-02-2015 - 17:51:13 ---A- . (.Avira Operations GmbH & Co. KG - Avira WFP Network Driver.) -- C:\Windows\System32\Drivers\avnetflt.sys [43576] =>.Avira Operations GmbH
O58 - SDL:13-08-2013 - 0:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:22-08-2013 - 13:43:41 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\Drivers\bxvbda.sys [531296]
O58 - SDL:29-08-2008 - 17:54:30 ---A- . (.Mobile Connector - USB/Serial Device Driver.) -- C:\Windows\System32\Drivers\cmusbser.sys [118144]
O58 - SDL:24-01-2015 - 17:38:02 ---A- . (.Connectify - NDISRD helper driver.) -- C:\Windows\System32\Drivers\cnnctfy3.sys [35352]
O58 - SDL:16-01-2015 - 23:20:16 ---A- . (.Disc Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283064]
O58 - SDL:04-03-2013 - 13:24:27 ---A- . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\System32\Drivers\ElbyCDIO.sys [40344]
O58 - SDL:22-08-2013 - 13:43:45 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\Drivers\evbda.sys [3357024]
O58 - SDL:21-08-2012 - 13:01:20 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:22-03-2013 - 4:06:30 ---A- . (.GenesysLogic - GeneStor.) -- C:\Windows\System32\Drivers\GeneStor.sys [91368]
O58 - SDL:15-05-2013 - 19:08:14 ---A- . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\Drivers\HECIx64.sys [64624]
O58 - SDL:22-08-2013 - 13:43:45 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\System32\Drivers\HpSAMD.sys [64352]
O58 - SDL:30-07-2013 - 19:47:35 ---A- . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:25-07-2013 - 20:05:39 ---A- . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\Drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:30-04-2013 - 12:25:00 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\Drivers\iaStorA.sys [677360]
O58 - SDL:10-08-2013 - 1:39:30 ---A- . (.Intel Corporation - Intel Rapid Storage Technology driver (inbox) - x64.) -- C:\Windows\System32\Drivers\iaStorAV.sys [651248]
O58 - SDL:22-08-2013 - 13:43:45 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\Drivers\iaStorV.sys [412000]
O58 - SDL:20-05-2015 - 13:55:54 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [197616]
O58 - SDL:08-05-2013 - 1:22:41 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\Drivers\igdkmd64.sys [4431840]
O58 - SDL:08-05-2013 - 1:25:22 ---A- . (.Intel(R) Corporation - Intel(R) Display Audio Driver.) -- C:\Windows\System32\Drivers\IntcDAud.sys [442368]
O58 - SDL:19-09-2014 - 2:58:48 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\intelaud.sys [38264]
O58 - SDL:19-09-2014 - 2:58:48 ---A- . (.Intel Corporation - Intel® WiDi Solution.) -- C:\Windows\System32\Drivers\iwdbus.sys [27000]
O58 - SDL:18-06-2013 - 15:44:59 ---A- . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controlle.) -- C:\Windows\System32\Drivers\L1C63x64.sys [129224]
O58 - SDL:25-12-2013 - 2:14:26 ---A- . (.Lenovo. - HD Disk Driver.) -- C:\Windows\System32\Drivers\LhdX64.sys [39008]
O58 - SDL:22-08-2013 - 13:43:44 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [109408]
O58 - SDL:22-08-2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas2.sys [93536]
O58 - SDL:22-08-2013 - 13:43:44 ---A- . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas3.sys [81760]
O58 - SDL:22-08-2013 - 13:43:45 ---A- . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sss.sys [82784]
O58 - SDL:14-04-2015 - 9:37:42 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [25816]
O58 - SDL:15-06-2015 - 13:47:44 ---A- . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\Drivers\mbamchameleon.sys [107736]
O58 - SDL:15-06-2015 - 20:22:30 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\MBAMSwissArmy.sys [136408]
O58 - SDL:22-08-2013 - 13:43:45 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\Drivers\megasas.sys [56672]
O58 - SDL:22-08-2013 - 13:43:45 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\megasr.sys [575840]
O58 - SDL:22-08-2013 - 13:43:49 ---A- . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\Drivers\mvumis.sys [63840]
O58 - SDL:14-04-2015 - 9:38:00 ---A- . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\Drivers\mwac.sys [64216]
O58 - SDL:22-08-2013 - 14:35:30 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETwew00.sys [3345376]
O58 - SDL:25-06-2010 - 18:07:26 ---A- . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [35344]
O58 - SDL:28-05-2015 - 8:04:11 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 353.06.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [10995528]
O58 - SDL:28-05-2015 - 8:04:11 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 353.06.) -- C:\Windows\System32\Drivers\nvpciflt.sys [31560]
O58 - SDL:22-08-2013 - 13:43:31 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [150368]
O58 - SDL:22-08-2013 - 13:43:32 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [168288]
O58 - SDL:19-05-2015 - 4:29:01 ---A- . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\Drivers\nvvad64v.sys [46768]
O58 - SDL:30-12-2009 - 9:21:26 ---A- . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\Drivers\revoflt.sys [31800]
O58 - SDL:28-05-2013 - 15:37:16 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHD64.sys [3432776]
O58 - SDL:19-07-2013 - 9:58:26 ---A- . (.Realtek Semiconductor Corp. - Realtek UVC Driver for XP/Vista/Win7/Win8.) -- C:\Windows\System32\Drivers\rtsuvc.sys [8247640]
O58 - SDL:22-08-2013 - 16:35:09 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [23040]
O58 - SDL:22-08-2013 - 13:43:31 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid2.sys [44896]
O58 - SDL:22-08-2013 - 13:43:32 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [81760]
O58 - SDL:03-06-2013 - 7:42:36 ---A- . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\Windows\System32\Drivers\Smb_driver_Intel.sys [33008]
O58 - SDL:22-08-2013 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:03-06-2013 - 7:42:38 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\System32\Drivers\SynTP.sys [530672]
O58 - SDL:22-08-2013 - 13:40:24 ---A- . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\Drivers\tap0901.sys [40664]
O58 - SDL:03-12-2014 - 23:38:18 ---A- . (.Anchorfree Inc. - Anchorfree HSS VPN Adapter.) -- C:\Windows\System32\Drivers\taphss6.sys [42184]
O58 - SDL:28-05-2013 - 15:37:28 ---A- . (.Windows (R) Win 7 DDK provider - usb3hub.sys.) -- C:\Windows\System32\Drivers\usb3Hub.sys [206744]
O58 - SDL:28-07-2014 - 14:52:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:11-10-2014 - 13:29:02 ---A- . (.Oracle Corporation - VirtualBox Support Driver.) -- C:\Windows\System32\Drivers\VBoxDrv.sys [917112]
O58 - SDL:11-10-2014 - 13:27:46 ---A- . (.Oracle Corporation - VirtualBox Host-Only Network Adapter Driver.) -- C:\Windows\System32\Drivers\VBoxNetAdp.sys [142528]
O58 - SDL:11-10-2014 - 13:27:44 ---A- . (.Oracle Corporation - VirtualBox Bridged Networking Driver.) -- C:\Windows\System32\Drivers\VBoxNetFlt.sys [157448]
O58 - SDL:11-10-2014 - 13:27:44 ---A- . (.Oracle Corporation - VirtualBox USB Monitor Driver.) -- C:\Windows\System32\Drivers\VBoxUSBMon.sys [129168]
O58 - SDL:24-07-2013 - 16:02:55 ---A- . (.Elaborate Bytes AG - Virtual CloneDrive storage miniport.) -- C:\Windows\System32\Drivers\VClone.sys [34816]
O58 - SDL:22-08-2013 - 13:43:34 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [19808]
O58 - SDL:22-08-2013 - 13:43:34 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [168800]
O58 - SDL:22-08-2013 - 13:43:34 ---A- . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\Drivers\VSTXRAID.SYS [305504]
O58 - SDL:13-06-2012 - 17:10:32 ---A- . (."CyberLink - Cyberlink Virtual Disk Driver.) -- C:\Windows\System32\Drivers\wsvd.sys [102376]
~ Drivers: 75 Scanned in 00mn 05s



---\\ Last modified or created user files (O61)
O61 - LFC: 09-06-2015 - 21:01:49 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [4421614]
O61 - LFC: 10-06-2015 - 21:01:48 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.FactsList_8_1_RP-bf695b40.dll [15320]
O61 - LFC: 10-06-2015 - 21:01:48 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.Rating_8_1_RP-5b672b01.dll [11736]
O61 - LFC: 11-06-2015 - 21:01:47 ---A- . (.The Chromium Authors.) -- C:\Users\TAREKO\AppData\Local\Maelstrom\Application\42.0.1.13\Installer\setup.exe [927232]
O61 - LFC: 11-06-2015 - 21:01:49 ---A- . (.NVIDIA Corporation.) -- C:\Users\TAREKO\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe [675256]
O61 - LFC: 11-06-2015 - 21:01:49 ---A- . (.NVIDIA Corporation.) -- C:\Users\TAREKO\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe [172984]
O61 - LFC: 11-06-2015 - 21:01:49 ---A- . (.NVIDIA Corporation.) -- C:\Users\TAREKO\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\Ontology.dll [1403832]
O61 - LFC: 11-06-2015 - 21:01:54 ---A- . (.The Chromium Authors.) -- C:\Users\TAREKO\AppData\Roaming\BitTorrent Maelstrom\temp_update\update.exe [40479080] =>P2P.BitTorrent
O61 - LFC: 11-06-2015 - 21:02:00 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\Downloads\Internet Download Manager 6.23 build 12 crack\idman623build12.exe [6231504]
O61 - LFC: 12-06-2015 - 21:01:48 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin [269992]
O61 - LFC: 12-06-2015 - 21:01:57 ---A- . (.Adobe Systems Inc.) -- C:\Users\TAREKO\AppData\Roaming\Mozilla\Firefox\Profiles\44hub6l8.default-1431635997526\gmp-eme-adobe\11\eme-adobe.dll [5916912]
O61 - LFC: 12-06-2015 - 21:02:02 ---A- . (.Elkhalki & Startimes.) -- C:\Users\TAREKO\Downloads\Programs\Internet Download Manager 6.23 Build 12 All In One Solution By ELKHALKI.exe [13825770]
O61 - LFC: 13-06-2015 - 21:01:52 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Temp\jrt\mws.bat [13758]
O61 - LFC: 13-06-2015 - 21:02:00 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\Downloads\Internet Download Manager 6.23 build 12 crack\idmcchandler2.dll [332824]
O61 - LFC: 13-06-2015 - 21:02:00 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\Downloads\Internet Download Manager 6.23 build 12 crack\idmcchandler2_64.dll [460824]
O61 - LFC: 14-06-2015 - 21:01:46 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Google\Chrome\User Data\nacl_validation_cache.bin [344]
O61 - LFC: 14-06-2015 - 21:01:49 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\NVIDIA\NvBackend\Packages\000077eb\CoProc update.19655412.exe [453720]
O61 - LFC: 14-06-2015 - 21:01:49 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\NVIDIA\NvBackend\Packages\0000782e\DAO.19663661.exe [5811488]
O61 - LFC: 14-06-2015 - 21:01:55 ---A- . (.Malwarebytes Corporation.) -- C:\Users\TAREKO\AppData\Roaming\IDM\DwnlData\TAREKO\mbam-setup-2.1.6.1022_2943\mbam-setup-2.1.6.1022.exe [280640]
O61 - LFC: 14-06-2015 - 21:01:55 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc.dll [26648]
O61 - LFC: 14-06-2015 - 21:02:01 ---A- . (.NVIDIA Corporation.) -- C:\Users\TAREKO\Downloads\Programs\353.06-desktop-win8-win7-winvista-64bit-international-whql.exe [292211848]
O61 - LFC: 14-06-2015 - 21:02:01 ---A- . (.NVIDIA Corporation.) -- C:\Users\TAREKO\Downloads\Programs\GeForce_Experience_v2.4.5.44.exe [36802944]
O61 - LFC: 14-06-2015 - 21:02:01 ---A- . (.techPowerUp (www.techpowerup.com).) -- C:\Users\TAREKO\Downloads\Programs\GPU-Z.0.8.3.exe [1734440]
O61 - LFC: 14-06-2015 - 21:02:02 ---A- . (.Kaspersky Lab ZAO.) -- C:\Users\TAREKO\Downloads\Programs\KVRT.exe [105725600]
O61 - LFC: 14-06-2015 - 21:02:02 ---A- . (.TunnelBear.) -- C:\Users\TAREKO\Downloads\Programs\TunnelBear-Install.exe [13437480]
O61 - LFC: 15-06-2015 - 21:01:46 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]
O61 - LFC: 15-06-2015 - 21:01:52 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Temp\jrt\get.bat [17013]
O61 - LFC: 15-06-2015 - 21:01:52 ---A- . (...) -- C:\Users\TAREKO\AppData\Local\Temp\jrt\misc.bat [117371]
O61 - LFC: 15-06-2015 - 21:01:55 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\AppData\Roaming\IDM\idmmzcc5\components12\idmmzcc64.dll [31768]
O61 - LFC: 15-06-2015 - 21:01:55 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2.dll [332824]
O61 - LFC: 15-06-2015 - 21:01:55 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\AppData\Roaming\IDM\idmmzcc5\components2\idmcchandler2_64.dll [460824]
O61 - LFC: 15-06-2015 - 21:01:55 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc.dll [34216]
O61 - LFC: 15-06-2015 - 21:01:55 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\AppData\Roaming\IDM\idmmzcc5\components2\idmmzcc64.dll [28512]
O61 - LFC: 15-06-2015 - 21:01:55 ---A- . (.Tonec Inc..) -- C:\Users\TAREKO\AppData\Roaming\IDM\idmmzcc5\components\idmmzcc.dll [34216]
O61 - LFC: 15-06-2015 - 21:01:56 ---A- . (.Igor Pavlov.) -- C:\Users\TAREKO\AppData\Roaming\Maxthon3\Temp\MxUp\7z.dll [679296]
O61 - LFC: 15-06-2015 - 21:01:58 ---A- . (.SosVirus.) -- C:\Users\TAREKO\Desktop\AdsFix.exe [2555016]
O61 - LFC: 15-06-2015 - 21:01:58 ---A- . (.Thisisu.) -- C:\Users\TAREKO\Desktop\JRT.exe [2945318]
O61 - LFC: 15-06-2015 - 21:02:01 ---A- . (...) -- C:\Users\TAREKO\Downloads\Programs\delfix_1.010.exe [781312]
O61 - LFC: 15-06-2015 - 21:02:01 ---A- . (.Farbar.) -- C:\Users\TAREKO\Downloads\Programs\FRST64.exe [2109952]
O61 - LFC: 15-06-2015 - 21:02:02 ---A- . (.Malwarebytes Corp..) -- C:\Users\TAREKO\Downloads\Programs\mbar-1.09.1.1004.exe [16502728]
O61 - LFC: 15-06-2015 - 21:02:02 ---A- . (.Nicolas Coolman.) -- C:\Users\TAREKO\Downloads\Programs\ZHPDiag2.exe [6880102] =>.Nicolas Coolman
~ 107 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 41 Scanned in 00mn 18s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
~ FASS Keys: 11 Scanned in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Crack & Keygen Files (CKF) (O82)
C:\Program Files (x86)\Visible Body - Cracked by m!DVT\Human Anatomy Atlas\Human Anatomy Atlas.exe =>.Crack,Keygen
C:\Program Files (x86)\Visible Body - Cracked by m!DVT\Human Anatomy Atlas\Uninstall.exe =>.Crack,Keygen
C:\Program Files (x86)\Visible Body - Cracked by m!DVT\Human Anatomy Atlas\Human Anatomy Atlas.exe =>.Crack,Keygen
C:\Program Files (x86)\Visible Body - Cracked by m!DVT\Human Anatomy Atlas\Uninstall.exe =>.Crack,Keygen
~ Files: Scanned in 03mn 00s



---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [214528]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [156160]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [329216]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [1360896]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [1084416]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [926208]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [31744]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [110080]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [151040]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [110592]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1265152]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [230400]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [71168]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [135168]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [225280]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [339968]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84992]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [101376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [348672]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service d’infrastructure de localisation Windows.) -- C:\Windows\System32\GeofenceMonitorService.dll [521728]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Service de compte Microsoft®.) -- C:\Windows\System32\wlidsvc.dll [1639424]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [59392]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Gestionnaire d’installation de périphérique.) -- C:\Windows\System32\DeviceSetupManager.dll [206848]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Service Assistant Connectivité réseau Microsoft.) -- C:\Windows\System32\ncasvc.dll [166400]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [102912]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire des connexions d’accès à distance.) -- C:\Windows\System32\rasmans.dll [542208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [226816]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [73728]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [452608]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [313344]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [3678720]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [933376]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [640000]
~ Services: 34 Scanned in 00mn 00s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.3C1AE2013774CB346DAB69C85698DCB2] [SPRF][15-06-2015] (.SosVirus - AdsFix.) -- C:\Users\TAREKO\Desktop\AdsFix.exe [2555016]
[MD5.80F9250B9E5199EC1DBABD06278859E9] [SPRF][15-06-2015] (.Thisisu - Junkware Removal Tool.) -- C:\Users\TAREKO\Desktop\JRT.exe [2945318]
[MD5.234F51BD10E243CEAEE54AFF8112BADB] [SPRF][03-08-2013] (.MediaChance - Runtime Module for MMB presentation.) -- C:\Program Files (x86)\watch-jtv.exe [509049]
~ Files: 3 Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{E8482F4E-B427-41C0-BC1D-2E7DC7154EB1}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\TAREKO\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{A9D08ED1-443F-4DBC-A81F-4E9E0DA7EEEB}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - BitTorrent.) -- C:\Users\TAREKO\AppData\Roaming\BitTorrent\BitTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Scanned in 00mn 01s



---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Scanned in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 11-06-2015 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 23-04-2013 1153400 | (Bluetooth OBEX Service) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
SS - | Auto 30-08-2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 28-05-2013 101536 | (BrcmSetSecurity) . (.Intel.) - C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
SS - | Demand 26-10-2012 282112 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe
SS - | Auto 03-11-2014 64616 | (CGVPNCliService) . (.CyberGhost S.R.L.) - C:\Program Files\CyberGhost 5\Service.exe
SS - | Demand 04-03-2014 487936 | (Connectify) . (.Connectify.) - C:\Program Files (x86)\Connectify\ConnectifyService.exe
SS - | Demand 20-05-2013 279024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Auto 13-03-2009 566672 | (DUMeterSvc) . (.Hagel Technologies Ltd..) - C:\Program Files (x86)\DU Meter\DUMeterSvc.exe
SS - | Auto 28-08-2013 626416 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 16-01-2015 1045256 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 02-06-2015 244392 | (FoxitCloudUpdateService) . (.Foxit Software Inc..) - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
SS - | Auto 28-05-2015 1152656 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SS - | Auto 04-08-2014 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04-08-2014 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Auto 30-04-2013 15344 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Demand 13-02-2013 820184 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Auto 15-05-2013 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SS - | Auto 19-08-2013 155448 | (Intel(R) Wireless Bluetooth(R) 4.0 Radio Management) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
SS - | Demand 01-09-2014 640840 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 28-02-2014 174368 | (iumsvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
SS - | Auto 15-05-2013 169432 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SS - | Demand 05-12-2014 619776 | (Lenovo EasyPlus Hotspot) . (.Lenovo.) - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
SS - | Auto 15-05-2013 366552 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Auto 11-05-2015 1872152 | (MaxthonUpdateSvc) . (.Maxthon.) - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
SS - | Auto 14-04-2015 1871160 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
SS - | Auto 14-04-2015 1080120 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
SS - | Demand 15-06-2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 28-08-2013 273136 | (MyWiFiDHCPDNS) . (...) - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
SS - | Auto 28-05-2015 1893008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SS - | Auto 28-05-2015 23006864 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SS - | Auto 28-05-2015 937288 | (nvsvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvvsvc.exe
SS - | Auto 16-04-2010 36864 | (Realtek11nSU) . (.Realtek.) - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
SS - | Auto 16-04-2010 36864 | (RealtekWlanU) . (.Realtek.) - C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlService.exe
SS - | Auto 28-08-2013 149744 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
SS - | Auto 19-06-2012 1646608 | (RosettaStoneDaemon) . (.Rosetta Stone Ltd..) - C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
SS - | Demand 25-06-2010 117264 | (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Auto 12-11-2013 261848 | (RTLDHCPService) . (.Realtek.) - C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe
SS - | Auto 18-10-2013 48856 | (RunSwUSB) . (...) - C:\Windows\runSW.exe
SS - | Auto 02-01-2015 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 04-02-2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SS - | Demand 04-06-2015 837312 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SS - | Auto 25-12-2013 68368 | (VeriFaceSrv) . (...) - C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
SS - | Demand 22-07-1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 29-10-2014 38792 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 28-08-2013 3378416 | (ZeroConfigService) . (.Intel® Corporation.) - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
SR - | Auto 14-06-2015 827640 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
SR - | Auto 14-06-2015 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 14-06-2015 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 14-06-2015 1185584 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
SR - | Auto 28-08-2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 25-06-2013 1132920 | (Bluetooth Device Monitor) . (.Motorola Solutions, Inc..) - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
SR - | Auto 13-02-2013 731648 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 13-12-2012 230408 | (NitroDriverReadSpool8) . (.Nitro PDF Software.) - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
SR - | Auto 13-12-2012 70152 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\WINDOWS\SysWOW64\NLSSRV32.exe
SR - | Demand 22-07-1658 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 22-07-1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
~ Services: Scanned in 00mn 08s



---\\ Search Master Boot Record Infection (MBR)(O80)
Run by TAREKO at 15-06-2015 21:05:23
~ OS 64 not supported by MBR tool
~ MBR: 0 Scanned in 00mn 00s



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by TAREKO at 15-06-2015 21:05:25
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s



---\\ List of CD/DVD Emulators (MBR Hook)
O42 - Logiciel: DAEMON Tools Lite - (.Disc Soft Ltd.) [HKLM][64Bits] -- DAEMON Tools Lite =>.DT Soft Ltd
~ Emulateurs: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (31-05-2015)
Clés trouvées (Keys found) : 25
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 4

[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent] =>P2P.BitTorrent^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GreedyTorrent_is1] =>P2P.GreedyTorrent ^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\qBittorrent] =>P2P.BitTorrent^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] =>P2P.BitTorrent^
[HKLM\Software\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}] =>PUP.Babylon
[HKCU\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin] =>PUP.Babylon
[HKCU\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}] =>PUP.Babylon
[HKLM\Software\Classes\BabyDict] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{C0CEA572-2978-4DFC-A672-8100FF0E276A}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}] =>PUP.Babylon
[HKLM\Software\Classes\.bdc] =>PUP.Conduit
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.µTorrent^
C:\Program Files (x86)\GreedyTorrent =>P2P.GreedyTorrent ^
C:\Program Files (x86)\qBittorrent =>P2P.BitTorrent^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GreedyTorrent =>P2P.GreedyTorrent ^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent =>P2P.BitTorrent^
C:\Users\TAREKO\AppData\Roaming\BitTorrent =>P2P.BitTorrent^
C:\Users\TAREKO\AppData\Roaming\BitTorrent Maelstrom =>P2P.BitTorrent^
C:\Users\TAREKO\AppData\Roaming\qBittorrent =>P2P.BitTorrent^
C:\Users\TAREKO\AppData\Roaming\uTorrent =>P2P.µTorrent^
C:\Users\TAREKO\AppData\Local\qBittorrent =>P2P.BitTorrent^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\GreedyTorrent] =>P2P.GreedyTorrent ^
[HKLM\Software\Wow6432Node\610b548c-8d28-431d-bef6-2c8e823ff180] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\8ffc9d8e-ade0-4037-84d7-9fc4d130a636] =>PUP.CrossRider^
~ Additionnel Scan: 491701 Items scanned in 00mn 13s



---\\ Additional information about modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects (O2)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Auto loading programs from Registry and folders (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.MountPoints2 Shell Key (MPSK) (O51)
~ AMI: 4 Scanned in 00mn 00s



---\\ Summary of the detections found on your workstation
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
~ MSI: 5 link(s) detected in 00mn 00s



End of the scan (1895 lines in 04mn 29s)(4.9)

Publicité


Signaler le contenu de ce document

Publicité