cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.4.83 By Nicolas Coolman (2015\07\04)
~ Run by standard (Administrator) (2015/07/04 16:35:59)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Documents and Settings\standard\Desktop\ZHPDiag.txt
~ Report: C:\Documents and Settings\standard\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ System protection software (1) - 3s
Kaspersky Anti-Virus 6.0 for Windows Workstations v6.0.4.1212

---\\ System protection software (Superfluous) (1) - 3s
McAfee Security Scan Plus v3.8.150.1

---\\ Surveillance software (2) - 3s
Adobe Flash Player 16 NPAPI
Adobe Reader XI

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 3089584
~ System Restore: Désactivé (Disabled)
~ System drive C: has 50 GB free of 238 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: RADIO
~ User Name: standard
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 1s
~ Drive C: has 50 GB free of 238 GB (System)
~ Drive Y: has 172 GB free of 250 GB

---\\ Search Generic System Files (22) - 9s
[MD5.12896823FB95BFB3DC9B46BCAEDC9923] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [1033728]
[MD5.037B1E7798960E0420003D05BB577EE6] - (.Microsoft Corporation - Run a DLL as an App.) () -- C:\WINDOWS\System32\rundll32.exe [33280]
[MD5.8AF91E4B4C1F5338EBE1548117304296] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [920064]
[MD5.ED0EF0A136DEC83DF69F04118870003E] - (.Microsoft Corporation - Windows NT Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [507904]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976]
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44544]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [52480]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [574976]
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80128]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [196224]
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) () -- C:\WINDOWS\System32\drivers\redbook.sys [57600]
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [52352]

---\\ Process running (10) - 2s
[MD5.5544D66F9A0CFF5429F7A750929407E9] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808] [PID.2044]
[MD5.D9098911D42F605ED29353158D4CFA05] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [315736] [PID.756]
[MD5.30EC26D3FAF01CAB6B9C8BD9B606550F] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [628488] [PID.1020]
[MD5.E8FCD6D30CBE9849CCDB9E2BA8A427DF] - (.Kaspersky Lab ZAO - Kaspersky Security Center Network Agent.) -- C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe [132600] [PID.1664]
[MD5.56877067D82084DF27E4CC4C79307F82] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [635416] [PID.872]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.576]
[MD5.E99119F2703B1252E3D4604B0806034E] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\windows\RTHDCPL.EXE [18665472] [PID.2176]
[MD5.D9098911D42F605ED29353158D4CFA05] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [315736] [PID.3140]
[MD5.A135B48A11894AFF91B378F87BCF347F] - (.Kaspersky Lab ZAO - Kaspersky Security Center Vulnerability Ass.) -- C:\Program Files\Kaspersky Lab\NetworkAgent\vapm.exe [654816] [PID.288]
[MD5.03DA9D7B455DA5359902142987631B66] - (.www.ela-salaty.com - Muslims Prayer Time Reminder..) -- C:\Program Files\Ela-Salaty\Salaty.exe [5349888] [PID.3756]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (10) - 0s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] "https://www.google.com.eg/"
G2 - GCE: Extension [User Data\Default] [acjpdakpjonkfmggcmanlhdakfkhloii] Yahoo Web
G2 - GCE: Extension [User Data\Default] [gakhhhihaajhgiankdlgbonphdmdaicc] Dr Player
G2 - GCE: Extension [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Extension [User Data\Default] [hgglbgidokpahomeflanpcdmicfbfoli] Lr Player
G2 - GCE: Extension [User Data\Default] [ifpbhhohhkjmdfbcmmggbdgmabjcehad] Add Player
G2 - GCE: Extension [User Data\Default] [iplojogpbcbnjoemcalepfmbcpnkpjjo] __MSG_name__
G2 - GCE: Extension [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Extension [User Data\Default] [mppnoffgpafgpgbaigljliadgbnhljfl] Ask Search
G2 - GCE: Extension [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (17) - 5s
P2 - EXT: (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files\Mozilla Firefox\Plugins\npwachk.dll
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazondotcom.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\twitter.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited.) -- C:\Documents and Settings\standard\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Apple Inc..) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (...) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll =>Toolbar.AVGSearch
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.69] - (.RealNetworks, Inc..) -- C:\Program Files\K-Lite Codec Pack\Real\Browser\Plugins\nprpjplug.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.eg/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (7) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exeC:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)

---\\ Browser Helper Object (BHO) (O2) (5) - 1s
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} (Orphean)
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} . (.DigitalPersona, Inc. - DigitalPersona OTS Feedback component.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Music Search App (Dist. by Musiclab, Inc.) - {41ca0640-a64c-4262-8540-36c33ee58961} (Orphean)
O2 - BHO: (no name) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} (Orphean)
O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} (Orphean)

---\\ Auto loading programs from Registry and folders (O4) (29) - 1s
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [picon] . (.Intel Corporation - Intel(R) Management and Security.) -- C:\Program Files\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE
O4 - HKLM\..\Run: [SetRefresh] . (.Hewlett-Packard Company - SetRefresh.) -- C:\Program Files\Compaq\SetRefresh\SetRefresh.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\windows\ime\imjp8_1\imjpmig.exe
O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\windows\system32\IME\TINTLGNT\TINTSETP.EXE
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\rundll32.exe
O4 - HKLM\..\Run: [microsoft] C:\WINDOWS\system32\systams.exe (.not file.)
O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [SDP] C:\Documents and Settings\standard\Local Settings\Application Data\FilesFrog Update Checker\update_checker.exe (.not file.) =>Adware.MegaSearch
O4 - HKCU\..\Run: [NextLive] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\windows\system32\rundll32.exe
O4 - HKCU\..\Run: [BearShare] C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Documents and Settings\standard\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-569659444-2042028128-395359190-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\windows\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-569659444-2042028128-395359190-1005\..\Run: [SDP] C:\Documents and Settings\standard\Local Settings\Application Data\FilesFrog Update Checker\update_checker.exe (.not file.) =>Adware.MegaSearch
O4 - HKUS\S-1-5-21-569659444-2042028128-395359190-1005\..\Run: [NextLive] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\windows\system32\rundll32.exe
O4 - HKUS\S-1-5-21-569659444-2042028128-395359190-1005\..\Run: [BearShare] C:\Program Files\BearShare Applications\BearShare\BearShare.exe (.not file.) =>PUP.BearShare
O4 - HKUS\S-1-5-21-569659444-2042028128-395359190-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-569659444-2042028128-395359190-1005\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - HKUS\S-1-5-21-569659444-2042028128-395359190-1005\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Documents and Settings\standard\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe

---\\ Lop.com/Domain Hijackers (O17) (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 163.121.128.134
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 163.121.128.134
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 163.121.128.134

---\\ AppInit_DLLs Registry value Autorun (O20) (1) - 0s
O20 - AppInit_DLLs: . (.Kaspersky Lab - kldialhk.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\adialhk.dll

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (15) - 1s
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) . (.Kaspersky Lab - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (...) - C:\Program Files\MyPC Backup\BackupStack.exe (.not file.) =>PUP.MyPCBackup
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: (DpHost) . (.DigitalPersona, Inc. - DigitalPersona Local Host.) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: F06DEFF2-5B9C-490D-910F-35D3A91196222 (F06DEFF2-5B9C-490D-910F-35D3A91196222) . (...) - C:\Program Files\Music App\Datamngr\setmgrc3.cfg (.not file.) =>PUP.iMesh
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP ProtectTools Service (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) . (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) . (.Hewlett-Packard - HPFSService Application.) - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company - SolutionsFrameworkService.) - C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: Kaspersky Lab Network Agent (klnagent) . (.Kaspersky Lab ZAO - Kaspersky Security Center Network Agent.) - C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe

---\\ Task Planned Automatically (O39) (25) - 1s
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-569659444-2042028128-395359190-1005] (...) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-569659444-2042028128-395359190-1005] (...) -- C:\Program Files\Real\RealUpgrade\realupgrade.exe (.not file.) [0]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job [284]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At10.job [454]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At11.job [454]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At12.job [454]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At13.job [452]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At14.job [452]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At15.job [452]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At16.job [452]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\At9.job [454]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-569659444-2042028128-395359190-1005Core.job [988]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-569659444-2042028128-395359190-1005UA.job [1010]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-569659444-2042028128-395359190-1006Core.job [996]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-569659444-2042028128-395359190-1006UA.job [1018]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [882]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [886]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job [228]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job [222]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-569659444-2042028128-395359190-1005.job [332]
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-569659444-2042028128-395359190-1005 - (..) -- C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-569659444-2042028128-395359190-1005.job [306]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-569659444-2042028128-395359190-1005.job [314]
O39 - APT: RealPlayerRealUpgradeLogonTaskS-1-5-21-569659444-2042028128-395359190-1005 - (..) -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-569659444-2042028128-395359190-1005.job [284]
O39 - APT:Automatic Planified Task - (...) -- C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-569659444-2042028128-395359190-1005.job [292]

---\\ Software installed (O42) (244) - 17s
O42 - Logiciel: Adobe Flash Player 15 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 16 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI
O42 - Logiciel: AVG SafeGuard toolbar - (.AVG Technologies.) [HKLM] -- AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
O42 - Logiciel: BearShare - (.Musiclab, LLC.) [HKLM] -- BearShare =>PUP.BearShare
O42 - Logiciel: Creative WebCam Instant Driver (1.01.02.0729) - (...) [HKLM] -- Creative PD0620
O42 - Logiciel: Drive Encryption for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- Drive Encryption
O42 - Logiciel: Ela-Salaty - (.Ela-Salaty.) [HKLM] -- Ela-Salaty
O42 - Logiciel: Google Chrome - (.Google Incý.ý.) [HKLM] -- Google Chrome
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: HP LaserJet P2030 Series - (...) [HKLM] -- HP LaserJet P2030 Series
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard.) [HKLM] -- HPProtectTools
O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8
O42 - Logiciel: PC Camera E - (.PC Camera.) [HKLM] -- InstallShield_{5ACAFB32-6336-4304-9766-B233ACEC0A8F}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
O42 - Logiciel: Brother P-touch Editor 5.0 - (.Brother Industries, Ltd..) [HKLM] -- InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}
O42 - Logiciel: Brother PT-9800PCN Software User's Guide - (.Brother Industries, Ltd..) [HKLM] -- InstallShield_{E0A2ECAA-56B2-475D-9DB3-BBF03CB675F9}
O42 - Logiciel: Kaspersky Anti-Virus 6.0 for Windows Workstations - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{8F023021-A7EB-45D3-9269-D65264C81729}
O42 - Logiciel: Kaspersky Security Center Network Agent - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}
O42 - Logiciel: istartsurf uninstall - (.istartsurf.) [HKLM] -- istartsurf uninstall =>PUP.IsStart
O42 - Logiciel: Security Update for Windows XP (KB2115168) - (.Microsoft Corporation.) [HKLM] -- KB2115168
O42 - Logiciel: Security Update for Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593
O42 - Logiciel: Security Update for Windows XP (KB2296011) - (.Microsoft Corporation.) [HKLM] -- KB2296011
O42 - Logiciel: Update for Windows XP (KB2345886) - (.Microsoft Corporation.) [HKLM] -- KB2345886
O42 - Logiciel: Security Update for Windows XP (KB2347290) - (.Microsoft Corporation.) [HKLM] -- KB2347290
O42 - Logiciel: Security Update for Windows Media Player (KB2378111) - (.Microsoft Corporation.) [HKLM] -- KB2378111_WM9
O42 - Logiciel: Security Update for Windows XP (KB2387149) - (.Microsoft Corporation.) [HKLM] -- KB2387149
O42 - Logiciel: Security Update for Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802
O42 - Logiciel: Security Update for Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632
O42 - Logiciel: Security Update for Windows XP (KB2423089) - (.Microsoft Corporation.) [HKLM] -- KB2423089
O42 - Logiciel: Security Update for Windows XP (KB2440591) - (.Microsoft Corporation.) [HKLM] -- KB2440591
O42 - Logiciel: Security Update for Windows XP (KB2443105) - (.Microsoft Corporation.) [HKLM] -- KB2443105
O42 - Logiciel: Security Update for Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960
O42 - Logiciel: Security Update for Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971
O42 - Logiciel: Security Update for Windows XP (KB2479943) - (.Microsoft Corporation.) [HKLM] -- KB2479943
O42 - Logiciel: Security Update for Windows XP (KB2481109) - (.Microsoft Corporation.) [HKLM] -- KB2481109
O42 - Logiciel: Security Update for Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185
O42 - Logiciel: Security Update for Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663
O42 - Logiciel: Update for Windows XP (KB2492386) - (.Microsoft Corporation.) [HKLM] -- KB2492386
O42 - Logiciel: Security Update for Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212
O42 - Logiciel: Security Update for Windows XP (KB2507938) - (.Microsoft Corporation.) [HKLM] -- KB2507938
O42 - Logiciel: Security Update for Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429
O42 - Logiciel: Security Update for Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2510531) - (.Microsoft Corporation.) [HKLM] -- KB2510531-IE8
O42 - Logiciel: Security Update for Windows XP (KB2535512) - (.Microsoft Corporation.) [HKLM] -- KB2535512
O42 - Logiciel: Security Update for Windows XP (KB2536276-v2) - (.Microsoft Corporation.) [HKLM] -- KB2536276-v2
O42 - Logiciel: Security Update for Windows XP (KB2544893-v2) - (.Microsoft Corporation.) [HKLM] -- KB2544893-v2
O42 - Logiciel: Security Update for Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454
O42 - Logiciel: Security Update for Windows XP (KB2570947) - (.Microsoft Corporation.) [HKLM] -- KB2570947
O42 - Logiciel: Security Update for Windows XP (KB2584146) - (.Microsoft Corporation.) [HKLM] -- KB2584146
O42 - Logiciel: Security Update for Windows XP (KB2585542) - (.Microsoft Corporation.) [HKLM] -- KB2585542
O42 - Logiciel: Security Update for Windows XP (KB2592799) - (.Microsoft Corporation.) [HKLM] -- KB2592799
O42 - Logiciel: Security Update for Windows XP (KB2598479) - (.Microsoft Corporation.) [HKLM] -- KB2598479
O42 - Logiciel: Update for Windows Internet Explorer 8 (KB2598845) - (.Microsoft Corporation.) [HKLM] -- KB2598845-IE8
O42 - Logiciel: Security Update for Windows XP (KB2603381) - (.Microsoft Corporation.) [HKLM] -- KB2603381
O42 - Logiciel: Security Update for Windows XP (KB2619339) - (.Microsoft Corporation.) [HKLM] -- KB2619339
O42 - Logiciel: Security Update for Windows XP (KB2620712) - (.Microsoft Corporation.) [HKLM] -- KB2620712
O42 - Logiciel: Security Update for Windows XP (KB2631813) - (.Microsoft Corporation.) [HKLM] -- KB2631813
O42 - Logiciel: Update for Windows Internet Explorer 8 (KB2632503) - (.Microsoft Corporation.) [HKLM] -- KB2632503-IE8
O42 - Logiciel: Security Update for Windows XP (KB2653956) - (.Microsoft Corporation.) [HKLM] -- KB2653956
O42 - Logiciel: Security Update for Windows XP (KB2655992) - (.Microsoft Corporation.) [HKLM] -- KB2655992
O42 - Logiciel: Security Update for Windows XP (KB2659262) - (.Microsoft Corporation.) [HKLM] -- KB2659262
O42 - Logiciel: Security Update for Windows XP (KB2661637) - (.Microsoft Corporation.) [HKLM] -- KB2661637
O42 - Logiciel: Security Update for Windows XP (KB2676562) - (.Microsoft Corporation.) [HKLM] -- KB2676562
O42 - Logiciel: Security Update for Windows XP (KB2686509) - (.Microsoft Corporation.) [HKLM] -- KB2686509
O42 - Logiciel: Security Update for Windows XP (KB2691442) - (.Microsoft Corporation.) [HKLM] -- KB2691442
O42 - Logiciel: Security Update for Windows XP (KB2698365) - (.Microsoft Corporation.) [HKLM] -- KB2698365
O42 - Logiciel: Security Update for Windows XP (KB2705219-v2) - (.Microsoft Corporation.) [HKLM] -- KB2705219-v2
O42 - Logiciel: Security Update for Windows XP (KB2712808) - (.Microsoft Corporation.) [HKLM] -- KB2712808
O42 - Logiciel: Security Update for Windows XP (KB2719985) - (.Microsoft Corporation.) [HKLM] -- KB2719985
O42 - Logiciel: Security Update for Windows XP (KB2723135-v2) - (.Microsoft Corporation.) [HKLM] -- KB2723135-v2
O42 - Logiciel: Security Update for Windows XP (KB2727528) - (.Microsoft Corporation.) [HKLM] -- KB2727528
O42 - Logiciel: Update for Windows XP (KB2749655) - (.Microsoft Corporation.) [HKLM] -- KB2749655
O42 - Logiciel: Security Update for Windows XP (KB2757638) - (.Microsoft Corporation.) [HKLM] -- KB2757638
O42 - Logiciel: Security Update for Windows XP (KB2758857) - (.Microsoft Corporation.) [HKLM] -- KB2758857
O42 - Logiciel: Security Update for Windows XP (KB2770660) - (.Microsoft Corporation.) [HKLM] -- KB2770660
O42 - Logiciel: Security Update for Windows XP (KB2780091) - (.Microsoft Corporation.) [HKLM] -- KB2780091
O42 - Logiciel: Security Update for Windows XP (KB2802968) - (.Microsoft Corporation.) [HKLM] -- KB2802968
O42 - Logiciel: Security Update for Windows Media Player (KB2803821-v2) - (.Microsoft Corporation.) [HKLM] -- KB2803821-v2_WM9
O42 - Logiciel: Security Update for Windows XP (KB2807986) - (.Microsoft Corporation.) [HKLM] -- KB2807986
O42 - Logiciel: Update for Windows XP (KB2808679) - (.Microsoft Corporation.) [HKLM] -- KB2808679
O42 - Logiciel: Security Update for Windows XP (KB2813345) - (.Microsoft Corporation.) [HKLM] -- KB2813345
O42 - Logiciel: Security Update for Windows XP (KB2820917) - (.Microsoft Corporation.) [HKLM] -- KB2820917
O42 - Logiciel: Security Update for Windows XP (KB2834886) - (.Microsoft Corporation.) [HKLM] -- KB2834886
O42 - Logiciel: Security Update for Windows Media Player (KB2834904-v2) - (.Microsoft Corporation.) [HKLM] -- KB2834904-v2_WM11
O42 - Logiciel: Security Update for Windows XP (KB2845187) - (.Microsoft Corporation.) [HKLM] -- KB2845187
O42 - Logiciel: Security Update for Windows XP (KB2847311) - (.Microsoft Corporation.) [HKLM] -- KB2847311
O42 - Logiciel: Security Update for Windows XP (KB2850869) - (.Microsoft Corporation.) [HKLM] -- KB2850869
O42 - Logiciel: Security Update for Windows XP (KB2859537) - (.Microsoft Corporation.) [HKLM] -- KB2859537
O42 - Logiciel: Security Update for Windows XP (KB2862152) - (.Microsoft Corporation.) [HKLM] -- KB2862152
O42 - Logiciel: Security Update for Windows XP (KB2862330) - (.Microsoft Corporation.) [HKLM] -- KB2862330
O42 - Logiciel: Security Update for Windows XP (KB2862335) - (.Microsoft Corporation.) [HKLM] -- KB2862335
O42 - Logiciel: Security Update for Windows XP (KB2864063) - (.Microsoft Corporation.) [HKLM] -- KB2864063
O42 - Logiciel: Security Update for Windows XP (KB2868038) - (.Microsoft Corporation.) [HKLM] -- KB2868038
O42 - Logiciel: Security Update for Windows XP (KB2868626) - (.Microsoft Corporation.) [HKLM] -- KB2868626
O42 - Logiciel: Security Update for Windows XP (KB2876217) - (.Microsoft Corporation.) [HKLM] -- KB2876217
O42 - Logiciel: Security Update for Windows XP (KB2876331) - (.Microsoft Corporation.) [HKLM] -- KB2876331
O42 - Logiciel: Security Update for Windows XP (KB2892075) - (.Microsoft Corporation.) [HKLM] -- KB2892075
O42 - Logiciel: Security Update for Windows XP (KB2893294) - (.Microsoft Corporation.) [HKLM] -- KB2893294
O42 - Logiciel: Security Update for Windows XP (KB2893984) - (.Microsoft Corporation.) [HKLM] -- KB2893984
O42 - Logiciel: Security Update for Windows XP (KB2898715) - (.Microsoft Corporation.) [HKLM] -- KB2898715
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2898785) - (.Microsoft Corporation.) [HKLM] -- KB2898785-IE8
O42 - Logiciel: Security Update for Windows XP (KB2900986) - (.Microsoft Corporation.) [HKLM] -- KB2900986
O42 - Logiciel: Update for Windows XP (KB2904266) - (.Microsoft Corporation.) [HKLM] -- KB2904266
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2909210) - (.Microsoft Corporation.) [HKLM] -- KB2909210-IE8
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2909921) - (.Microsoft Corporation.) [HKLM] -- KB2909921-IE8
O42 - Logiciel: Security Update for Windows XP (KB2914368) - (.Microsoft Corporation.) [HKLM] -- KB2914368
O42 - Logiciel: Security Update for Windows XP (KB2916036) - (.Microsoft Corporation.) [HKLM] -- KB2916036
O42 - Logiciel: Security Update for Windows XP (KB2922229) - (.Microsoft Corporation.) [HKLM] -- KB2922229
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2925418) - (.Microsoft Corporation.) [HKLM] -- KB2925418-IE8
O42 - Logiciel: Security Update for Windows XP (KB2929961) - (.Microsoft Corporation.) [HKLM] -- KB2929961
O42 - Logiciel: Security Update for Windows XP (KB2930275) - (.Microsoft Corporation.) [HKLM] -- KB2930275
O42 - Logiciel: Update for Windows XP (KB2934207) - (.Microsoft Corporation.) [HKLM] -- KB2934207
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2936068) - (.Microsoft Corporation.) [HKLM] -- KB2936068-IE8
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2964358) - (.Microsoft Corporation.) [HKLM] -- KB2964358-IE8
O42 - Logiciel: Update for Windows XP (KB898461) - (.Microsoft Corporation.) [HKLM] -- KB898461
O42 - Logiciel: Microsoft Base Smart Card Cryptographic Service Provider Package - (.Microsoft Corporation.) [HKLM] -- KB909520
O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4
O42 - Logiciel: Security Update for Windows XP (KB923561) - (.Microsoft Corporation.) [HKLM] -- KB923561
O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399
O42 - Logiciel: Hotfix for Windows Media Player 11 (KB939683) - (.Microsoft Corporation.) [HKLM] -- KB939683
O42 - Logiciel: Security Update for Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569
O42 - Logiciel: Hotfix for Windows XP (KB942288-v3) - (.Microsoft Corporation.) [HKLM] -- KB942288-v3
O42 - Logiciel: Security Update for Windows XP (KB946648) - (.Microsoft Corporation.) [HKLM] -- KB946648
O42 - Logiciel: Security Update for Windows XP (KB950762) - (.Microsoft Corporation.) [HKLM] -- KB950762
O42 - Logiciel: Security Update for Windows XP (KB950974) - (.Microsoft Corporation.) [HKLM] -- KB950974
O42 - Logiciel: Security Update for Windows XP (KB951376-v2) - (.Microsoft Corporation.) [HKLM] -- KB951376-v2
O42 - Logiciel: Update for Windows XP (KB951978) - (.Microsoft Corporation.) [HKLM] -- KB951978
O42 - Logiciel: Security Update for Windows XP (KB952004) - (.Microsoft Corporation.) [HKLM] -- KB952004
O42 - Logiciel: Security Update for Windows Media Player (KB952069) - (.Microsoft Corporation.) [HKLM] -- KB952069_WM9
O42 - Logiciel: Hotfix for Windows XP (KB952117-v2) - (.Microsoft Corporation.) [HKLM] -- KB952117-v2
O42 - Logiciel: Hotfix for Windows XP (KB952287) - (.Microsoft Corporation.) [HKLM] -- KB952287
O42 - Logiciel: Security Update for Windows XP (KB952954) - (.Microsoft Corporation.) [HKLM] -- KB952954
O42 - Logiciel: Security Update for Windows Media Player 11 (KB954154) - (.Microsoft Corporation.) [HKLM] -- KB954154_WM11
O42 - Logiciel: Security Update for Windows Media Player (KB954155) - (.Microsoft Corporation.) [HKLM] -- KB954155_WM9
O42 - Logiciel: Update for Windows XP (KB955759) - (.Microsoft Corporation.) [HKLM] -- KB955759
O42 - Logiciel: Security Update for Windows XP (KB956572) - (.Microsoft Corporation.) [HKLM] -- KB956572
O42 - Logiciel: Security Update for Windows XP (KB956844) - (.Microsoft Corporation.) [HKLM] -- KB956844
O42 - Logiciel: Hotfix for Windows XP (KB958756) - (.Microsoft Corporation.) [HKLM] -- KB958756
O42 - Logiciel: Security Update for Windows XP (KB959426) - (.Microsoft Corporation.) [HKLM] -- KB959426
O42 - Logiciel: Security Update for Windows XP (KB960803) - (.Microsoft Corporation.) [HKLM] -- KB960803
O42 - Logiciel: Security Update for Windows XP (KB960859) - (.Microsoft Corporation.) [HKLM] -- KB960859
O42 - Logiciel: Hotfix for Windows XP (KB961118) - (.Microsoft Corporation.) [HKLM] -- KB961118
O42 - Logiciel: Security Update for Windows Search 4 - KB963093 - (.Microsoft Corporation.) [HKLM] -- KB963093
O42 - Logiciel: Update for Windows XP (KB968389) - (.Microsoft Corporation.) [HKLM] -- KB968389
O42 - Logiciel: Windows Management Framework Core - (.Microsoft Corporation.) [HKLM] -- KB968930
O42 - Logiciel: Security Update for Windows XP (KB969059) - (.Microsoft Corporation.) [HKLM] -- KB969059
O42 - Logiciel: Security Update for Windows XP (KB970430) - (.Microsoft Corporation.) [HKLM] -- KB970430
O42 - Logiciel: Update for Windows XP (KB971029) - (.Microsoft Corporation.) [HKLM] -- KB971029
O42 - Logiciel: Security Update for Windows XP (KB971657) - (.Microsoft Corporation.) [HKLM] -- KB971657
O42 - Logiciel: Security Update for Windows XP (KB972270) - (.Microsoft Corporation.) [HKLM] -- KB972270
O42 - Logiciel: Security Update for Windows XP (KB973507) - (.Microsoft Corporation.) [HKLM] -- KB973507
O42 - Logiciel: Security Update for Windows Media Player (KB973540) - (.Microsoft Corporation.) [HKLM] -- KB973540_WM9
O42 - Logiciel: Update for Windows XP (KB973815) - (.Microsoft Corporation.) [HKLM] -- KB973815
O42 - Logiciel: Security Update for Windows XP (KB973869) - (.Microsoft Corporation.) [HKLM] -- KB973869
O42 - Logiciel: Security Update for Windows XP (KB973904) - (.Microsoft Corporation.) [HKLM] -- KB973904
O42 - Logiciel: Security Update for Windows XP (KB974112) - (.Microsoft Corporation.) [HKLM] -- KB974112
O42 - Logiciel: Security Update for Windows XP (KB974318) - (.Microsoft Corporation.) [HKLM] -- KB974318
O42 - Logiciel: Security Update for Windows XP (KB974392) - (.Microsoft Corporation.) [HKLM] -- KB974392
O42 - Logiciel: Security Update for Windows XP (KB974571) - (.Microsoft Corporation.) [HKLM] -- KB974571
O42 - Logiciel: Security Update for Windows XP (KB975025) - (.Microsoft Corporation.) [HKLM] -- KB975025
O42 - Logiciel: Security Update for Windows XP (KB975467) - (.Microsoft Corporation.) [HKLM] -- KB975467
O42 - Logiciel: Security Update for Windows Media Player (KB975558) - (.Microsoft Corporation.) [HKLM] -- KB975558_WM8
O42 - Logiciel: Security Update for Windows XP (KB975560) - (.Microsoft Corporation.) [HKLM] -- KB975560
O42 - Logiciel: Security Update for Windows XP (KB975713) - (.Microsoft Corporation.) [HKLM] -- KB975713
O42 - Logiciel: Security Update for Windows XP (KB977816) - (.Microsoft Corporation.) [HKLM] -- KB977816
O42 - Logiciel: Security Update for Windows XP (KB977914) - (.Microsoft Corporation.) [HKLM] -- KB977914
O42 - Logiciel: Security Update for Windows XP (KB978338) - (.Microsoft Corporation.) [HKLM] -- KB978338
O42 - Logiciel: Security Update for Windows XP (KB978542) - (.Microsoft Corporation.) [HKLM] -- KB978542
O42 - Logiciel: Security Update for Windows Media Player (KB978695) - (.Microsoft Corporation.) [HKLM] -- KB978695_WM9
O42 - Logiciel: Security Update for Windows XP (KB978706) - (.Microsoft Corporation.) [HKLM] -- KB978706
O42 - Logiciel: Security Update for Windows XP (KB979309) - (.Microsoft Corporation.) [HKLM] -- KB979309
O42 - Logiciel: Security Update for Windows XP (KB979482) - (.Microsoft Corporation.) [HKLM] -- KB979482
O42 - Logiciel: Security Update for Windows XP (KB979687) - (.Microsoft Corporation.) [HKLM] -- KB979687
O42 - Logiciel: Security Update for Windows XP (KB981997) - (.Microsoft Corporation.) [HKLM] -- KB981997
O42 - Logiciel: Security Update for Windows XP (KB982132) - (.Microsoft Corporation.) [HKLM] -- KB982132
O42 - Logiciel: Security Update for Windows XP (KB982665) - (.Microsoft Corporation.) [HKLM] -- KB982665
O42 - Logiciel: K-Lite Mega Codec Pack 4.9.0 - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Intel® Active Management Technology - (.Intel Corporation.) [HKLM] -- MESOL
O42 - Logiciel: Mozilla Firefox 38.0.5 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 38.0.5 (x86 en-US)
O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM] -- PDF Complete
O42 - Logiciel: Intel(R) Network Connections Drivers - (.Intel.) [HKLM] -- PROSet
O42 - Logiciel: VLC media player 0.9.8a - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009
O42 - Logiciel: webssearches uninstall - (.webssearches.) [HKLM] -- webssearches uninstall =>Hijacker.WebsSearches
O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp
O42 - Logiciel: Windows Media Format 11 runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Media Player 11 - (...) [HKLM] -- Windows Media Player
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11
O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11
O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000
O42 - Logiciel: MSXML 6.0 Parser (KB933579) - (.Microsoft Corporation.) [HKLM] -- {0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
O42 - Logiciel: Privacy Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}
O42 - Logiciel: Facebook Video Calling 3.1.0.521 - (.Skype Limited.) [HKLM] -- {2091F234-EB58-4B80-8C96-8EB78C808CF7}
O42 - Logiciel: HP ProtectTools Security Manager - (.Hewlett-Packard.) [HKLM] -- {22B40D6A-4F41-4AA5-934B-41796A9DFCC3}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
O42 - Logiciel: Skype™ 7.6 - (.Skype Technologies S.A..) [HKLM] -- {24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {3611CA6C-5FCA-4900-A329-6A118123CCFC}
O42 - Logiciel: HP Officejet Pro 8600 Help - (.Hewlett Packard.) [HKLM] -- {46235FF7-2CBE-4A84-BEDA-87348D1F7850}
O42 - Logiciel: Device Access Manager for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {55B52830-024A-443E-AF61-61E1E71AFA1B}
O42 - Logiciel: LG United Mobile Drivers - (.LG Electronics.) [HKLM] -- {5DB849D6-9392-4FB7-9ABB-87ED433152E5}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -- {5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: TypeC2550 TWAIN Driver Ver.4 - (...) [HKLM] -- {61777C41-766B-4C45-82D8-EE72917658F1}
O42 - Logiciel: File Sanitizer For HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: HPSSupply - (.Hewlett Packard Development Company L.P..) [HKLM] -- {7902E313-FF0F-4493-ACB1-A8147B78DCD0}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: HP Officejet Pro 8600 Product Improvement Study - (.Hewlett-Packard Co..) [HKLM] -- {79ACC31A-87EA-472A-853E-5AC6A97CE569}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}
O42 - Logiciel: Facebook Video Calling 2.0.0.447 - (.Skype Limited.) [HKLM] -- {8DF41A9F-FE13-43E8-A003-5F9B55A011EE}
O42 - Logiciel: Product Improvement Study for HP Officejet Pro 8620 - (.Hewlett-Packard Co..) [HKLM] -- {8E08E6F4-AC4A-448C-BA4D-0FB93DE57BC2}
O42 - Logiciel: HP Officejet Pro 8600 Basic Device Software - (.Hewlett-Packard Co..) [HKLM] -- {8EAB4100-B343-41AE-A880-418746998209}
O42 - Logiciel: Kaspersky Anti-Virus 6.0 for Windows Workstations - (.Kaspersky Lab.) [HKLM] -- {8F023021-A7EB-45D3-9269-D65264C81729}
O42 - Logiciel: Compatibility Pack for the 2007 Office system - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-0409-0000-0000000FF1CE}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {912D30CF-F39E-4B31-AD9A-123C6B794EE2}
O42 - Logiciel: HPDiagnosticCoreDll - (.Hewlett Packard.) [HKLM] -- {9262B08F-E183-4FED-A2BD-23FF1A84EB79}
O42 - Logiciel: HP Support Solutions Framework - (.Hewlett-Packard Company.) [HKLM] -- {96D12EC9-720B-45FB-904C-36D6307A1C76}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
O42 - Logiciel: MrvlUsgTracking - (.Marvell.) [HKLM] -- {A82D052A-0806-42DF-80CD-1730A1AC0ED3}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HP Help and Support - (.HPQ.) [HKLM] -- {A93C4E94-1005-489D-BEAA-B873C1AA6CFC}
O42 - Logiciel: Adobe Reader XI (11.0.08) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001}
O42 - Logiciel: Apple Application Support (32-bit) - (.Apple Inc..) [HKLM] -- {AFA1153A-F547-409B-B837-3A0D6C5A3FEC}
O42 - Logiciel: Kaspersky Security Center Network Agent - (.Kaspersky Lab.) [HKLM] -- {BCF4CF24-88AB-45E1-A6E6-40C8278A70C5}
O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
O42 - Logiciel: I.R.I.S. OCR - (.HP.) [HKLM] -- {CA6BCA2F-EDEB-408F-850B-31404BE16A61}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {CE1F04C7-79BC-4219-BE6A-BA490224D4B5}
O42 - Logiciel: DeskTopBinder Lite - (.Ricoh.) [HKLM] -- {DD30D7C5-DD1A-46E7-9CA6-03CF6A398990}
O42 - Logiciel: Brother P-touch Editor 5.0 - (.Brother Industries, Ltd..) [HKLM] -- {DF9A6075-9308-4572-8932-A4316243C4D9}
O42 - Logiciel: Brother PT-9800PCN Software User's Guide - (.Brother Industries, Ltd..) [HKLM] -- {E0A2ECAA-56B2-475D-9DB3-BBF03CB675F9}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {E1DB0812-2D60-43DB-AE09-6C7027D93B28}
O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Java Card Security for HP ProtectTools - (.Hewlett-Packard.) [HKLM] -- {F4477CC0-7293-414A-93BC-20EE897A80F0}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Marketsplash Shortcuts - (.Hewlett-Packard.) [HKLM] -- {FB0C267C-8B4F-4867-8161-A6A3B66D42C1}
O42 - Logiciel: Winamp Detector Plug-in - (.Nullsoft, Inc.) [HKCU] -- Winamp Detect

---\\ HKCU & HKLM Software Keys (162) - 17s
HKLM\SOFTWARE\781
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Altiris
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\AVG
HKLM\SOFTWARE\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKLM\SOFTWARE\Baidu Security
HKLM\SOFTWARE\Baidu_Drp_pos
HKLM\SOFTWARE\BearShare =>PUP.BearShare
HKLM\SOFTWARE\Brother Industries, Ltd.
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\Codec Tweak Tool
HKLM\SOFTWARE\Corel
HKLM\SOFTWARE\Creative Tech
HKLM\SOFTWARE\DataMngr =>PUP.Datamngr
HKLM\SOFTWARE\Debug
HKLM\SOFTWARE\DigitalPersona
HKLM\SOFTWARE\EA Games
HKLM\SOFTWARE\fslrdr
HKLM\SOFTWARE\Gabest
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Global IP Solutions
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\HP
HKLM\SOFTWARE\HPQ
HKLM\SOFTWARE\IHProtect =>Adware.AgentODR
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\IN Wallpaper ProjectTool
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\InterVideo
HKLM\SOFTWARE\istartsurfSoftware =>PUP.IsStart
HKLM\SOFTWARE\KasperskyLab
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\Lake
HKLM\SOFTWARE\LG Electronics
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Maxiget
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\mcafeeupdater
HKLM\SOFTWARE\MimarSinan
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\MusicNet
HKLM\SOFTWARE\Nalpeiron
HKLM\SOFTWARE\Nitro
HKLM\SOFTWARE\Nullsoft
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\PDFComplete
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\RICOH
HKLM\SOFTWARE\Ricoh Co.,Ltd.
HKLM\SOFTWARE\S3R521
HKLM\SOFTWARE\SafeBoot International
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\SiteSee
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\SupDp =>Adware.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Fuyu
HKLM\SOFTWARE\TeamViewer
HKLM\SOFTWARE\Torch =>PUP.Torch
HKLM\SOFTWARE\TrendMicro
HKLM\SOFTWARE\TuneUp
HKLM\SOFTWARE\Universal
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\webssearchesSoftware =>Hijacker.WebsSearches
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Xing Technology Corp.
HKLM\SOFTWARE\Yahoo
HKLM\SOFTWARE\YourFileDownloader =>PUP.YourFileDownloader
HKCU\SOFTWARE\3rd Eye Solutions
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Affinix
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\Aurigma
HKCU\SOFTWARE\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
HKCU\SOFTWARE\Avg Secure Update
HKCU\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKCU\SOFTWARE\Baidu
HKCU\SOFTWARE\Baidu Security
HKCU\SOFTWARE\BearShareMediabarTb =>PUP.BearShare
HKCU\SOFTWARE\Brother Industries, Ltd.
HKCU\SOFTWARE\BugSplat
HKCU\SOFTWARE\Conduit =>PUP.Conduit
HKCU\SOFTWARE\Datamngr =>PUP.Datamngr
HKCU\SOFTWARE\DigitalPersona
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\Ela-Salaty
HKCU\SOFTWARE\Facebook
HKCU\SOFTWARE\FileOpen
HKCU\SOFTWARE\fTalk
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\i-FunBox.com
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\InterVideo
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\Joshua F. Madison
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\kde.org
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Macrovision
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Massive Media
HKCU\SOFTWARE\Maxiget
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Monitored
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NITRO
HKCU\SOFTWARE\Nitro PDF
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\PC App Store
HKCU\SOFTWARE\PDFComplete
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RICOH
HKCU\SOFTWARE\settings
HKCU\SOFTWARE\Sierra On-Line
HKCU\SOFTWARE\Skyhook Wireless
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SkypeRS
HKCU\SOFTWARE\Softonic =>PUP.Softonic
HKCU\SOFTWARE\Somoto =>Adware.MegaSearch
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\TeamViewer
HKCU\SOFTWARE\Torch =>PUP.Torch
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Xenocode
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\YourFileDownloader =>PUP.YourFileDownloader
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\RealNetworks

---\\ Contents of the Common Files folders (O43) (224) - 8s
O43 - CFD: 2014/05/09 22:47:14 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/03/14 13:40:18 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 2015/01/08 21:04:52 - [] D -- C:\Program Files\Baidu Security
O43 - CFD: 2015/05/28 23:24:13 - [] D -- C:\Program Files\Bonjour
O43 - CFD: 2013/12/13 14:26:44 - [] D -- C:\Program Files\Brother
O43 - CFD: 2015/07/04 13:54:32 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2010/07/07 17:50:03 - [] D -- C:\Program Files\Compaq
O43 - CFD: 2010/07/07 17:30:53 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 2014/12/14 20:28:26 - [] D -- C:\Program Files\Conduit
O43 - CFD: 2015/03/31 04:21:13 - [] D -- C:\Program Files\Ela-Salaty
O43 - CFD: 2013/12/16 08:51:33 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/05/20 00:48:17 - [0] D -- C:\Program Files\GUMB6BE.tmp
O43 - CFD: 2015/03/21 13:47:35 - [] D -- C:\Program Files\Hewlett-Packard
O43 - CFD: 2015/04/07 20:35:27 - [] D -- C:\Program Files\HP
O43 - CFD: 2010/07/07 17:47:22 - [] D -- C:\Program Files\HPQ
O43 - CFD: 2014/07/28 15:49:35 - [] D -- C:\Program Files\i-Funbox DevTeam
O43 - CFD: 2014/05/30 19:19:56 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2010/07/07 17:44:54 - [] D -- C:\Program Files\Intel
O43 - CFD: 2014/04/21 11:49:07 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2014/09/22 11:40:24 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2010/07/07 17:46:41 - [] D -- C:\Program Files\InterVideo
O43 - CFD: 2015/05/28 23:28:50 - [] D -- C:\Program Files\iPod
O43 - CFD: 2015/05/28 23:29:34 - [] D -- C:\Program Files\iTunes
O43 - CFD: 2014/09/22 19:41:51 - [] D -- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 2014/12/30 14:06:12 - [] D -- C:\Program Files\Kaspersky Lab
O43 - CFD: 2015/01/15 01:06:21 - [] D -- C:\Program Files\LG Electronics
O43 - CFD: 2014/09/08 08:43:17 - [] D -- C:\Program Files\Maxiget
O43 - CFD: 2015/03/02 14:50:34 - [] D -- C:\Program Files\McAfee Security Scan
O43 - CFD: 2013/12/14 17:45:08 - [] D -- C:\Program Files\Messenger
O43 - CFD: 2015/04/07 20:36:15 - [] D -- C:\Program Files\Microsoft
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 2014/01/04 14:00:43 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 2015/01/12 15:23:26 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2010/07/07 17:51:09 - [] D -- C:\Program Files\Microsoft Sync Framework
O43 - CFD: 2014/01/04 14:00:36 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 2014/01/04 13:57:28 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 2014/01/04 14:00:56 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 2014/01/04 14:00:04 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2013/12/14 17:14:16 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 2015/06/03 19:31:50 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/06/05 07:48:15 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2010/07/07 17:39:14 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 2010/07/08 09:54:03 - [] D -- C:\Program Files\MSECache
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\MSN
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 2013/12/14 17:09:40 - [0] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 2010/07/07 17:39:55 - [] D -- C:\Program Files\MSXML 6.0
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 2010/07/07 08:05:32 - [] RD -- C:\Program Files\Online Services
O43 - CFD: 2013/12/14 17:14:34 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 2014/10/23 16:31:22 - [0] D -- C:\Program Files\PC App Store
O43 - CFD: 2014/05/30 19:19:13 - [] D -- C:\Program Files\PC Camera
O43 - CFD: 2010/07/07 17:49:28 - [] D -- C:\Program Files\PDF Complete
O43 - CFD: 2010/07/07 18:04:04 - [] D -- C:\Program Files\Program Shortcuts
O43 - CFD: 2014/12/20 00:43:07 - [] D -- C:\Program Files\RDS
O43 - CFD: 2015/05/25 01:22:51 - [] D -- C:\Program Files\Real
O43 - CFD: 2010/07/07 17:45:08 - [] D -- C:\Program Files\Realtek
O43 - CFD: 2010/07/07 17:39:05 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 2015/07/04 03:49:27 - [] RD -- C:\Program Files\Skype
O43 - CFD: 2014/12/29 11:46:37 - [] D -- C:\Program Files\TeamViewer
O43 - CFD: 2010/07/07 17:30:54 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2010/07/08 09:56:51 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 2014/04/11 02:19:21 - [] D -- C:\Program Files\Winamp
O43 - CFD: 2014/04/11 02:19:07 - [] D -- C:\Program Files\Winamp Detect
O43 - CFD: 2014/10/23 16:31:21 - [] D -- C:\Program Files\Windows Desktop Search
O43 - CFD: 2010/07/07 17:51:42 - [] D -- C:\Program Files\Windows Live
O43 - CFD: 2014/08/04 07:52:08 - [] D -- C:\Program Files\Windows Media Connect 2
O43 - CFD: 2014/08/04 11:24:00 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2010/07/07 17:30:54 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2010/07/07 08:05:28 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 2010/07/07 17:30:54 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 2015/03/31 03:11:10 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2010/07/07 17:30:54 - [] D -- C:\Program Files\xerox
O43 - CFD: 2014/12/15 10:04:22 - [] D -- C:\Program Files\Yahoo!
O43 - CFD: 2014/07/01 07:55:14 - [] D -- C:\Program Files\ãÕÍÝ ÇáãÏíäÉ ÇáäÈæíÉ
O43 - CFD: 2014/09/22 11:39:15 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
O43 - CFD: 2014/09/22 11:36:01 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
O43 - CFD: 2013/12/13 14:26:48 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Brother P-touch
O43 - CFD: 2014/05/11 17:55:43 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\DeskTopBinder
O43 - CFD: 2014/12/17 23:25:52 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Firefox - HP Virtual Browser Edition
O43 - CFD: 2010/07/07 17:30:53 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
O43 - CFD: 2014/05/10 19:51:50 - [0] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/04/07 20:35:46 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\HP
O43 - CFD: 2010/07/07 17:44:54 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Intel(R) Management and Security
O43 - CFD: 2010/07/07 17:47:01 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\InterVideo WinDVD
O43 - CFD: 2015/05/28 23:29:42 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
O43 - CFD: 2010/07/08 09:45:52 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2010/07/08 09:56:08 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4
O43 - CFD: 2015/03/02 14:50:38 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee Security Scan Plus
O43 - CFD: 2014/01/04 14:02:26 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
O43 - CFD: 2014/05/30 19:19:14 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PC Camera
O43 - CFD: 2010/07/07 17:49:31 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PDF Complete
O43 - CFD: 2015/01/25 01:49:26 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
O43 - CFD: 2015/03/21 14:41:58 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
O43 - CFD: 2013/12/13 13:42:20 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\TypeC2550 TWAIN V4
O43 - CFD: 2010/07/08 09:57:00 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
O43 - CFD: 2014/04/11 02:19:07 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Winamp
O43 - CFD: 2015/03/16 15:11:37 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
O43 - CFD: 2014/10/17 17:49:52 - [] D -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 2014/04/30 20:31:41 - [] D -- C:\Documents and Settings\All Users\Application Data\29CB
O43 - CFD: 2014/04/30 17:47:58 - [] D -- C:\Documents and Settings\All Users\Application Data\3A35B
O43 - CFD: 2014/05/12 18:46:19 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 2015/03/14 13:38:47 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 2015/05/28 23:28:45 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 2015/02/25 19:12:35 - [] D -- C:\Documents and Settings\All Users\Application Data\Avg_Update_0215tb
O43 - CFD: 2014/09/04 10:48:31 - [] D -- C:\Documents and Settings\All Users\Application Data\Avg_Update_0814tb
O43 - CFD: 2014/12/09 20:45:38 - [] D -- C:\Documents and Settings\All Users\Application Data\Avg_Update_1214tb
O43 - CFD: 2015/05/28 23:29:34 - [] D -- C:\Documents and Settings\All Users\Application Data\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
O43 - CFD: 2014/05/03 14:32:11 - [] D -- C:\Documents and Settings\All Users\Application Data\B290
O43 - CFD: 2014/12/27 09:32:56 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu
O43 - CFD: 2015/01/08 21:04:56 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu Security
O43 - CFD: 2010/07/07 17:46:56 - [] D -- C:\Documents and Settings\All Users\Application Data\Corel
O43 - CFD: 2015/06/13 12:21:58 - [] D -- C:\Documents and Settings\All Users\Application Data\DatacardService
O43 - CFD: 2014/10/24 05:00:53 - [] D -- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3
O43 - CFD: 2014/05/24 18:35:17 - [] D -- C:\Documents and Settings\All Users\Application Data\FileOpen
O43 - CFD: 2013/12/13 13:59:26 - [] D -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
O43 - CFD: 2015/04/07 20:35:30 - [] D -- C:\Documents and Settings\All Users\Application Data\HP
O43 - CFD: 2013/12/13 13:29:46 - [0] D -- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
O43 - CFD: 2014/04/11 02:21:35 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 2015/07/04 14:02:22 - [] D -- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
O43 - CFD: 2014/12/30 14:06:22 - [] D -- C:\Documents and Settings\All Users\Application Data\KasperskyLab
O43 - CFD: 2014/04/22 05:19:10 - [0] D -- C:\Documents and Settings\All Users\Application Data\Log
O43 - CFD: 2010/07/07 17:49:46 - [] D -- C:\Documents and Settings\All Users\Application Data\Macrovision
O43 - CFD: 2015/03/02 10:41:33 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 2015/03/02 14:50:36 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
O43 - CFD: 2015/04/07 20:37:06 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 2014/10/09 19:20:04 - [] D -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 2014/04/11 02:17:43 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 2015/06/30 00:33:07 - [] D -- C:\Documents and Settings\All Users\Application Data\PDFC
O43 - CFD: 2015/05/25 01:22:41 - [] D -- C:\Documents and Settings\All Users\Application Data\Real
O43 - CFD: 2015/07/04 03:49:39 - [] D -- C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 2014/10/24 07:52:02 - [] D -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
O43 - CFD: 2014/04/30 20:32:19 - [] D -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
O43 - CFD: 2014/12/15 10:04:22 - [] D -- C:\Documents and Settings\All Users\Application Data\Yahoo!
O43 - CFD: 2014/05/21 20:00:35 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2015/05/28 23:28:48 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 2013/12/13 14:25:38 - [] D -- C:\Program Files\Common Files\Brother
O43 - CFD: 2014/12/30 14:06:15 - [] D -- C:\Program Files\Common Files\Cisco Systems
O43 - CFD: 2014/01/04 14:00:36 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 2010/07/07 17:53:17 - [] D -- C:\Program Files\Common Files\DigitalPersona
O43 - CFD: 2014/05/30 19:18:55 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2010/07/07 17:44:53 - [] D -- C:\Program Files\Common Files\Intel
O43 - CFD: 2010/07/07 17:46:41 - [] D -- C:\Program Files\Common Files\InterVideo
O43 - CFD: 2015/01/12 15:22:32 - [] D -- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\Common Files\MSSoap
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\Common Files\ODBC
O43 - CFD: 2014/05/30 19:19:13 - [] D -- C:\Program Files\Common Files\PCCamera
O43 - CFD: 2010/07/07 17:44:54 - [] D -- C:\Program Files\Common Files\postureAgent
O43 - CFD: 2010/07/07 17:46:41 - [] D -- C:\Program Files\Common Files\Protexis
O43 - CFD: 2013/12/13 15:21:18 - [] D -- C:\Program Files\Common Files\Rdh Shared2
O43 - CFD: 2013/12/13 15:21:23 - [] D -- C:\Program Files\Common Files\RDPrint
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2015/01/25 01:49:24 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2010/07/07 17:53:18 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2010/07/07 17:50:38 - [] D -- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2014/05/09 22:58:19 - [] D -- C:\Documents and Settings\standard\Application Data\Adobe
O43 - CFD: 2014/09/24 16:45:46 - [] D -- C:\Documents and Settings\standard\Application Data\Apple Computer
O43 - CFD: 2014/12/15 00:13:55 - [0] D -- C:\Documents and Settings\standard\Application Data\baidu
O43 - CFD: 2015/01/08 21:04:50 - [] D -- C:\Documents and Settings\standard\Application Data\Baidu Security
O43 - CFD: 2014/12/14 20:39:13 - [0] D -- C:\Documents and Settings\standard\Application Data\BandExtend
O43 - CFD: 2014/05/03 13:46:45 - [] D -- C:\Documents and Settings\standard\Application Data\Brother
O43 - CFD: 2010/07/08 09:42:18 - [] D -- C:\Documents and Settings\standard\Application Data\DigitalPersona
O43 - CFD: 2014/04/21 04:11:03 - [] D -- C:\Documents and Settings\standard\Application Data\DMCache
O43 - CFD: 2014/12/05 19:29:36 - [] D -- C:\Documents and Settings\standard\Application Data\Downloaded Installations
O43 - CFD: 2015/03/16 15:38:10 - [] D -- C:\Documents and Settings\standard\Application Data\dvdcss
O43 - CFD: 2015/05/13 21:53:12 - [0] D -- C:\Documents and Settings\standard\Application Data\EncryptStick
O43 - CFD: 2014/05/24 18:35:17 - [] D -- C:\Documents and Settings\standard\Application Data\FileOpen
O43 - CFD: 2014/12/20 00:43:07 - [0] D -- C:\Documents and Settings\standard\Application Data\Help
O43 - CFD: 2010/07/07 17:53:00 - [0] D -- C:\Documents and Settings\standard\Application Data\Hewlett-Packard
O43 - CFD: 2010/07/07 17:49:44 - [] D -- C:\Documents and Settings\standard\Application Data\hpqLog
O43 - CFD: 2015/01/12 15:19:08 - [0] D -- C:\Documents and Settings\standard\Application Data\HpUpdate
O43 - CFD: 2010/07/07 17:30:53 - [] D -- C:\Documents and Settings\standard\Application Data\Identities
O43 - CFD: 2014/04/21 08:01:15 - [] D -- C:\Documents and Settings\standard\Application Data\IDM
O43 - CFD: 2014/07/28 15:46:50 - [] D -- C:\Documents and Settings\standard\Application Data\iFunbox_UserCache
O43 - CFD: 2013/12/13 13:21:01 - [] D -- C:\Documents and Settings\standard\Application Data\Macromedia
O43 - CFD: 2015/01/05 13:53:05 - [] D -- C:\Documents and Settings\standard\Application Data\Media Player Classic
O43 - CFD: 2014/12/02 20:52:29 - [] SD -- C:\Documents and Settings\standard\Application Data\Microsoft
O43 - CFD: 2014/12/10 22:30:48 - [] D -- C:\Documents and Settings\standard\Application Data\Mozilla
O43 - CFD: 2014/12/05 19:57:24 - [] D -- C:\Documents and Settings\standard\Application Data\Nitro
O43 - CFD: 2014/11/22 23:02:03 - [] D -- C:\Documents and Settings\standard\Application Data\Nitro PDF
O43 - CFD: 2014/10/23 16:26:20 - [] D -- C:\Documents and Settings\standard\Application Data\PC App Store
O43 - CFD: 2015/05/25 01:22:58 - [] D -- C:\Documents and Settings\standard\Application Data\Real
O43 - CFD: 2014/04/29 07:23:37 - [] D -- C:\Documents and Settings\standard\Application Data\rmi
O43 - CFD: 2015/07/04 14:12:07 - [] D -- C:\Documents and Settings\standard\Application Data\Skype
O43 - CFD: 2010/07/08 09:44:28 - [] D -- C:\Documents and Settings\standard\Application Data\U3
O43 - CFD: 2010/07/08 09:57:07 - [] D -- C:\Documents and Settings\standard\Application Data\vlc
O43 - CFD: 2014/12/19 21:40:47 - [] D -- C:\Documents and Settings\standard\Application Data\Winamp
O43 - CFD: 2014/09/22 14:15:38 - [] D -- C:\Documents and Settings\standard\Application Data\Windows Search
O43 - CFD: 2013/12/20 05:12:32 - [] D -- C:\Documents and Settings\standard\Application Data\WinRAR
O43 - CFD: 2014/05/11 17:49:05 - [] D -- C:\Documents and Settings\standard\Application Data\Yahoo!
O43 - CFD: 2014/05/07 15:57:27 - [0] D -- C:\Documents and Settings\standard\Application Data\YahooCouponAddOn
O43 - CFD: 2015/07/04 16:36:19 - [] D -- C:\Documents and Settings\standard\Application Data\ZHP
O43 - CFD: 2015/03/02 10:20:11 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Adobe
O43 - CFD: 2014/05/01 08:15:23 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Apple
O43 - CFD: 2014/09/22 09:01:27 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Apple Computer
O43 - CFD: 2014/09/27 23:00:07 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 2014/09/08 09:48:07 - [0] D -- C:\Documents and Settings\standard\Local Settings\Application Data\cache
O43 - CFD: 2013/12/16 08:45:26 - [0] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Deployment
O43 - CFD: 2010/07/08 09:42:18 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\DigitalPersona
O43 - CFD: 2015/01/03 08:46:19 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 2015/03/27 23:43:18 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Facebook
O43 - CFD: 2013/12/16 08:51:46 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Google
O43 - CFD: 2014/12/20 00:43:07 - [0] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Help
O43 - CFD: 2015/04/08 11:26:57 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\HP
O43 - CFD: 2014/09/22 11:38:10 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Identities
O43 - CFD: 2014/05/09 14:22:50 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Massive Media
O43 - CFD: 2014/09/08 08:43:16 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Maxiget
O43 - CFD: 2015/04/10 16:27:21 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Microsoft
O43 - CFD: 2014/01/04 13:56:26 - [0] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Microsoft Help
O43 - CFD: 2014/04/11 02:17:50 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Mozilla
O43 - CFD: 2015/06/29 21:37:28 - [0] D -- C:\Documents and Settings\standard\Local Settings\Application Data\PDFC
O43 - CFD: 2010/07/08 09:45:47 - [0] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Real
O43 - CFD: 2014/04/29 07:32:10 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Skype
O43 - CFD: 2015/04/15 07:34:53 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Temp
O43 - CFD: 2014/05/08 03:57:50 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\visi_coupon
O43 - CFD: 2014/07/05 16:45:26 - [] D -- C:\Documents and Settings\standard\Local Settings\Application Data\Western Digital
O43 - CFD: 2015/06/17 17:02:42 - [] RD -- C:\Documents and Settings\standard\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/17 17:02:42 - [] RD -- C:\Documents and Settings\standard\Start Menu\Programs\Startup
O43 - CFD: 2015/06/17 17:02:42 - [] D -- C:\Documents and Settings\standard\Start Menu\Programs\Winamp Detector Plug-in
O43 - CFD: 2015/06/17 17:02:42 - [] D -- C:\Documents and Settings\standard\Start Menu\Programs\WinRAR
O43 - CFD: 2010/07/07 17:43:01 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 2015/01/07 07:34:11 - [] D -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Baidu PC Faster
O43 - CFD: 2010/07/07 17:30:53 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup

---\\ System Drivers List (SDL) (O58) (79) - 5s
O58 - SDL:2001/08/17 17:20:04 A . (.Intel Corporation - Intel(r) Integrated Controller Hub Audio Dr.) -- C:\WINDOWS\System32\drivers\ac97intc.sys [96256]
O58 - SDL:2002/05/09 04:44:42 A . (.Adaptec, Inc. - Adaptec WinXP Ultra320 Driver.) -- C:\WINDOWS\System32\drivers\adpu320.sys [105472]
O58 - SDL:2014/03/11 05:14:02 A . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\WINDOWS\System32\drivers\Bhbase.sys [47456]
O58 - SDL:2011/03/04 21:44:12 N . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [9072]
O58 - SDL:2011/03/04 21:44:12 N . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [9200]
O58 - SDL:2008/04/14 11:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528]
O58 - SDL:2008/04/14 11:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776]
O58 - SDL:2009/10/21 22:37:52 A . (.Hewlett-Packard Development Company L.P. - HP Device Access Manager for ProtectTools D.) -- C:\WINDOWS\System32\drivers\DAMDrv.sys [32312]
O58 - SDL:2008/04/14 11:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [799744]
O58 - SDL:2008/04/14 11:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153344]
O58 - SDL:2008/04/14 11:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888]
O58 - SDL:2001/08/17 17:12:10 A . (.Intel Corporation - NDIS 5 driver.) -- C:\WINDOWS\System32\drivers\e100b325.sys [117760]
O58 - SDL:2009/10/02 01:11:12 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 5.x driver.) -- C:\WINDOWS\System32\drivers\e1k5132.sys [160424]
O58 - SDL:2012/10/03 16:14:58 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\WINDOWS\System32\drivers\GEARAspiWDM.sys [26840]
O58 - SDL:2008/04/14 11:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2009/07/24 21:30:11 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECI.sys [40832]
O58 - SDL:2008/04/14 03:04:28 A . (.Intel(R) Corporation - Miniport Driver for Intel Graphics Driver.) -- C:\WINDOWS\System32\drivers\i81xnt5.sys [161020]
O58 - SDL:2009/06/05 04:43:16 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\System32\drivers\iaStor.sys [330264]
O58 - SDL:2007/12/18 19:46:34 A . (.Infineon Technologies AG - Infineon Trusted Platform Module.) -- C:\WINDOWS\System32\drivers\ifxtpm.sys [44800]
O58 - SDL:2009/08/14 21:03:00 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\igxpmp32.sys [6317216]
O58 - SDL:2005/09/21 05:27:20 A . (.InterVideo, Inc. - InterVideo ASPI Shell.) -- C:\WINDOWS\System32\drivers\iviaspi.sys [10368]
O58 - SDL:2009/09/01 14:29:50 A . (.Kaspersky Lab - Kaspersky Unified Driver.) -- C:\WINDOWS\System32\drivers\kl1.sys [128016]
O58 - SDL:2009/09/03 15:24:40 A . (.Kaspersky Lab - KLFLTDEV Pnp device filterfre_wxp_x86.) -- C:\WINDOWS\System32\drivers\klfltdev.sys [24848]
O58 - SDL:2010/07/08 09:55:48 A . (.Kaspersky Lab - Klif Mini-Filter [fre_wnet_x86].) -- C:\WINDOWS\System32\drivers\klif.sys [223760]
O58 - SDL:2009/09/14 13:42:46 A . (.Kaspersky Lab - Kaspersky Lab Intermediate Network Driver.) -- C:\WINDOWS\System32\drivers\klim5.sys [32272]
O58 - SDL:2013/08/06 15:13:30 A . (.Apple Inc. - Apple Mobile Device Ethernet.) -- C:\WINDOWS\System32\drivers\netaapl.sys [18944]
O58 - SDL:2008/04/14 11:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032]
O58 - SDL:2004/07/29 20:14:22 A . (.Creative Technology Ltd. - Video streaming and Capture Device Driver.) -- C:\WINDOWS\System32\drivers\P0620Vid.sys [91577]
O58 - SDL:2005/04/08 10:46:18 A . (...) -- C:\WINDOWS\System32\drivers\PFC027.sys [162176]
O58 - SDL:2008/04/14 11:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792]
O58 - SDL:2011/03/04 21:44:14 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [45648]
O58 - SDL:2007/04/18 05:09:28 A . (.InterVideo - regi driver.) -- C:\WINDOWS\System32\drivers\regi.sys [11032]
O58 - SDL:2008/04/14 11:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032]
O58 - SDL:2008/04/14 11:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032]
O58 - SDL:2010/01/26 19:33:42 A . (.McAfee, Inc. - McAfee Endpoint Encryption Reserved Files L.) -- C:\WINDOWS\System32\drivers\rsvlock.sys [40088]
O58 - SDL:2009/07/03 03:24:28 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys [5788160]
O58 - SDL:2010/01/26 19:33:40 A . (...) -- C:\WINDOWS\System32\drivers\SafeBoot.sys [110520]
O58 - SDL:2010/01/26 19:33:58 A . (.McAfee, Inc. - SafeBoot FIPS AES Algorithm (256 bit).) -- C:\WINDOWS\System32\drivers\SbAlg.sys [51800]
O58 - SDL:2010/01/26 19:33:44 A . (.McAfee, Inc. - McAfee Endpoint Encryption FS Locker.) -- C:\WINDOWS\System32\drivers\SbFsLock.sys [13256]
O58 - SDL:2010/01/26 19:33:50 A . (.McAfee, Inc. - McAfee Endpoint Encryption Hibernation Filt.) -- C:\WINDOWS\System32\drivers\SbHiber.sys [11224]
O58 - SDL:2008/04/14 11:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480]
O58 - SDL:2001/08/18 02:07:34 A . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\symc810.sys [16256]
O58 - SDL:2001/08/18 02:07:36 A . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\symc8xx.sys [32640]
O58 - SDL:2002/04/04 16:32:06 RA . (.LSI Logic - LSI Logic Fusion-MPT MiniPort Driver.) -- C:\WINDOWS\System32\drivers\symmpi.sys [28416]
O58 - SDL:2001/08/18 02:07:40 A . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\sym_hi.sys [28384]
O58 - SDL:2001/08/18 02:07:42 A . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\System32\drivers\sym_u3.sys [30688]
O58 - SDL:2008/04/14 11:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376]
O58 - SDL:2014/07/28 14:52:00 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\System32\drivers\usbaapl.sys [45056]
O58 - SDL:2008/04/14 11:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112]
O58 - SDL:2008/04/14 03:04:28 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wADV01nt.sys [12415]
O58 - SDL:2008/04/14 03:04:28 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wADV02NT.sys [12127]
O58 - SDL:2008/04/14 03:04:28 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wADV05NT.sys [11775]
O58 - SDL:2008/04/14 03:04:28 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wADV07nt.sys [11807]
O58 - SDL:2008/04/14 03:04:28 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wADV08NT.sys [11295]
O58 - SDL:2008/04/14 03:04:28 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wADV09NT.sys [11871]
O58 - SDL:2008/04/14 03:04:30 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wADV11nt.sys [11935]
O58 - SDL:2008/04/14 03:04:30 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wATV01nt.sys [29311]
O58 - SDL:2008/04/14 03:04:30 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wATV02NT.sys [19551]
O58 - SDL:2008/04/14 03:04:30 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wATV04nt.sys [33599]
O58 - SDL:2008/04/14 03:04:30 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wATV06nt.sys [22271]
O58 - SDL:2008/04/14 03:04:30 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wATV10nt.sys [25471]
O58 - SDL:2008/04/14 03:04:30 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wCh7xxNT.sys [23615]
O58 - SDL:2008/04/14 03:04:32 A . (.Intel(R) Corporation - Digital Display Minidriver for Intel(R) Gra.) -- C:\WINDOWS\System32\drivers\wSiINTxx.sys [12063]
O58 - SDL:2008/04/14 03:04:34 A . (.Intel(R) Corporation - Local Flat Panel Display Minidriver for Int.) -- C:\WINDOWS\System32\drivers\wVchNTxx.sys [19455]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9029]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4768]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27866]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33840]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 11:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]

---\\ Last modified or created user files (O61) (2) - 173s
O61 - LFC: 2015/07/04 13:32:56 A . (.Trend Micro Inc..) -- C:\Documents and Settings\standard\My Documents\TTi_8.0_HE_Downloader.exe [6631824]
O61 - LFC: 2015/07/04 14:25:40 A . (..) -- C:\Documents and Settings\standard\Local Settings\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]

---\\ File Associations Shell Spawning (O67) (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\windows\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\windows\system32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (13) - 1s
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\windows\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\windows\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\windows\system32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (8) - 5s
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Bueno Search) - http://www.buenosearch.com/ =>PUP.BuenoSearch
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://mysearch.avg.com/
O69 - SBI: SearchScopes [HKCU] {9B975CFC-1899-4A3D-A3ED-18CF0CCAD1BC} - (webssearches) - http://istart.webssearches.com/ =>PUP.IsStart
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} - (Ask.com) - http://dts.search.ask.com/ =>Adware.Bandoo
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} - (Web Search) - http://search.bearshare.com/ =>PUP.BearShare
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Softonic-Eng7 Customized Web Search) - http://search.conduit.com/ =>PUP.Conduit
O69 - SBI: SearchScopes [HKCU] {E09FAF8B-70B4-4A59-BD9D-8FDB22BBF185} - (webssearches) - http://istart.webssearches.com/ =>PUP.IsStart

---\\ Search Svchost Services (SSS) (O83) (40) - 1s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\windows\system32\appmgmts.dll [167936]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\windows\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\windows\system32\browser.dll [78336]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\windows\system32\cryptsvc.dll [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- C:\windows\system32\dmserver.dll [23552]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- C:\windows\system32\dhcpcsvc.dll [126976]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\windows\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\windows\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\windows\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\windows\system32\hidserv.dll [21504]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\windows\system32\srvsvc.dll [99840]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\windows\system32\wkssvc.dll [132096]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\windows\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- C:\windows\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\windows\system32\mswsock.dll [245248]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- C:\windows\system32\ntmssvc.dll [435200]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\windows\system32\rasauto.dll [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\windows\system32\rasmans.dll [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\windows\system32\mprdim.dll [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- C:\windows\system32\schedsvc.dll [192512]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\windows\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\windows\system32\sens.dll [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\windows\system32\ipnathlp.dll [331264]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- C:\windows\system32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\windows\system32\tapisrv.dll [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\windows\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\windows\system32\trkwks.dll [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\windows\system32\w32time.dll [175104]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- C:\windows\system32\wzcsvc.dll [483840]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\windows\system32\advapi32.dll [617472]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\windows\system32\wbem\wmisvc.dll [144896]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\windows\system32\wscsvc.dll [80896]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\windows\system32\xmlprov.dll [129024]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- C:\windows\system32\qagentrt.dll [291328]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\windows\system32\kmsvc.dll [61440]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\windows\system32\qmgr.dll [409088]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\windows\system32\wuauserv.dll [6656]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\windows\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\windows\pchealth\helpctr\binaries\pchsvc.dll [38400]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\windows\system32\mspmsnsv.dll [27136]

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (22) - 19s
SS - Demand [2015/03/02 10:41:30] [ 267440] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - Auto [2015/01/19 23:30:38] [ 60744] Apple Mobile Device (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - Auto [2009/09/22 20:22:14] [ 315736] Kaspersky Anti-Virus 6.0 (AVP) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
SR - Auto [2011/08/30 23:05:02] [ 390504] Bonjour Service (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - Auto [2010/01/22 23:28:48] [ 300808] (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
SS - Demand [2009/12/07 20:36:10] [ 362040] HP ProtectTools Device Locking / Auditing (FLCDLOCK) . (.Hewlett-Packard Ltd.) - C:\windows\system32\flcdlock.exe
SS - Auto [2013/12/16 08:45:26] [ 116648] Google Update Service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - Demand [2013/12/16 08:45:26] [ 116648] Google Update Service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - Auto [2010/01/12 18:25:26] [ 36864] HP ProtectTools Service (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P.) - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
SR - Auto [2010/01/26 19:32:40] [ 281192] Drive Encryption Service (HpFkCryptService) . (.McAfee, Inc..) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
SR - Auto [2009/12/12 02:57:20] [ 297984] File Sanitizer for HP ProtectTools (HPFSService) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
SS - Auto [2014/12/11 11:36:04] [ 89864] HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) . (.Hewlett-Packard Company.) - C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
SR - Demand [2015/04/07 00:29:36] [ 540968] iPod Service (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - Demand [2007/01/05 04:48:50] [ 112152] IviRegMgr (IviRegMgr) . (.InterVideo.) - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SR - Auto [2013/11/19 00:50:32] [ 132600] Kaspersky Lab Network Agent (klnagent) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\NetworkAgent\klnagent.exe
SS - Demand [2009/07/24 21:29:38] [ 174616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\AMT\LMS.exe
SS - Demand [2014/04/09 15:12:50] [ 235696] McAfee Security Scan Component Host Service (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
SS - Demand [2015/06/03 02:02:26] [ 148080] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - Auto [2009/06/18 18:29:12] [ 635416] PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files\PDF Complete\pdfsvc.exe
SR - Auto [2007/07/24 20:15:14] [ 185632] Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SS - Auto [2015/06/03 16:42:38] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - Demand [2009/07/24 21:29:52] [ 2066968] Intel(R) Management and Security Application User Notificat (UNS) . (.Intel Corporation.) - C:\Program Files\Common Files\Intel\Privacy Icon\UNS\UNS.exe

---\\ Additional Scan (O88) (27) - 0s
HKLM\SYSTEM\CurrentControlSet\Services\BackupStack =>PUP.MyPCBackup
HKLM\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A91196222 =>PUP.iMesh
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BearShare =>PUP.BearShare
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\istartsurf uninstall =>PUP.IsStart
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup =>PUP.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\webssearches uninstall =>Hijacker.WebsSearches
HKLM\SOFTWARE\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
HKLM\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKLM\SOFTWARE\BearShare =>PUP.BearShare
HKLM\SOFTWARE\DataMngr =>PUP.Datamngr
HKLM\SOFTWARE\IHProtect =>Adware.AgentODR
HKLM\SOFTWARE\istartsurfSoftware =>PUP.IsStart
HKLM\SOFTWARE\SupDp =>Adware.SupTab
HKLM\SOFTWARE\supWindowsMangerProtect =>PUP.Fuyu
HKLM\SOFTWARE\Torch =>PUP.Torch
HKLM\SOFTWARE\webssearchesSoftware =>Hijacker.WebsSearches
HKLM\SOFTWARE\YourFileDownloader =>PUP.YourFileDownloader
HKCU\SOFTWARE\AVG SafeGuard toolbar =>Toolbar.AVGSafeGuard
HKCU\SOFTWARE\AVG Security Toolbar =>Toolbar.AVGSearch
HKCU\SOFTWARE\BearShareMediabarTb =>PUP.BearShare
HKCU\SOFTWARE\Conduit =>PUP.Conduit
HKCU\SOFTWARE\Datamngr =>PUP.Datamngr
HKCU\SOFTWARE\Softonic =>PUP.Softonic
HKCU\SOFTWARE\Somoto =>Adware.MegaSearch
HKCU\SOFTWARE\Torch =>PUP.Torch
HKCU\SOFTWARE\YourFileDownloader =>PUP.YourFileDownloader

---\\ Summary of the detections found on your workstation (18) - 0s
http://www.nicolascoolman.fr/blog =>Toolbar.AVGSearch
http://www.nicolascoolman.fr/adware-megasearch/ =>Adware.MegaSearch
http://www.nicolascoolman.fr/pup-bearshare/ =>PUP.BearShare
http://www.nicolascoolman.fr/pup-mypcbackup/ =>PUP.MyPCBackup
http://www.nicolascoolman.fr/pup-imesh/ =>PUP.iMesh
http://www.nicolascoolman.fr/blog =>Toolbar.AVGSafeGuard
http://www.nicolascoolman.fr/pup-isstart/ =>PUP.IsStart
http://www.nicolascoolman.fr/hijacker-webssearches/ =>Hijacker.WebsSearches
http://www.nicolascoolman.fr/pup-datamngr/ =>PUP.Datamngr
http://www.nicolascoolman.fr/blog =>Adware.AgentODR
http://www.nicolascoolman.fr/pup-suptab/ =>Adware.SupTab
http://www.nicolascoolman.fr/trojan-fuyu/ =>PUP.Fuyu
http://www.nicolascoolman.fr/blog =>PUP.Torch
http://www.nicolascoolman.fr/pup-yourfiledownloader/ =>PUP.YourFileDownloader
http://www.nicolascoolman.fr/toolbar-conduit/ =>PUP.Conduit
http://www.nicolascoolman.fr/blog =>PUP.Softonic
http://www.nicolascoolman.fr/pup-buenosearch/ =>PUP.BuenoSearch
http://www.nicolascoolman.fr/adware-bandoo/ =>Adware.Bandoo

~ End of the scan, 106634 items in 268 seconds (1053)(0)()

Publicité


Signaler le contenu de ce document

Publicité