cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.8.17.120 By Nicolas Coolman (2015/08/17)
~ Run by adel (Administrator) (2015/08/19 04:14:47)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: No network file
~ Mode: Scan
~ Report: C:\Users\adel\Desktop\ZHPDiag.txt
~ Report: C:\Users\adel\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8.1 Enterprise, 64-bit (Build 9600)

---\\ Internet Browsers (2) - 0s
GCIE: Google Chrome v44.0.2403.155
MSIE: Internet Explorer v11.0.9600.17107

---\\ Windows Product Information (4) - 4s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK (Auto)
Windows Activation Technologies : OK

---\\ System protection software (2) - 0s
Symantec Endpoint Protection v12.1.4013.4013
Windows Defender W81 (Deactivate)

---\\ System optimization software (1) - 0s
CCleaner v4.13

---\\ Surveillance software (1) - 0s
Adobe Reader X

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 16723.14 MB (90% free)
~ System Restore: Activé (Enable)
~ System drive C: has 75 GB free of 122 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: عادل
~ User Name: adel
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 75 GB free of 122 GB (System)
~ Drive D: has 255 GB free of 309 GB
~ Drive E: has 558 GB free of 643 GB

---\\ State of the Windows Security Center (10) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (23) - 0s
[MD5.81394C91B7B5A7C799E249AE82491F13] - (.Microsoft Corporation - مستكشف Windows.) () -- C:\Windows\Explorer.exe [2373784]
[MD5.6E0BDFBEEED65B017F2E4C2C910B0520] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [52736]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) () -- C:\Windows\System32\Wininit.exe [144384]
[MD5.65C36A29A131A3A5D64B29FAC4EF6DD6] - (.Microsoft Corporation - ملحقات الإنترنت لـ Win32.) () -- C:\Windows\System32\wininet.dll [2262016]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) () -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - مكتبة تراخيص البرامج.) () -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.E37F897ED7B5AFF79B1398258DB96BD9] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) () -- C:\Windows\System32\fr-FR\user32.dll.mui [19456]
[MD5.7C7BE474915166B61B84C025F1F10157] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134144]
[MD5.498288DD5CA42C2D36D125893E968C53] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [77312]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848]
[MD5.0696F66E4D423793951A60562F794D14] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624]
[MD5.1C80517BE6836A812F6A9B99B8321351] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [2013016]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520]
[MD5.4BB9BC49DEE1A319EC58274A7BBED663] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [310616]

---\\ Process running (35) - 1s
[MD5.1C7CC708AC4A02A3BE8915539780534A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 335.2.) -- C:\Windows\system32\nvvsvc.exe [922968] [PID.1012]
[MD5.CDA9313E34887A111B8309B55BCDCD82] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936] [PID.364]
[MD5.23FCC0ED96A71AB04328C02F0785DA89] - (.Acronis - Acronis Scheduler 2.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1263424] [PID.1668]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1688]
[MD5.8588B8F21CE15DBB96A63E5F352178C1] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3996664] [PID.1728]
[MD5.CB7A9D3C7B5A49B3904B9C415204533F] - (.Scarlet.Crush Productions - ScpService.) -- C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe [388352] [PID.1860]
[MD5.5031F3E650D242EEECEB92EB9900FB93] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216] [PID.1916]
[MD5.DAE6C3099D291EED8922A65C29ABCF52] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520] [PID.1976]
[MD5.CBF7341E55A8348C7AB01A9870C7D948] - (.Intel Corporation - Intel® PROSet Monitoring Service.) -- C:\Windows\system32\IProsetMonitor.exe [195336] [PID.2004]
[MD5.5215D12B13FC2BC7717AA4884846D34F] - (.Copyright© 2011-2013 Intel Corporation - ISCT Agent Application.) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120] [PID.2032]
[MD5.4EBEE69A8FE7DC85FD3C122821C617A0] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504] [PID.1372]
[MD5.D23A07D549243F5B77780BAA4FBF5BC3] - (.NVIDIA Corporation - NVIDIA Streamer Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592] [PID.2024]
[MD5.18E1127C5341E2F037439033EE0D0D4B] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368] [PID.2076]
[MD5.54FB3B0B29F76E839C648D2F5983A22C] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe [245576] [PID.3068]
[MD5.92D840650F95EB60659952AEECAFCE85] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe [305992] [PID.1176]
[MD5.512F8C6392948420A6EAA368BE1286EE] - (.Symantec Corporation - Symantec CMC Smc.) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2377984] [PID.3976]
[MD5.20E83F4632E15A5E9E716FF2E8AC7FAE] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720] [PID.1804]
[MD5.52069AEB42D3D0F97CBCA1085EBF55E6] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432] [PID.2580]
[MD5.3DE66F47365AA8CEB18B1EE272F4FEBA] - (.Intel Corporation - Intel(R) Local Management Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [390616] [PID.944]
[MD5.D5996EC1A6715849022344D1CB4FA53D] - (.Acronis - TrueImage Sync Agent Service.) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [6847712] [PID.4076]
[MD5.CF74414BF4FE2F69D336AC05738217DC] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [1202520] [PID.2504]
[MD5.1C7CC708AC4A02A3BE8915539780534A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 335.2.) -- C:\Windows\system32\nvvsvc.exe [922968] [PID.3628]
[MD5.EE4FB36AC2ADAF84DDF28D9B704D71D9] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [7546000] [PID.3576]
[MD5.E16832CBA3A4A64B85D2327C320F8EA0] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe [21921936] [PID.3444]
[MD5.18E1127C5341E2F037439033EE0D0D4B] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368] [PID.3832]
[MD5.D837FD1004DEF703D4AD32081915A5F6] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [2447192] [PID.3680]
[MD5.8F82FFC6CD0F4C83F4565E1A40332CCD] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896] [PID.3660]
[MD5.781BAF1C6935A5D60C7945B34313F2DE] - (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136] [PID.1488]
[MD5.119D43DCD831AD90E78E8BF3DF75E53A] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [570152] [PID.536]
[MD5.63DA8D81C46AE1C08DB45AD81E2AD541] - (.Intel Corporation - ISCT SysTray.) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5545448] [PID.3020]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.968]
[MD5.EF103848F8E303AEDA8BD85CDAC17937] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5306776] [PID.2996]
[MD5.4BD76EC239156BD2E458DEC69E20F6A8] - (.Acronis International GmbH - Acronis TIB Mounter Monitor.) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [603904] [PID.1276]
[MD5.3D45AD2B246B90DBD3E6F213E7AEBF64] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592] [PID.3524]
[MD5.8BBBDE2F8710EA78AE249C508F96F498] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\adel\AppData\Roaming\ZHP\ZHPDiag3.exe [1902592] [PID.6068]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (42) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ap.teesoft.info/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lb.analyticstats.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://rep.teesoft.info/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://accounts.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://b.networkanalytics.net/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients2.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://localhost:26143/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://mail.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com.ly/
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.com.ly/
G2 - GCE: Preference [User Data\Default] [afbpdhiclgghnffhkinjikglgmolhpee] Torrent Search
G2 - GCE: Preference [User Data\Default] [amcphjlhljchhkpickdokdjfpckdilbd] SPEED TEST ADSL
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aomjjhallfgjeglblehebfpbcfeobpgk] 1Password: Password Manager and Secure Wallet
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [bigefpfhnfcobdlfbedofhhaibnlghod] MEGA
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [dhapiedbmffnpkahkcjdjpikmodjipmd] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ejidjjhkpiempkbhmpbfngldlkglhimk] __MSG_WEBSTORE_PRONGHORN_PRODUCT_NAME__
G2 - GCE: Preference [User Data\Default] [gbchcmhmhahfdphkhkmpfmihenigjmpp] __MSG_PRODUCT_NAME__
G2 - GCE: Preference [User Data\Default] [gighmmpiobklfepjocnamgkkbiglidom] AdBlock
G2 - GCE: Preference [User Data\Default] [gpgjomejfimnbmobcocilppikhncegaj] Drive Notepad
G2 - GCE: Preference [User Data\Default] [hlhbmnfdcklajeaeikfinieljfegamko] __MSG_extension_name__
G2 - GCE: Preference [User Data\Default] [ihdkejbciahopmbagpnjmmkkdpfpaaak] WeatherBug (Legacy App)
G2 - GCE: Preference [User Data\Default] [ioekoebejdcmnlefjiknokhhafglcjdl] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [jghfknlgajlcihkhkhnlcoffhbohnlbg] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [kaebhgioafceeldhgjmendlfhbfjefmo] EagleGet Free Downloader
G2 - GCE: Preference [User Data\Default] [kcijdkkommbhnpohidhdpkhendgcpamf] __MSG_application_title__
G2 - GCE: Preference [User Data\Default] [kdkgihpbaofhkiliohfepioflkkbapao] __MSG_calc_name__
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [llaegbflmcclmiejcomepalhjllojond] Virtual Quran - Arabic
G2 - GCE: Preference [User Data\Default] [lneaknkopdijkpnocmklfnjbeapigfbh] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [mihcahmgecmbnbcchbopgniflfhgnkff] __MSG_gmailcheck_name__
G2 - GCE: Preference [User Data\Default] [mmgagnmbebdebebbcleklifnobamjonh] AutoPager Chrome
G2 - GCE: Preference [User Data\Default] [mmngljdjkkpkpkgkbdgepfbcjomclban] Деревянный хром
G2 - GCE: Preference [User Data\Default] [molpbbfgiohpdmhnpadnonkfgahjfbem] Notes
G2 - GCE: Preference [User Data\Default] [njgpiocdhdmnglomggfjkkonjjfahnom] Norton Identity Safe
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pfpeapihoiogbcmdmnibeplnikfnhoge] Outlook.com
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (R5) (3) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (23)

---\\ Auto loading programs from Registry and folders (O4) (13) - 0s
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
O4 - HKLM\..\Run: [IAStorIcon] . (.Intel Corporation - Delayed launcher.) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [XboxStat] . (.Microsoft Corporation - XBoxStat.exe.) -- C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
O4 - HKCU\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [LiveUpdate 5] . (...) -- C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [AcronisTibMounterMonitor] . (.Acronis International GmbH - Acronis TIB Mounter Monitor.) -- C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKUS\S-1-5-21-340261083-3965730930-1715080245-1001\..\Run: [RGSC] . (.Take-Two Interactive Software, Inc. - RGSCLauncher.) -- E:\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe

---\\ Lop.com/Domain Hijackers (O17) (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23) (19) - 0s
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @oem28.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Man (BcmBtRSupport) . (.Broadcom Corporation. - Bluetooth Radio Management Support.) - C:\Windows\system32\BtwRSupportService.exe
O23 - Service: SCP DS3 Service (Ds3Service) . (.Scarlet.Crush Productions - ScpService.) - C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation - Intel(R) Capability Licensing Service Inter.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation - Intel® PROSet Monitoring Service.) - C:\Windows\system32\IProsetMonitor.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) . (.Copyright© 2011-2013 Intel Corporation - ISCT Agent Application.) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation - Intel(R) Dynamic Application Loader Host In.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation - Intel(R) Local Management Service.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation - NVIDIA Network Service.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation - NVIDIA Streamer Service.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 335.2.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: Symantec Endpoint Protection (SepMasterService) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) . (.Acronis - TrueImage Sync Agent Service.) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

---\\ Task Planned Automatically (O39) (8) - 3s
[MD5.03E07421C99D99D2DB8F4E5CCB890B23] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [4524312]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [856] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [860] =>.Google Inc.
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2770] =>.Piriform Ltd
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3596] =>.Google Inc.
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3832] =>.Google Inc.

---\\ Software installed (O42) (82) - 3s
O42 - Logiciel: Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (0 - (.Western Digital Technologies.) [HKLM][64Bits] -- 4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner
O42 - Logiciel: CPUID HWMonitor Pro 1.20 - (...) [HKLM][64Bits] -- CPUID HWMonitorPro_is1
O42 - Logiciel: HashTab 5.1.0.23 - (.Implbits Software.) [HKLM][64Bits] -- HashTab
O42 - Logiciel: Intel(R) Network Connections 18.5.54.0 - (.Intel.) [HKLM][64Bits] -- PROSetDX
O42 - Logiciel: Unlocker 1.9.2 - (.Cedrick Collomb.) [HKLM][64Bits] -- Unlocker
O42 - Logiciel: WinRAR 5.01 (64-بت) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver
O42 - Logiciel: Intel(R) Smart Connect Technology - (.Intel Corporation.) [HKLM][64Bits] -- {0A9F62B3-40A4-4AC1-9980-A398EC2C5DDC}
O42 - Logiciel: 7-Zip 9.32 (x64 edition) - (.Igor Pavlov.) [HKLM][64Bits] -- {23170F69-40C1-2702-0932-000001000000}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {409CB30E-E457-4008-9B1A-ED1B9EA21140}
O42 - Logiciel: Intel(R) Network Connections 18.5.54.0 - (.Intel.) [HKLM][64Bits] -- {4B5B6BB3-DA04-4B56-AE17-DDBF3F446888}
O42 - Logiciel: VC_CRT_x64 - (.Intel Corporation.) [HKLM][64Bits] -- {54F2237F-018C-483B-8884-9FC0D88840C3}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Access MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Excel MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft PowerPoint MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Publisher MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Outlook MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Word MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft InfoPath MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft DCF MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft OneNote MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Groove MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0401-1000-0000000FF1CE}
O42 - Logiciel: Microsoft Lync MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0401-1000-0000000FF1CE}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {93F692D4-0C4D-4EED-9BFE-657C1D5959FE}
O42 - Logiciel: NVIDIA برامج تشغيل ‎3D Vision 335.23 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA برنامج تشغيل الرسومات 335.23 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA GeForce Experience 2.5.12.11 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience
O42 - Logiciel: NVIDIA برنامج تشغيل مراقب ‎3D Vision 335.21 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA برنامج تشغيل صوت HD 1.3.30.1 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: Symantec Endpoint Protection - (.Symantec Corporation.) [HKLM][64Bits] -- {B53661DC-CD94-4B14-B15F-D9DDCFF72558}
O42 - Logiciel: Intel® Trusted Connect Service Client - (.Intel Corporation.) [HKLM][64Bits] -- {B5E06417-A4AC-4225-B36E-7E34C91616E7}
O42 - Logiciel: SES Driver - (.Western Digital.) [HKLM][64Bits] -- {D8CC254C-C671-4664-9A38-FA368D1E2C97}
O42 - Logiciel: Microsoft Xbox 360 Accessories 1.2 - (.Microsoft.) [HKLM][64Bits] -- {D9C50188-12D5-4D3E-8F00-682346C2AA5F}
O42 - Logiciel: MSVCRT110_amd64 - (.Microsoft.) [HKLM][64Bits] -- {E9FA781F-3E80-4399-825A-AD3E11C28C77}
O42 - Logiciel: Alan Wake - (...) [HKLM][64Bits] -- Alan Wake *REPACK* *MULTi10*_is1
O42 - Logiciel: Fast and Furious Showdown - (...) [HKLM][64Bits] -- Fast and Furious Showdown_is1
O42 - Logiciel: Fraps - (...) [HKLM][64Bits] -- Fraps
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM][64Bits] -- Google Chrome
O42 - Logiciel: K-Lite Codec Pack 10.4.3 Full - (...) [HKLM][64Bits] -- KLiteCodecPack_is1
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIAStereo
O42 - Logiciel: OpenAL - (...) [HKLM][64Bits] -- OpenAL
O42 - Logiciel: Pro Evolution Soccer 2015 - (...) [HKLM][64Bits] -- UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1
O42 - Logiciel: UltraISO Premium V9.61 - (...) [HKLM][64Bits] -- UltraISO_is1
O42 - Logiciel: AOMEI Partition Assistant Pro Edition 5.5 - (.AOMEI Technology Co., Ltd..) [HKLM][64Bits] -- {02F850ED-FD0E-4ED1-BE0B-5498165BF300}_is1
O42 - Logiciel: Rockstar Games Social Club - (.Rockstar Games.) [HKLM][64Bits] -- {08B3869E-D282-424C-9AFC-870E04A4BA14}
O42 - Logiciel: 極速快感:亡命天涯 - (.Electronic Arts.) [HKLM][64Bits] -- {0EDC9BA0-016E-406a-86DA-04FC1BE00C21}
O42 - Logiciel: Microsoft XNA Framework Redistributable 3.1 - (.Microsoft Corporation.) [HKLM][64Bits] -- {19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}
O42 - Logiciel: Java 7 Update 55 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217051FF}
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 - (.Microsoft Corporation.) [HKLM][64Bits] -- {2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
O42 - Logiciel: Need for Speed The Run version 1.0 - (.EA.) [HKLM][64Bits] -- {4B7IL77L-LKS1-75B1-NFSRUN-18CD6E6334R1}_is1
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Grand Theft Auto IV - (.Rockstar Games.) [HKLM][64Bits] -- {579BA58C-F33D-4970-9953-B94B43768AC3}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
O42 - Logiciel: Asmedia ASM106x SATA Host Controller Driver - (.Asmedia Technology.) [HKLM][64Bits] -- {61942EF5-2CD8-47D4-869C-2E9A8BB085F1}
O42 - Logiciel: Intel(R) Management Engine Components - (.Intel Corporation.) [HKLM][64Bits] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}
O42 - Logiciel: Toolkit Documentation - (.Microsoft.) [HKLM][64Bits] -- {6C870B12-6FF2-68FC-8C3B-DD177BBF3F92}
O42 - Logiciel: Skype Click to Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {6D1221A9-17BF-4EC0-81F2-27D30EC30701}
O42 - Logiciel: Windows Deployment Customizations - (.Microsoft.) [HKLM][64Bits] -- {6EA3CA0C-A025-FD48-D9C2-6191B9491E43}
O42 - Logiciel: Skype™ 6.14 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
O42 - Logiciel: معرض الصور - (.Microsoft Corporation.) [HKLM][64Bits] -- {8CDC81A6-1453-42CA-AA6F-909EF7363F21}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSVCRT110 - (.Microsoft.) [HKLM][64Bits] -- {8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
O42 - Logiciel: Windows Assessment and Deployment Kit for Windows 8.1 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9277b0c4-2ca8-431b-b4e2-98daf4005ec0}
O42 - Logiciel: Acronis True Image 2015 - (.Acronis.) [HKLM][64Bits] -- {9C48ED33-4A66-4299-B274-BD8110AB6EAA}
O42 - Logiciel: Acronis True Image 2015 - (.Acronis.) [HKLM][64Bits] -- {9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Adobe Reader X (10.1.7) - Arabic - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1025-7B44-AA1000000001}
O42 - Logiciel: Acronis Disk Director 12 - (.Acronis.) [HKLM][64Bits] -- {AE372858-B1BD-49EF-8308-648322846008}
O42 - Logiciel: Kits Configuration Installer - (.Microsoft.) [HKLM][64Bits] -- {B74E65FD-CC47-41C5-4B89-791A3F61942D}
O42 - Logiciel: Battlefield 4 - (.SACC - TDL.) [HKLM][64Bits] -- {D0B75E7B-C384-4AA0-B2FC-335723762E35}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Medal of Honor Warfighter - (.SACC - TDL.) [HKLM][64Bits] -- {E423B731-D6AF-493E-BB9B-63C07A0A2710}
O42 - Logiciel: Live Update 5 - (.MSI.) [HKLM][64Bits] -- {E8BAA541-D161-4C9B-85BF-01F05A56BD7F}}_is1
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF}
O42 - Logiciel: EagleGet version 1.1.8.3 - (.EagleGet.) [HKLM][64Bits] -- {F6D8142A-B30B-454B-9EE0-08A7B997DFE4}_is1
O42 - Logiciel: Windows System Image Manager on amd64 - (.Microsoft.) [HKLM][64Bits] -- {F79B8F11-E2CE-547F-C0B9-9A0C2EC0D51D}
O42 - Logiciel: Windows Deployment Tools - (.Microsoft.) [HKLM][64Bits] -- {FEA31583-30A7-0951-718C-AF75DCB003B1}
O42 - Logiciel: TUN MAKERS PATCH 0.1 - (...) [HKCU][64Bits] -- TUN MAKERS PATCH 0.1
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent

---\\ HKCU & HKLM Software Keys (79) - 4s
HKLM\SOFTWARE\Wow6432Node\Acronis
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AGEIA Technologies
HKLM\SOFTWARE\Wow6432Node\EA Games
HKLM\SOFTWARE\Wow6432Node\EagleGet
HKLM\SOFTWARE\Wow6432Node\EasyBoot Systems
HKLM\SOFTWARE\Wow6432Node\Fraps
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\JavaSoft
HKLM\SOFTWARE\Wow6432Node\JreMetrics
HKLM\SOFTWARE\Wow6432Node\Khronos
HKLM\SOFTWARE\Wow6432Node\KLCodecPack
HKLM\SOFTWARE\Wow6432Node\LAV
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\MSI
HKLM\SOFTWARE\Wow6432Node\MT Solution
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\NVIDIA Corporation
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\OpenAL
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\Realtek
HKLM\SOFTWARE\Wow6432Node\Realtek Semiconductor Corp.
HKLM\SOFTWARE\Wow6432Node\Rockstar Games
HKLM\SOFTWARE\Wow6432Node\SACC - TDL
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Stardock
HKLM\SOFTWARE\Wow6432Node\Symantec
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\Acronis
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\EagleGet
HKCU\SOFTWARE\EasyBoot Systems
HKCU\SOFTWARE\Fraps3
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Geek Uninstaller
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HashTab
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\InstallBuilders
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MediaChance
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\MiniTool Solution Ltd.
HKCU\SOFTWARE\MOHWSplash
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Partition Assistant
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Stardock
HKCU\SOFTWARE\Symantec
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\Valve
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft

---\\ Contents of the Common Files folders (O43) (165) - 2s
O43 - CFD: 2015/08/14 10:44:10 - [] D -- C:\Program Files (x86)\Acronis
O43 - CFD: 2014/04/13 13:47:09 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/08/15 13:47:04 - [0] D -- C:\Program Files (x86)\AGEIA Technologies
O43 - CFD: 2015/08/13 20:37:05 - [] D -- C:\Program Files (x86)\AOMEI Partition Assistant Pro Edition 5.5
O43 - CFD: 2014/04/13 12:05:38 - [] D -- C:\Program Files (x86)\ASM106xSATA
O43 - CFD: 2015/08/14 08:42:44 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2014/04/26 03:05:32 - [] D -- C:\Program Files (x86)\EagleGet
O43 - CFD: 2015/08/13 21:17:42 - [0] D -- C:\Program Files (x86)\EaseUS
O43 - CFD: 2014/04/13 12:43:15 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/08/18 02:57:28 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2014/04/13 12:03:26 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2014/04/13 09:56:07 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2014/04/17 18:39:08 - [] D -- C:\Program Files (x86)\Java
O43 - CFD: 2014/04/13 13:45:06 - [] D -- C:\Program Files (x86)\K-Lite Codec Pack
O43 - CFD: 2014/04/13 02:54:13 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2015/08/15 13:46:56 - [] D -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
O43 - CFD: 2014/04/13 02:54:11 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2014/04/13 12:37:17 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2014/04/13 02:55:29 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2014/04/13 13:52:10 - [] D -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
O43 - CFD: 2015/08/15 13:45:19 - [] D -- C:\Program Files (x86)\Microsoft XNA
O43 - CFD: 2014/04/13 02:55:28 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2014/04/13 02:55:15 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2014/04/13 12:26:16 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2014/04/13 12:13:52 - [] D -- C:\Program Files (x86)\MSI
O43 - CFD: 2014/04/13 04:27:31 - [] D -- C:\Program Files (x86)\NVIDIA Corporation
O43 - CFD: 2015/08/15 13:47:00 - [] D -- C:\Program Files (x86)\OpenAL
O43 - CFD: 2014/04/13 11:53:52 - [] D -- C:\Program Files (x86)\Realtek
O43 - CFD: 2014/04/13 12:26:16 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2014/05/17 12:12:13 - [] D -- C:\Program Files (x86)\RocketDock
O43 - CFD: 2015/08/17 01:38:54 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2014/04/13 10:01:43 - [] D -- C:\Program Files (x86)\Symantec
O43 - CFD: 2015/08/13 21:16:14 - [0] D -- C:\Program Files (x86)\TeamViewer
O43 - CFD: 2014/04/13 11:54:16 - [0] HD -- C:\Program Files (x86)\Temp
O43 - CFD: 2014/04/13 02:49:13 - [] D -- C:\Program Files (x86)\UltraISO
O43 - CFD: 2014/05/15 13:07:24 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2014/05/14 20:36:31 - [] D -- C:\Program Files (x86)\Windows Kits
O43 - CFD: 2014/04/13 13:52:09 - [] D -- C:\Program Files (x86)\Windows Live
O43 - CFD: 2013/09/30 05:51:39 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2014/04/13 09:56:00 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2014/04/13 09:56:00 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2013/09/30 05:51:39 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2014/04/13 09:56:00 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 17:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 17:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2014/04/13 13:49:23 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 2013/08/22 17:36:33 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/09/30 05:56:17 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/14 10:44:15 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
O43 - CFD: 2014/04/13 09:56:06 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/13 20:34:30 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Pro Edition 5.5
O43 - CFD: 2014/04/13 12:15:59 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/08/14 22:03:42 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
O43 - CFD: 2014/04/26 03:05:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EagleGet
O43 - CFD: 2015/08/16 02:11:39 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
O43 - CFD: 2014/04/13 12:43:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2014/04/13 12:08:11 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2014/04/17 18:39:08 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
O43 - CFD: 2014/04/13 13:45:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/15 13:46:57 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
O43 - CFD: 2014/05/15 20:50:44 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2014/04/13 12:37:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/08/14 19:58:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
O43 - CFD: 2014/04/13 12:13:54 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
O43 - CFD: 2015/08/14 22:19:26 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed The Run
O43 - CFD: 2014/04/13 04:27:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
O43 - CFD: 2014/05/01 09:05:14 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Object Desktop
O43 - CFD: 2015/08/14 21:00:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
O43 - CFD: 2014/04/14 00:57:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2014/04/13 12:00:26 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2014/04/13 10:03:22 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
O43 - CFD: 2014/04/13 09:56:06 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2013/09/30 05:56:15 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2014/04/13 02:49:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO
O43 - CFD: 2014/05/14 20:36:31 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
O43 - CFD: 2014/04/13 03:33:50 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/08/14 14:36:07 - [] D -- C:\ProgramData\Acronis
O43 - CFD: 2014/04/14 00:45:21 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2014/04/13 03:44:24 - [] D -- C:\ProgramData\EagleGet
O43 - CFD: 2014/04/13 12:08:10 - [] D -- C:\ProgramData\Intel
O43 - CFD: 2015/08/15 03:29:05 - [] D -- C:\ProgramData\KONAMI
O43 - CFD: 2015/08/15 13:46:48 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2014/05/15 20:50:36 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2014/04/13 03:34:41 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 2015/08/18 18:33:08 - [] D -- C:\ProgramData\NVIDIA
O43 - CFD: 2015/08/17 01:00:25 - [] D -- C:\ProgramData\NVIDIA Corporation
O43 - CFD: 2014/04/17 18:39:12 - [0] D -- C:\ProgramData\Oracle
O43 - CFD: 2014/05/14 20:36:30 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2014/04/13 02:55:23 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2014/04/13 10:01:48 - [] D -- C:\ProgramData\regid.1992-12.com.symantec
O43 - CFD: 2014/04/14 00:57:15 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/08/15 03:29:03 - [] D -- C:\ProgramData\Steam
O43 - CFD: 2014/04/13 12:33:14 - [] D -- C:\ProgramData\Sun
O43 - CFD: 2014/10/19 19:04:56 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 2013/08/22 16:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/08/14 10:44:37 - [] D -- C:\Program Files (x86)\Common Files\Acronis
O43 - CFD: 2014/04/13 13:47:10 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2014/04/26 03:05:31 - [] D -- C:\Program Files (x86)\Common Files\EagleGet
O43 - CFD: 2014/04/13 02:49:13 - [] D -- C:\Program Files (x86)\Common Files\EZB Systems
O43 - CFD: 2014/04/13 11:53:48 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2014/04/13 12:11:35 - [] D -- C:\Program Files (x86)\Common Files\Intel Corporation
O43 - CFD: 2014/04/13 12:33:13 - [] D -- C:\Program Files (x86)\Common Files\Java
O43 - CFD: 2015/08/15 13:45:19 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2014/04/13 12:03:02 - [] D -- C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 2013/08/22 17:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2014/04/14 00:57:12 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2014/04/13 10:04:17 - [] D -- C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 2013/09/30 05:51:39 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2014/04/13 13:50:05 - [] D -- C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 2015/08/14 10:48:34 - [] D -- C:\Users\adel\AppData\Roaming\Acronis
O43 - CFD: 2015/08/16 02:28:56 - [] D -- C:\Users\adel\AppData\Roaming\Activision
O43 - CFD: 2014/04/13 13:47:24 - [] D -- C:\Users\adel\AppData\Roaming\Adobe
O43 - CFD: 2014/04/13 03:44:09 - [] D -- C:\Users\adel\AppData\Roaming\EagleGet
O43 - CFD: 2014/05/01 09:05:34 - [] D -- C:\Users\adel\AppData\Roaming\Geek Uninstaller
O43 - CFD: 2014/04/30 07:20:23 - [] D -- C:\Users\adel\AppData\Roaming\Identities
O43 - CFD: 2014/04/13 12:08:22 - [] D -- C:\Users\adel\AppData\Roaming\Intel Corporation
O43 - CFD: 2014/04/13 10:03:03 - [] D -- C:\Users\adel\AppData\Roaming\Macromedia
O43 - CFD: 2014/04/13 13:47:24 - [] SD -- C:\Users\adel\AppData\Roaming\Microsoft
O43 - CFD: 2014/04/13 12:33:41 - [] D -- C:\Users\adel\AppData\Roaming\Oracle
O43 - CFD: 2014/05/14 20:10:08 - [] D -- C:\Users\adel\AppData\Roaming\Phoebetria
O43 - CFD: 2015/08/13 21:18:32 - [] D -- C:\Users\adel\AppData\Roaming\Skype
O43 - CFD: 2015/08/13 22:08:19 - [] D -- C:\Users\adel\AppData\Roaming\uTorrent
O43 - CFD: 2014/04/13 03:34:29 - [] D -- C:\Users\adel\AppData\Roaming\WinRAR
O43 - CFD: 2015/08/19 04:14:54 - [] D -- C:\Users\adel\AppData\Roaming\ZHP
O43 - CFD: 2014/04/13 13:47:24 - [] D -- C:\Users\adel\AppData\Local\Adobe
O43 - CFD: 2014/04/13 12:37:17 - [] D -- C:\Users\adel\AppData\Local\Apps
O43 - CFD: 2015/08/18 20:01:08 - [] D -- C:\Users\adel\AppData\Local\CrashDumps
O43 - CFD: 2014/04/13 12:37:30 - [0] D -- C:\Users\adel\AppData\Local\Deployment
O43 - CFD: 2014/05/18 05:55:00 - [0] D -- C:\Users\adel\AppData\Local\Diagnostics
O43 - CFD: 2014/04/13 10:03:45 - [] SHD -- C:\Users\adel\AppData\Local\EmieSiteList
O43 - CFD: 2014/04/13 10:03:45 - [] SHD -- C:\Users\adel\AppData\Local\EmieUserList
O43 - CFD: 2014/04/13 12:43:21 - [] D -- C:\Users\adel\AppData\Local\Google
O43 - CFD: 2014/04/23 02:38:31 - [] D -- C:\Users\adel\AppData\Local\Intel_Corporation
O43 - CFD: 2014/04/26 03:19:55 - [] D -- C:\Users\adel\AppData\Local\MegaDownloader
O43 - CFD: 2015/08/15 13:46:48 - [] D -- C:\Users\adel\AppData\Local\Microsoft
O43 - CFD: 2014/04/13 02:54:11 - [0] D -- C:\Users\adel\AppData\Local\Microsoft Help
O43 - CFD: 2015/08/14 14:09:46 - [0] DC -- C:\Users\adel\AppData\Local\MigWiz
O43 - CFD: 2014/04/13 02:43:39 - [] D -- C:\Users\adel\AppData\Local\NVIDIA
O43 - CFD: 2014/04/13 03:47:40 - [] D -- C:\Users\adel\AppData\Local\NVIDIA Corporation
O43 - CFD: 2014/04/13 00:42:44 - [] D -- C:\Users\adel\AppData\Local\Packages
O43 - CFD: 2014/04/13 00:42:42 - [0] D -- C:\Users\adel\AppData\Local\PackageStaging
O43 - CFD: 2014/04/13 02:49:05 - [] D -- C:\Users\adel\AppData\Local\Programs
O43 - CFD: 2015/08/14 19:42:09 - [] D -- C:\Users\adel\AppData\Local\PunkBuster
O43 - CFD: 2015/08/14 21:05:25 - [] D -- C:\Users\adel\AppData\Local\Rockstar Games
O43 - CFD: 2015/08/15 13:47:39 - [] D -- C:\Users\adel\AppData\Local\SKIDROW
O43 - CFD: 2014/04/14 00:57:26 - [] D -- C:\Users\adel\AppData\Local\Skype
O43 - CFD: 2014/04/30 07:16:37 - [] D -- C:\Users\adel\AppData\Local\Stardock
O43 - CFD: 2014/04/13 10:03:32 - [] D -- C:\Users\adel\AppData\Local\Symantec
O43 - CFD: 2015/08/19 04:14:06 - [] D -- C:\Users\adel\AppData\Local\Temp
O43 - CFD: 2015/08/14 16:41:57 - [] D -- C:\Users\adel\AppData\Local\VirtualStore
O43 - CFD: 2014/04/13 13:52:48 - [] D -- C:\Users\adel\AppData\Local\Windows Live
O43 - CFD: 2013/08/22 17:36:32 - [] RD -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2013/08/22 17:36:32 - [] RD -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2014/05/15 22:02:47 - [] RD -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/15 13:18:07 - [] D -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KAPITALSIN
O43 - CFD: 2013/08/22 17:36:32 - [] D -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2014/05/15 22:02:47 - [] RD -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2013/08/22 17:36:32 - [] RD -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/05/18 04:59:19 - [] D -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
O43 - CFD: 2014/04/13 03:33:50 - [] D -- C:\Users\adel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ System Drivers List (SDL) (O58) (64) - 2s
O58 - SDL:2013/08/22 14:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896]
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176]
O58 - SDL:2013/08/22 14:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200]
O58 - SDL:2013/08/22 14:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424]
O58 - SDL:2013/08/22 14:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952]
O58 - SDL:2013/08/22 14:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016]
O58 - SDL:2014/01/27 17:30:36 A . (.Asmedia Technology - Asmedia 106x SATA Host Controller Driver.) -- C:\Windows\System32\drivers\asstor64.sys [84816]
O58 - SDL:2013/09/04 18:12:38 A . (.Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) -- C:\Windows\System32\drivers\bcbtums.sys [170712]
O58 - SDL:2013/08/13 01:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624]
O58 - SDL:2013/09/04 18:12:52 A . (.Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter for Windo.) -- C:\Windows\System32\drivers\btwampfl.sys [166104]
O58 - SDL:2013/08/22 14:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296]
O58 - SDL:2013/06/21 05:59:02 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\drivers\e1c64x64.sys [469264]
O58 - SDL:2013/06/18 16:45:26 A . (.Intel Corporation - Intel(R) Gigabit Adapter NDIS 6.x driver.) -- C:\Windows\System32\drivers\e1i63x64.sys [460288]
O58 - SDL:2013/08/22 14:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024]
O58 - SDL:2015/08/14 10:44:39 A . (.Acronis International GmbH - File tracker minifilter driver.) -- C:\Windows\System32\drivers\file_tracker.sys [296736]
O58 - SDL:2015/08/14 10:44:29 A . (.Acronis International GmbH - Acronis Storage Filter Management Driver.) -- C:\Windows\System32\drivers\fltsrv.sys [134432]
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\HECIx64.sys [62784]
O58 - SDL:2013/08/22 14:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352]
O58 - SDL:2013/07/30 20:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568]
O58 - SDL:2013/07/25 21:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320]
O58 - SDL:2013/07/11 22:01:42 A . (.Intel Corporation - NDIS 6.30 Advanced Networking Services..) -- C:\Windows\System32\drivers\iANSW60e.sys [153400]
O58 - SDL:2013/08/07 14:23:46 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\Windows\System32\drivers\iaStorA.sys [644968]
O58 - SDL:2013/08/10 02:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248]
O58 - SDL:2013/08/22 14:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000]
O58 - SDL:2013/08/01 17:01:32 A . (.Copyright (C) 2011 - 2013 Intel Corporation - Intel Keyboard Class Upper Filter Driver.) -- C:\Windows\System32\drivers\ikbevent.sys [21408]
O58 - SDL:2013/08/01 17:01:34 A . (.Copyright (C) 2011 - 2013 Intel Corporation - Intel Mouse Class Upper Filter Driver.) -- C:\Windows\System32\drivers\imsevent.sys [21920]
O58 - SDL:2013/08/01 17:01:32 A . (...) -- C:\Windows\System32\drivers\INETMON.sys [29088]
O58 - SDL:2013/07/03 00:17:02 A . (.Intel Corporation - Intel(R) Network Adapter Diagnostic Driver.) -- C:\Windows\System32\drivers\iqvw64e.sys [33616]
O58 - SDL:2013/08/01 17:01:34 A . (.Copyright (C) 2011-2012 - Intel(R) Smart Connect Technology Device Dr.) -- C:\Windows\System32\drivers\ISCTD64.sys [46568]
O58 - SDL:2009/04/29 16:28:30 A . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\drivers\KMWDFILTER.sys [30208]
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536]
O58 - SDL:2013/08/22 14:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784]
O58 - SDL:2009/11/18 07:12:00 A . (.Creative Technology Ltd. - Creative Audio Driver.) -- C:\Windows\System32\drivers\MBfilt64.sys [32344]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672]
O58 - SDL:2013/08/22 14:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840]
O58 - SDL:2013/08/22 14:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840]
O58 - SDL:2013/11/28 15:38:18 A . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\System32\drivers\nvhda64v.sys [197408]
O58 - SDL:2014/03/04 16:35:23 A . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [12708128]
O58 - SDL:2013/08/22 14:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368]
O58 - SDL:2013/08/22 14:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288]
O58 - SDL:2015/07/03 06:28:26 A . (.NVIDIA Corporation - NVIDIA Virtual Audio Driver.) -- C:\Windows\System32\drivers\nvvad64v.sys [47976]
O58 - SDL:2013/12/10 20:20:44 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHD64.sys [3771352]
O58 - SDL:2013/05/05 17:32:48 A . (.Scarlet.Crush Productions - Scp Virtual Bus Driver.) -- C:\Windows\System32\drivers\ScpVBus.sys [39168]
O58 - SDL:2013/08/22 17:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040]
O58 - SDL:2013/08/22 14:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896]
O58 - SDL:2013/08/22 14:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760]
O58 - SDL:2015/08/14 10:44:30 A . (.Acronis International GmbH - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman.sys [304416]
O58 - SDL:2013/08/22 14:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072]
O58 - SDL:2014/04/13 10:03:02 A . (.Symantec Corporation - Symantec Event Library.) -- C:\Windows\System32\drivers\SYMEVENT64x86.SYS [177752]
O58 - SDL:2014/04/13 10:01:59 A . (.Symantec Corporation - Symantec CMC Firewall SysPlant.) -- C:\Windows\System32\drivers\SysPlant.sys [155352]
O58 - SDL:2013/09/17 03:20:12 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\Windows\System32\drivers\TeeDriverx64.sys [99288]
O58 - SDL:2013/10/21 02:39:37 A . (.Symantec Corporation - Symantec CMC Firewall Teefer3.) -- C:\Windows\System32\drivers\Teefer.sys [92456]
O58 - SDL:2015/08/14 10:44:32 A . (.Acronis International GmbH - Acronis Backup Archive Explorer.) -- C:\Windows\System32\drivers\tib.sys [1328928]
O58 - SDL:2015/08/14 10:44:33 A . (.Acronis International GmbH - Acronis TIB Mounter Driver.) -- C:\Windows\System32\drivers\tib_mounter.sys [234784]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800]
O58 - SDL:2013/08/22 14:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504]
O58 - SDL:2011/02/16 17:53:00 A . (.Western Digital Technologies - WD SCSI Architecture Model (SAM) driver.) -- C:\Windows\System32\drivers\wdcsam64.sys [14464]
O58 - SDL:2014/04/13 10:02:00 A . (.Symantec Corporation - Symantec Network Access Control Protocol Dr.) -- C:\Windows\System32\drivers\WGX64.SYS [44448]
O58 - SDL:2013/11/29 10:31:28 A . (...) -- C:\Windows\System32\ampa.sys [17008]
O58 - SDL:2012/08/20 16:48:40 N . (...) -- C:\Windows\System32\pwdrvio.sys [19032]
O58 - SDL:2012/08/20 16:48:40 N . (...) -- C:\Windows\System32\pwdspio.sys [12384]

---\\ Last modified or created user files (O61) (15) - 1s
O61 - LFC: 2015/08/16 02:11:11 A . (.Beepa Pty Ltd.) -- C:\Users\adel\Downloads\setup.exe [2326976]
O61 - LFC: 2015/08/15 03:42:01 A . (..) -- C:\Users\adel\Documents\KONAMI\Pro Evolution Soccer 2015\save\SYSTEM.bin [136577]
O61 - LFC: 2015/08/16 02:30:23 A . (..) -- C:\Users\adel\AppData\Roaming\Activision\Fast & Furious™ - Showdown\save.bin [10112]
O61 - LFC: 2015/08/17 13:00:04 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\UMDShim\nvcoproc.bin [5147024]
O61 - LFC: 2015/08/19 04:11:52 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\00007ca9\DAO.19875341.exe [6035912]
O61 - LFC: 2015/08/18 02:28:40 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\00007c7b\CoProc update.19870099.exe [516648]
O61 - LFC: 2015/08/18 04:10:13 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\00007bb8\vops-battlefield_4.19826035.exe [5737560]
O61 - LFC: 2015/08/14 19:41:53 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\00007926\vops-medal_of_honor_warfighter.19704423.exe [6637176]
O61 - LFC: 2015/08/18 02:55:28 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\000074a7\vops-pro_evolution_soccer_2015.19506266.exe [1874848]
O61 - LFC: 2015/08/18 02:57:31 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\00007483\vops-grand_theft_auto_iv.19506266.exe [4063680]
O61 - LFC: 2015/08/18 02:53:20 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\00007222\streaming-assets-grand_theft_auto_iv.19413971.exe [398040]
O61 - LFC: 2015/08/18 04:09:23 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\000071e0\streaming-assets-battlefield_4.19413971.exe [484256]
O61 - LFC: 2015/08/14 19:40:25 A . (..) -- C:\Users\adel\AppData\Local\NVIDIA\NvBackend\Packages\0000716c\streaming-assets-medal_of_honor_warfighter.19410377.exe [498008]
O61 - LFC: 2015/08/14 19:39:07 A . (..) -- C:\Users\adel\AppData\Local\Microsoft\Windows\INetCache\Virtualized\C\ProgramData\NVIDIA Corporation\Drs\nvdrssel.bin [1]
O61 - LFC: 2015/08/19 03:43:14 A . (..) -- C:\Users\adel\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]

---\\ File Associations Shell Spawning (O67) (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - ‎‎الأداة المساعدة للتهيئة لكل مستخدم لـ IE.) -- C:\Windows\System32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (1) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (SSS) (O83) (36) - 0s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [208896]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - خدمة نشر شهادة البطاقة الذكية لـ Microsoft.) -- C:\Windows\System32\certprop.dll [155136]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [323072]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - عميل نهج المجموعة.) -- C:\Windows\System32\gpsvc.dll [1308160]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1063424]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [903168]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي الخاصة بخدمة تسجي.) -- C:\Windows\system32\seclogon.dll [30720]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [109568]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [150528]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [107008]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - خدمة جدولة المهام.) -- C:\Windows\system32\schedsvc.dll [1214976]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [220672]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [70656]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [134144]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [220160]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [324096]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - تقارير المشاكل وحلولها.) -- C:\Windows\System32\wercplsupport.dll [81408]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [97792]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [339456]
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [491520]
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1576960]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [50688]
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [201728]
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [164352]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [101376]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [534528]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [223744]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [71680]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [433664]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [306688]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - عامل Windows Update.) -- C:\Windows\system32\wuaueng.dll [3464192]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [1017856]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - مكتبة الارتباط الديناميكي لخدمات Windows Sh.) -- C:\Windows\System32\shsvcs.dll [629760]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - خدمة تثبت البرامج.) -- C:\Windows\System32\appmgmts.dll [183296]
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [90464]

---\\ Firewall Active Exception List (FirewallRules) (O87) (2) - 0s
O87 - FAEL: "{1C05FA1B-FB8C-4BA3-9E20-02BEC0130109}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\adel\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{C7AC5B96-061C-4337-834C-E62620ADDED4}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\adel\AppData\Roaming\uTorrent\uTorrent.exe

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) (23) - 10s
SR - Auto [2014/08/14 11:32:04] [ 1263424] Acronis Scheduler2 Service (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - Auto [2013/05/28 18:20:22] [ 65640] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - Auto [2013/09/04 18:12:54] [ 2252504] @oem28.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Man (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\system32\BtwRSupportService.exe
SR - Auto [2013/05/05 17:32:58] [ 388352] SCP DS3 Service (Ds3Service) . (.Scarlet.Crush Productions.) - C:\Program Files\Scarlet.Crush Productions\bin\ScpService.exe
SR - Auto [2015/07/24 06:22:13] [ 1155216] NVIDIA GeForce Experience Service (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SS - Auto [2014/04/13 12:37:30] [ 116648] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - Demand [2014/04/13 12:37:30] [ 116648] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - Auto [2013/08/07 14:24:00] [ 15720] Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - Auto [2013/08/27 14:32:14] [ 747520] Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SS - Demand [2013/08/27 14:32:30] [ 828376] Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SR - Auto [2013/07/08 21:30:24] [ 195336] Intel(R) PROSet Monitoring Service (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SR - Auto [2013/08/01 17:31:10] [ 198120] Intel(R) Smart Connect Technology Agent (ISCTAgent) . (.Copyright© 2011-2013 Intel Corporation.) - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
SR - Auto [2013/09/17 03:20:10] [ 169432] Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - Auto [2013/09/17 03:20:16] [ 390616] Intel(R) Management and Security Application Local Manageme (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - Auto [2015/07/24 06:22:13] [ 1871504] NVIDIA Network Service (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - Auto [2015/07/24 06:22:11] [ 5544592] NVIDIA Streamer Service (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
SR - Auto [2014/03/04 15:05:58] [ 922968] NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - Auto [2013/10/21 02:37:54] [ 144368] Symantec Endpoint Protection (SepMasterService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
SS - Auto [2013/10/23 08:15:08] [ 172192] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - Demand [2013/10/21 03:18:21] [ 2377984] Symantec Management Client (SmcService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
SS - Demand [2013/10/21 03:18:10] [ 334736] Symantec Network Access Control (SNAC) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
SR - Auto [2014/03/04 13:32:56] [ 411936] NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - Auto [2014/09/13 04:31:12] [ 6847712] Acronis Sync Agent Service (syncagentsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

---\\ Additional Scan (O88) (1) - 0s
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS

---\\ Summary of the elements found on your workstation (1) - 0s
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS

~ End of the scan, 26963 items in 40 seconds (718)(0)()

Publicité


Signaler le contenu de ce document

Publicité