cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.7.17.92 By Nicolas Coolman (2015/07/17)
~ Run by Administrator (Administrator) (2015/08/19 00:45:33)
~ Site: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: No network file
~ Mode: Scan
~ Report: D:\Documents and Settings\Administrator\Desktop\ZHPDiag.txt
~ Report: D:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
~ Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Internet Browsers (1) - 0s
MSIE: Internet Explorer v8.0.6001.18702

---\\ System optimization software (1) - 0s
CCleaner v5.07

---\\ Surveillance software (2) - 0s
Adobe Flash Player 11 ActiveX
Adobe Reader XI - Français

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 13 Stepping 8, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
~ Total physical RAM (KB): 514096
~ System Restore: Activé (Enable)
~ System drive D: has 49 GB free of 57 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: BASSA-PC
~ User Name: Administrator
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 0 GB free of 0 GB
~ Drive D: has 49 GB free of 57 GB (System)
~ Drive F: has 0 GB free of 3 GB

---\\ Search Generic System Files (22) - 5s
[MD5.2BB75B7F548D82A099125D0C5971DE7D] - (.Microsoft Corporation - Windows Explorer.) () -- D:\WINDOWS.1\Explorer.exe [1033728]
[MD5.037B1E7798960E0420003D05BB577EE6] - (.Microsoft Corporation - Run a DLL as an App.) () -- D:\WINDOWS.1\System32\rundll32.exe [33280]
[MD5.553AD35768CD27959391DD5AA82CEF6F] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- D:\WINDOWS.1\System32\wininet.dll [920064]
[MD5.53A8857723277B1D6D5EE60A9F85B117] - (.Microsoft Corporation - Windows NT Logon Application.) () -- D:\WINDOWS.1\System32\Winlogon.exe [509440]
[MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- D:\WINDOWS.1\System32\drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- D:\WINDOWS.1\System32\drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- D:\WINDOWS.1\System32\drivers\Cdfs.sys [63744]
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- D:\WINDOWS.1\System32\drivers\Cdrom.sys [62976]
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) () -- D:\WINDOWS.1\System32\drivers\Fips.sys [44544]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- D:\WINDOWS.1\System32\drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) () -- D:\WINDOWS.1\System32\drivers\i8042prt.sys [52480]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- D:\WINDOWS.1\System32\drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- D:\WINDOWS.1\System32\drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- D:\WINDOWS.1\System32\drivers\IPSec.sys [75264]
[MD5.FB2FCCC70F7174C7BF64F48E96D3ADF4] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- D:\WINDOWS.1\System32\drivers\MRxSmb.sys [457856]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- D:\WINDOWS.1\System32\drivers\netBT.sys [162816]
[MD5.4C51D5275AE8A16999EDFE7E647D00DE] - (.Microsoft Corporation - NT File System Driver.) () -- D:\WINDOWS.1\System32\drivers\ntfs.sys [576384]
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) () -- D:\WINDOWS.1\System32\drivers\Parport.sys [80128]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- D:\WINDOWS.1\System32\drivers\Rasl2tp.sys [51328]
[MD5.47EA20320E3D6FDC7B7BB22B2B881CA6] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- D:\WINDOWS.1\System32\drivers\rdpdr.sys [195712]
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) () -- D:\WINDOWS.1\System32\drivers\redbook.sys [57600]
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- D:\WINDOWS.1\System32\drivers\volsnap.sys [52352]

---\\ Process running (5) - 11s
[MD5.ED254570323BB31DD0BFEB2434D175C9] - (.TechSmith Corporation - Snagit.) -- D:\Program Files\TechSmith\Snagit 10\Snagit32.exe [7067464] [PID.1996]
[MD5.38971D3E7F196D1B97EF935061ED5B53] - (.TechSmith Corporation - TechSmith HTML Help Helper.) -- D:\Program Files\TechSmith\Snagit 10\TscHelp.exe [94024] [PID.212]
[MD5.4F8879D0BA69C3632A481FAB5245F88A] - (.TechSmith Corporation - Snagit RPC Helper.) -- D:\Program Files\TechSmith\Snagit 10\SnagPriv.exe [89928] [PID.220]
[MD5.6F487CD41FA0D9B8B2A7F69D6FD7FB80] - (.TechSmith Corporation - Snagit Editor.) -- D:\Program Files\TechSmith\Snagit 10\snagiteditor.exe [7396680] [PID.428]
[MD5.B73DC68FA6BD2FC89F593252A85F4BAB] - (...) -- D:\Program Files\ibVPN\ibVPN.com.exe [989232] [PID.1236]

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2) (18) - 1s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://download-internet-pdf-ebooks.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://download-pdf-ebooks.net/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://pagead2.googlesyndication.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://popup.i2w.biz/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.google-analytics.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.dz/
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com/
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [hehijbfgiekmjfkfjpbkbammjbdenadd] IE Tab
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) (2) - 0s
P2 - FPN: [HKLM] [@meadco.com/neptune plugin,version=2.0.0.29] - (.MeadCo Corp..) -- D:\Program Files\MeadCo Neptune\npmeadax.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.3] - (.VideoLAN.) -- D:\Program Files\VideoLAN\VLC\npvlc.dll

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) (9) - 0s
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (R5) (6) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=D:\WINDOWS.1\system32\userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=D:\WINDOWS.1\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (O1) (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)

---\\ Browser Helper Object (BHO) (O2) (1) - 0s
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} . (.TechSmith Corporation - Snagit Browser Helper Object for Internet E.) -- D:\Program Files\TechSmith\Snagit 10\SnagitBHO.dll

---\\ Internet Explorer Toolbars (O3) (2) - 0s
O3 - Toolbar: 0x80E1F58FDEABEB46B09ED2AAB95CABE3 - [HKCU]{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} . (...) -- (.not file.)
O3 - Toolbar: (no name) - [HKLM]{8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} (Orphean)

---\\ Auto loading programs from Registry and folders (O4) (6) - 0s
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- D:\Program Files\CCleaner\CCleaner.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS.1\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS.1\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS.1\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-1060284298-1202660629-1417001333-500\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- D:\Program Files\CCleaner\CCleaner.exe
O4 - HKUS\S-1-5-21-1060284298-1202660629-1417001333-500\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS.1\system32\ctfmon.exe

---\\ Lop.com/Domain Hijackers (O17) (1) - 0s
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

---\\ Task Planned Automatically (O39) (2) - 1s
O39 - APT: Automatic Planified Task - (...) -- D:\WINDOWS.1\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1202660629-1417001333-500Core.job [958]
O39 - APT: Automatic Planified Task - (...) -- D:\WINDOWS.1\Tasks\GoogleUpdateTaskUserS-1-5-21-1060284298-1202660629-1417001333-500UA.job [1010]

---\\ Software installed (O42) (15) - 4s
O42 - Logiciel: Windows Driver Package - Realtek Semiconductor Corp. (RTL8023xp) Net (03/2 - (.Realtek Semiconductor Corp..) [HKLM] -- 085FF8DA84BC0ED2DB7AFC71FF1D5EF864A9C50D
O42 - Logiciel: Windows Driver Package - Intel (w29n51) net (12/19/2007 9.0.4.39) - (.Intel.) [HKLM] -- 2DA959FE3D6F0F5BC313481E72071D510DD786FB
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: AutoPlay Media Studio 8 - (.Indigo Rose Corporation.) [HKLM] -- AutoPlay Media Studio 8
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- HDMI
O42 - Logiciel: ibVPN - (.ibVPN.) [HKLM] -- ibVPN
O42 - Logiciel: UltraUXThemePatcher - (.Manuel Hoefs (Zottel).) [HKLM] -- UltraUXThemePatcher
O42 - Logiciel: VLC media player 2.0.3 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 5.20 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Snagit 10.0.1 - (.TechSmith Corporation.) [HKLM] -- {22FC7536-BE5C-4E88-8069-C24689D34EC5}
O42 - Logiciel: DriverIdentifier 4.2.8 - (.DriverIdentifier.) [HKLM] -- {40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1
O42 - Logiciel: Adobe Reader XI - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: 12.0.0.0 - (.Adobe Photoshop CS5 ME by Magic-M.) [HKLM] -- {FECB3E96-76A8-45A9-B73C-D7304DE02190}_is1
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

---\\ HKCU & HKLM Software Keys (37) - 4s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\BrowserChoice
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\ibVPN
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\MeadCo
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\NeoSmart Technologies
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\TechSmith
HKLM\SOFTWARE\UltraUXThemePatcher
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\IE Tab
HKCU\SOFTWARE\Indigo Rose
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\NATATA eBook
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\TechSmith
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper

---\\ Contents of the Common Files folders (O43) (82) - 5s
O43 - CFD: 2015/08/18 11:50:25 - [] D -- D:\Program Files\Adobe
O43 - CFD: 2015/08/17 10:56:27 - [] D -- D:\Program Files\AutoPlay Media Studio 8
O43 - CFD: 2015/09/16 02:05:43 - [] D -- D:\Program Files\CCleaner
O43 - CFD: 2015/08/18 05:24:09 - [] D -- D:\Program Files\Common Files
O43 - CFD: 2015/09/16 01:16:31 - [0] D -- D:\Program Files\ComPlus Applications
O43 - CFD: 2015/09/16 02:12:11 - [] D -- D:\Program Files\DIFX
O43 - CFD: 2015/09/16 13:48:44 - [] D -- D:\Program Files\Driver Identifier
O43 - CFD: 2015/09/16 12:26:26 - [] D -- D:\Program Files\Google
O43 - CFD: 2015/08/19 00:28:46 - [] D -- D:\Program Files\ibVPN
O43 - CFD: 2015/09/16 01:17:32 - [] D -- D:\Program Files\Internet Explorer
O43 - CFD: 2015/09/16 14:59:45 - [] D -- D:\Program Files\MeadCo Neptune
O43 - CFD: 2015/09/16 01:20:08 - [] D -- D:\Program Files\microsoft frontpage
O43 - CFD: 2015/08/17 13:00:18 - [] D -- D:\Program Files\Microsoft Office
O43 - CFD: 2015/08/17 12:59:39 - [] D -- D:\Program Files\Microsoft Visual Studio
O43 - CFD: 2015/08/17 13:03:49 - [] D -- D:\Program Files\Microsoft Works
O43 - CFD: 2015/08/18 11:23:07 - [] D -- D:\Program Files\Microsoft.NET
O43 - CFD: 2015/09/16 01:17:26 - [] D -- D:\Program Files\Movie Maker
O43 - CFD: 2015/08/17 13:02:08 - [] D -- D:\Program Files\MSBuild
O43 - CFD: 2015/08/17 13:23:15 - [] D -- D:\Program Files\MSECache
O43 - CFD: 2015/09/16 01:16:07 - [] D -- D:\Program Files\MSN Gaming Zone
O43 - CFD: 2015/09/16 01:17:33 - [] D -- D:\Program Files\NetMeeting
O43 - CFD: 2015/09/16 01:17:53 - [] D -- D:\Program Files\Online Services
O43 - CFD: 2015/09/16 01:17:32 - [] D -- D:\Program Files\Outlook Express
O43 - CFD: 2015/09/16 13:48:34 - [] D -- D:\Program Files\TechSmith
O43 - CFD: 2015/09/16 12:03:13 - [] D -- D:\Program Files\UltraUXThemePatcher
O43 - CFD: 2015/09/16 01:40:15 - [0] HD -- D:\Program Files\Uninstall Information
O43 - CFD: 2015/09/16 01:58:59 - [] D -- D:\Program Files\VideoLAN
O43 - CFD: 2015/09/16 01:19:47 - [] D -- D:\Program Files\Windows Media Player
O43 - CFD: 2015/09/16 01:16:03 - [] D -- D:\Program Files\Windows NT
O43 - CFD: 2015/09/16 01:17:58 - [0] HD -- D:\Program Files\WindowsUpdate
O43 - CFD: 2015/09/16 01:55:52 - [] D -- D:\Program Files\WinRAR
O43 - CFD: 2015/09/16 01:20:08 - [] D -- D:\Program Files\xerox
O43 - CFD: 2015/09/16 01:17:09 - [] RD -- D:\Documents and Settings\All Users\Start Menu\Programs\Accessories
O43 - CFD: 2015/09/16 01:19:54 - [] RD -- D:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/18 11:55:54 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Adobe Photoshop CS5 ME
O43 - CFD: 2015/09/16 02:05:37 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
O43 - CFD: 2015/09/16 13:48:45 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Driver Identifier
O43 - CFD: 2015/09/16 01:16:45 - [] RD -- D:\Documents and Settings\All Users\Start Menu\Programs\Games
O43 - CFD: 2015/08/19 00:28:56 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\ibVPN
O43 - CFD: 2015/08/17 10:57:25 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Indigo Rose Corporation
O43 - CFD: 2015/08/17 13:08:58 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
O43 - CFD: 2015/09/16 13:49:38 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Snagit 10
O43 - CFD: 2015/09/16 13:49:39 - [] RD -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup
O43 - CFD: 2015/09/16 02:11:45 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/09/16 01:55:54 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
O43 - CFD: 2015/08/18 12:53:14 - [] D -- D:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 2015/08/17 10:56:21 - [] D -- D:\Documents and Settings\All Users\Application Data\IndigoRose
O43 - CFD: 2015/09/16 02:14:08 - [] SD -- D:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 2015/08/17 13:09:06 - [] D -- D:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 2015/08/18 12:53:14 - [] D -- D:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
O43 - CFD: 2015/09/16 13:48:57 - [] D -- D:\Documents and Settings\All Users\Application Data\TechSmith
O43 - CFD: 2015/08/18 12:53:13 - [] D -- D:\Program Files\Common Files\Adobe
O43 - CFD: 2015/08/17 12:59:34 - [] D -- D:\Program Files\Common Files\DESIGNER
O43 - CFD: 2015/08/17 13:03:40 - [] D -- D:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 2015/09/16 01:17:32 - [] D -- D:\Program Files\Common Files\MSSoap
O43 - CFD: 2015/09/15 18:00:42 - [] D -- D:\Program Files\Common Files\ODBC
O43 - CFD: 2015/09/16 01:17:33 - [] D -- D:\Program Files\Common Files\Services
O43 - CFD: 2015/09/15 18:00:40 - [] D -- D:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2015/08/17 12:38:41 - [] D -- D:\Program Files\Common Files\System
O43 - CFD: 2015/09/16 13:45:57 - [] D -- D:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 2015/08/18 12:55:06 - [] D -- D:\Documents and Settings\Administrator\Application Data\Adobe
O43 - CFD: 2015/09/16 13:49:48 - [] D -- D:\Documents and Settings\Administrator\Application Data\driveridentifier
O43 - CFD: 2015/09/16 01:40:23 - [] D -- D:\Documents and Settings\Administrator\Application Data\Identities
O43 - CFD: 2015/08/17 11:08:20 - [] D -- D:\Documents and Settings\Administrator\Application Data\IndigoRose
O43 - CFD: 2015/08/17 16:20:43 - [] SD -- D:\Documents and Settings\Administrator\Application Data\Microsoft
O43 - CFD: 2015/09/16 02:47:07 - [] D -- D:\Documents and Settings\Administrator\Application Data\WinRAR
O43 - CFD: 2015/08/19 00:45:55 - [] D -- D:\Documents and Settings\Administrator\Application Data\ZHP
O43 - CFD: 2015/08/18 14:30:31 - [] D -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
O43 - CFD: 2015/09/16 12:26:34 - [] D -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google
O43 - CFD: 2015/09/16 14:24:57 - [] D -- D:\Documents and Settings\Administrator\Local Settings\Application Data\IE Tab
O43 - CFD: 2015/08/17 11:19:37 - [] SD -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
O43 - CFD: 2015/08/17 12:35:38 - [0] D -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
O43 - CFD: 2015/08/19 00:43:58 - [] D -- D:\Documents and Settings\Administrator\Local Settings\Application Data\NeoSmart_Technologies
O43 - CFD: 2015/09/16 13:48:33 - [] D -- D:\Documents and Settings\Administrator\Local Settings\Application Data\TechSmith
O43 - CFD: 2015/09/16 01:40:50 - [] RD -- D:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
O43 - CFD: 2015/09/16 02:30:39 - [] D -- D:\Documents and Settings\Administrator\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/09/16 14:59:55 - [] D -- D:\Documents and Settings\Administrator\Start Menu\Programs\Mead & Company
O43 - CFD: 2015/08/19 00:30:09 - [0] RD -- D:\Documents and Settings\Administrator\Start Menu\Programs\Startup
O43 - CFD: 2015/09/16 12:03:17 - [] D -- D:\Documents and Settings\Administrator\Start Menu\Programs\UltraUXThemePatcher
O43 - CFD: 2015/09/16 01:55:53 - [] D -- D:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
O43 - CFD: 2015/09/16 01:19:54 - [] RD -- D:\WINDOWS.1\System32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 2015/09/15 18:00:24 - [] RD -- D:\WINDOWS.1\System32\Config\systemprofile\Start Menu\Programs\Startup

---\\ ShareTools MSconfig StartupReg (SMSR) (O53) (5) - 0s
O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS.1\system32\ctfmon.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- D:\WINDOWS.1\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- D:\WINDOWS.1\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- D:\WINDOWS.1\system32\igfxpers.exe

---\\ System Drivers List (SDL) (O58) (36) - 8s
O58 - SDL:2012/06/13 09:40:10 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- D:\WINDOWS.1\System32\drivers\cinemst2.sys [262528]
O58 - SDL:2012/06/13 09:40:10 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- D:\WINDOWS.1\System32\drivers\cpqdap01.sys [11776]
O58 - SDL:2008/04/14 06:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- D:\WINDOWS.1\System32\drivers\dmboot.sys [799744]
O58 - SDL:2008/04/14 06:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- D:\WINDOWS.1\System32\drivers\dmio.sys [153344]
O58 - SDL:2008/04/14 06:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- D:\WINDOWS.1\System32\drivers\dmload.sys [5888]
O58 - SDL:2008/04/14 06:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- D:\WINDOWS.1\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2007/01/13 10:33:18 A . (.Intel Corporation - Intel Graphics Miniport Driver.) -- D:\WINDOWS.1\System32\drivers\igxpmp32.sys [5672032]
O58 - SDL:2012/06/13 09:45:08 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- D:\WINDOWS.1\System32\drivers\mv61xxmm.sys [13616]
O58 - SDL:2012/06/13 09:45:08 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- D:\WINDOWS.1\System32\drivers\mv64xxmm.sys [5632]
O58 - SDL:2012/06/13 09:45:08 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- D:\WINDOWS.1\System32\drivers\mvxxmm.sys [13616]
O58 - SDL:2012/06/13 09:40:10 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- D:\WINDOWS.1\System32\drivers\nikedrv.sys [12032]
O58 - SDL:2008/04/14 06:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- D:\WINDOWS.1\System32\drivers\ptilink.sys [17792]
O58 - SDL:2012/06/13 09:40:10 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- D:\WINDOWS.1\System32\drivers\rio8drv.sys [12032]
O58 - SDL:2012/06/13 09:40:10 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- D:\WINDOWS.1\System32\drivers\riodrv.sys [12032]
O58 - SDL:2008/04/13 12:05:40 A . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- D:\WINDOWS.1\System32\drivers\RTL8139.sys [20992]
O58 - SDL:2009/03/24 22:29:52 A . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- D:\WINDOWS.1\System32\drivers\Rtnicxp.sys [130432]
O58 - SDL:2008/04/14 06:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- D:\WINDOWS.1\System32\drivers\secdrv.sys [20480]
O58 - SDL:2013/08/21 19:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- D:\WINDOWS.1\System32\drivers\tap0901.sys [35288]
O58 - SDL:2012/06/13 09:40:10 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- D:\WINDOWS.1\System32\drivers\tsbvcap.sys [21376]
O58 - SDL:2012/06/13 09:40:10 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- D:\WINDOWS.1\System32\drivers\vdmindvd.sys [58112]
O58 - SDL:2008/01/06 21:36:16 A . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- D:\WINDOWS.1\System32\drivers\w29n51.sys [2216064]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ansi.sys [9029]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\country.sys [27097]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\himem.sys [4768]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\key01.sys [42809]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntdos.sys [27866]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntio.sys [33840]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 06:00:00 A . (...) -- D:\WINDOWS.1\System32\ntio804.sys [34560]

---\\ Last modified or created user files (O61) (6) - 10s
O61 - LFC: 2015/08/11 23:21:09 A . (.ãäÊÏì ÔÑæÍÇÊ ÇáÈÑÇãÌ.) -- D:\Documents and Settings\Administrator\My Documents\Downloads\Adobe PhotoShop Portable Collection.exe [212388527]
O61 - LFC: 2015/09/16 14:41:17 A . (..) -- D:\Documents and Settings\Administrator\My Documents\Downloads\IEFix.exe [49152]
O61 - LFC: 2015/08/18 15:57:54 A . (..) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\TechSmith\Snagit\Tray.bin [698]
O61 - LFC: 2015/09/16 14:24:47 A . (.Blackfish Software.) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\IE Tab\8.4.13.1\ietabhelper.exe [450088]
O61 - LFC: 2015/09/16 12:26:08 AT . (..) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe [130888]
O61 - LFC: 2015/08/18 12:55:01 A . (..) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\ev_hashes_whitelist.bin [1113849]

---\\ File Associations Shell Spawning (O67) (9) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS.1\system32\shell32.dll
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\IEXPLORE.EXE
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- D:\WINDOWS.1\system32\wscript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- D:\WINDOWS.1\regedit.exe
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (SMI) (O68) (9) - 0s
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS.1\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS.1\system32\ie4uinit.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- D:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- D:\WINDOWS.1\system32\ie4uinit.exe

---\\ Search Browser Infection (SBI) (O69) (1) - 1s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (SSS) (O83) (40) - 17s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- D:\WINDOWS.1\system32\appmgmts.dll [167936]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- D:\WINDOWS.1\system32\audiosrv.dll [42496]
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- D:\WINDOWS.1\system32\browser.dll [77824]
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- D:\WINDOWS.1\system32\cryptsvc.dll [62464]
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- D:\WINDOWS.1\system32\dmserver.dll [23552]
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- D:\WINDOWS.1\system32\dhcpcsvc.dll [126976]
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- D:\WINDOWS.1\system32\ersvc.dll [23040]
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- D:\WINDOWS.1\system32\es.dll [253952]
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- D:\WINDOWS.1\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: HidServ (HidServ) . (...) -- D:\WINDOWS.1\System32\hidserv.dll [0]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- D:\WINDOWS.1\system32\srvsvc.dll [99840]
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- D:\WINDOWS.1\system32\wkssvc.dll [134144]
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- D:\WINDOWS.1\system32\msgsvc.dll [33792]
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- D:\WINDOWS.1\system32\netman.dll [198144]
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- D:\WINDOWS.1\system32\mswsock.dll [245248]
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- D:\WINDOWS.1\system32\ntmssvc.dll [435200]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- D:\WINDOWS.1\system32\rasauto.dll [88576]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- D:\WINDOWS.1\system32\rasmans.dll [186368]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- D:\WINDOWS.1\system32\mprdim.dll [53248]
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- D:\WINDOWS.1\system32\schedsvc.dll [192512]
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- D:\WINDOWS.1\system32\seclogon.dll [18944]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- D:\WINDOWS.1\system32\sens.dll [39424]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- D:\WINDOWS.1\system32\ipnathlp.dll [330752]
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- D:\WINDOWS.1\system32\srsvc.dll [171008]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- D:\WINDOWS.1\system32\tapisrv.dll [249856]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- D:\WINDOWS.1\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- D:\WINDOWS.1\system32\trkwks.dll [90112]
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- D:\WINDOWS.1\system32\w32time.dll [175616]
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- D:\WINDOWS.1\system32\wzcsvc.dll [483328]
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- D:\WINDOWS.1\system32\advapi32.dll [617472]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- D:\WINDOWS.1\system32\wbem\wmisvc.dll [144896]
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- D:\WINDOWS.1\system32\wscsvc.dll [80896]
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- D:\WINDOWS.1\system32\xmlprov.dll [129024]
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- D:\WINDOWS.1\system32\qagentrt.dll [291328]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- D:\WINDOWS.1\system32\kmsvc.dll [61440]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- D:\WINDOWS.1\system32\qmgr.dll [409088]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- D:\WINDOWS.1\system32\wuauserv.dll [22520]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- D:\WINDOWS.1\system32\shsvcs.dll [135168]
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- D:\WINDOWS.1\pchealth\helpctr\binaries\pchsvc.dll [38400]
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- D:\WINDOWS.1\system32\mspmsnsv.dll [52224]

---\\ Additional Scan (O88) (1) - 0s
~ No malicious or unnecessary items found.

---\\ Summary of the elements found on your workstation (1) - 0s
~ No malicious or unnecessary items found.

~ End of the scan, 12995 items in 140 seconds (367)(0)()

Publicité


Signaler le contenu de ce document

Publicité