cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.9.24.145 By Nicolas Coolman (2015/09/24)
~ Run by omar mokran (Administrator) (2015/09/25 15:30:45)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\omar mokrani\Desktop\ZHPDiag.txt
~ Report: C:\Users\omar mokrani\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ System startup: Normal (Normal boot)
Windows 8.1 Pro, 64-bit (Build 9600)

---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v45.0.2454.99
MFIE: Mozilla Firefox 40.0.3 (x86 en-US) v40.0.3
MSIE: Internet Explorer v11.0.9600.18036

---\\ Windows Product Information (3) - 3s
~ Windows Server License Manager Script : OK
System - VBScript Engine not found
Windows Automatic Updates : OK

---\\ System protection software (1) - 4s
Windows Defender (Deactivate)

---\\ System optimization software (1) - 4s
CCleaner v5.06

---\\ Surveillance software (1) - 5s
Adobe Acrobat Reader DC

---\\ Information on the system (6) - 0s
~ Operating System: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2060.788 MB (33% free)
~ System Restore: Activé (Enable)
~ System drive C: has 26 GB free of 76 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: ME
~ User Name: omar mokran
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 26 GB free of 76 GB (System)
~ Drive D: has 126 GB free of 198 GB
~ Drive E: has 91 GB free of 201 GB

---\\ State of the Windows Security Center (11) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (24) - 1s
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Windows Explorer.) () -- C:\Windows\Explorer.exe [2501368] ©
[MD5.6C308D32AFA41D26CE2A0EA8F7B79565] - (.Microsoft Corporation - Windows host process (Rundll32).) () -- C:\Windows\System32\rundll32.exe [54784] ©
[MD5.A570A64292214C43E0BA50E6A72A6380] - (.Microsoft Corporation - Windows Start-Up Application.) () -- C:\Windows\System32\Wininit.exe [145920] ©
[MD5.096A832FCF5A01003E96DD7FEE45618D] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\Windows\System32\wininet.dll [2427392] ©
[MD5.EC498BAE1F0D3E0E401C963F8D76C437] - (.Microsoft Corporation - Windows Logon Application.) () -- C:\Windows\System32\Winlogon.exe [572416] ©
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Software Licensing Library.) () -- C:\Windows\System32\sppcomapi.dll [447488] ©
[MD5.0B082D6D7A53D91678E7409DD145E89C] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\System32\dnsapi.dll [657920] ©
[MD5.205BDB00F4C032AF45A6BFD18EA7886C] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\Windows\Syswow64\dnsapi.dll [498688] ©
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\Windows\System32\drivers\AFD.sys [563200] ©
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) () -- C:\Windows\System32\drivers\atapi.sys [26464] ©
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\Windows\System32\drivers\Cdfs.sys [88576] ©
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\Windows\System32\drivers\Cdrom.sys [164352] ©
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) () -- C:\Windows\System32\drivers\DfsC.sys [134144] ©
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) () -- C:\Windows\System32\drivers\HDAudBus.sys [76800] ©
[MD5.49EE0AE9E5B64FFBBD06D55C4984B598] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\Windows\System32\drivers\i8042prt.sys [108544] ©
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\Windows\System32\drivers\IpNat.sys [142848] ©
[MD5.6FBDF2B1B025A8E6E069234362FFFFB7] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\Windows\System32\drivers\MRxSmb.sys [401408] ©
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\Windows\System32\drivers\netBT.sys [282624] ©
[MD5.7F68063A5A0461E02BC860CE0E6BFDDC] - (.Microsoft Corporation - NT File System Driver.) () -- C:\Windows\System32\drivers\ntfs.sys [2025792] ©
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\Windows\System32\drivers\Parport.sys [94208] ©
[MD5.1BD3022FD6E450B00DE560265638FD2A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\Windows\System32\drivers\Rasl2tp.sys [112640] ©
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\Windows\System32\drivers\rdpdr.sys [195584] ©
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) () -- C:\Windows\System32\drivers\tdx.sys [107520] ©
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\Windows\System32\drivers\volsnap.sys [310080] ©

---\\ Process running (16) - 1s
[MD5.DA074EECD8B4E45DD352A646D46682AC] - (.Bitdefender - Bitdefender Security Service.) -- C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1540744] [PID.864] ©
[MD5.1A9E68308B73B79E5A8D3990BEA735FA] - (.Microsoft - Windows.) -- C:\Windows\SysWOW64\service.exe [239104] [PID.1944] ©
[MD5.358696C459C8FFC30770448977014F5A] - (.Bitdefender - Bitdefender Update Service.) -- C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320] [PID.1400] ©
[MD5.F6DA90C8F6CFD618A6D5221CD17233B2] - (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1603544] [PID.3900] ©
[MD5.A3E33718D1090A1587AC069597EC4FA6] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152] [PID.4148] ©
[MD5.710D2C4CF41336E6682CD3E288311108] - (.Copyright (C) 2013 - ProgLauncher Application.) -- C:\Program Files (x86)\ProgDVB\ProgLauncher.exe [372648] [PID.4232]
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe [269848] [PID.4380] ©
[MD5.B3231AFD95A8051970D9B21BC8CC885E] - (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880] [PID.5056] ©
[MD5.7A7CB5FDCC319CBE08792005C423D5DC] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [257448] [PID.4936] ©
[MD5.7A7CB5FDCC319CBE08792005C423D5DC] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [257448] [PID.4928] ©
[MD5.7A7CB5FDCC319CBE08792005C423D5DC] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [257448] [PID.1872] ©
[MD5.7A7CB5FDCC319CBE08792005C423D5DC] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [257448] [PID.4836] ©
[MD5.DF37DE4EB253CC67CB6B9D0B1BC69463] - (.Ralink Technology, Corp. - Ralink Wireless LAN Card Utility.) -- C:\Program Files (x86)\Ralink\RT2870 Wireless LAN Card\Utility\RaUI.exe [11474272] [PID.3324] ©
[MD5.7A7CB5FDCC319CBE08792005C423D5DC] - (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [257448] [PID.3364] ©
[MD5.7B8CFD0EB3ADBF6717AA99B9DC07926F] - (.CANON INC. - Canon Advanced Printing Technology RPC Serv.) -- C:\Windows\system32\CNAB4RPD.EXE [63936] [PID.2872] ©
[MD5.260B29F5BCC07C91CBA92910484BE023] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\omar mokrani\Desktop\ZHPDiag3.exe [1938944] [PID.852] ©

---\\ Google Chrome, Start,Search,Extensions (13) - 1s
G0 - GCSP: Secure Preferences [User Data\Default][HomePage] http://www.google.dz/
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [cfhdojbkjhnklbpkdaibdccddilifddb] __MSG_name__
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [fabcmochhfpldjekobfaaggijgohadih] Bitdefender Wallet
G2 - GCE: Preference [User Data\Default] [fdcgdnkidjaadafnichfpabhfomcebme] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ngpampappnmepgilojfohadhhmbhlaek] IDM Integration Module
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (3) - 0s
M0 - MFSP: prefs.js [omar mokran - yustq1cq.default] https://www.google.dz/
P2 - EXT FILE: (...) -- C:\Users\omar mokrani\AppData\Roaming\Mozilla\Firefox\Profiles\yustq1cq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©

---\\ Internet Explorer Extensions, Start, Search (13) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=userinit.exe (.Microsoft Corporation.)
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.)
F2 - REG:system.ini: VMApplet=C:\Windows\SysWOW64\SystemPropertiesPerformance.exe (.Microsoft Corporation.)

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (21)

---\\ Browser Helper Object (BHO) (4) - 0s
O2 - BHO: IDM Helper [64Bits] - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: Bitdefender Wallet [64Bits] - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} . (.Bitdefender - Bitdefender Password Manager Internet Explo.) -- C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll ©
O2 - BHO: Skype for Business Click to Call BHO [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Skype for Business.) -- C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll ©
O2 - BHO: Microsoft SkyDrive Pro Browser Helper [64Bits] - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} . (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL ©

---\\ Auto loading programs from Registry and folders (9) - 1s
O4 - HKLM\..\Run: [Bdagent] . (.Bitdefender - Bitdefender Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe ©
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKCU\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe ©
O4 - HKCU\..\Run: [ProgLauncher] . (.Copyright (C) 2013 - ProgLauncher Application.) -- C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe ©
O4 - HKUS\S-1-5-21-2874199535-1667474064-2734398074-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\Internet Download Manager\IDMan.exe ©
O4 - HKUS\S-1-5-21-2874199535-1667474064-2734398074-1002\..\Run: [Bitdefender Wallet Agent] . (.Bitdefender - Bitdefender Wallet Agent.) -- C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe ©
O4 - HKUS\S-1-5-21-2874199535-1667474064-2734398074-1002\..\Run: [ProgLauncher] . (.Copyright (C) 2013 - ProgLauncher Application.) -- C:\Program Files (x86)\ProgDVB\ProgLauncher.exe
O4 - HKUS\S-1-5-21-2874199535-1667474064-2734398074-1002\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe ©

---\\ Global shortcuts Startup (6) - 5s
O4 - GS\Desktop [Administrator]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Quicklaunch [Administrator]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Desktop [Guest]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Quicklaunch [Guest]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Desktop [omar mokran]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O4 - GS\Quicklaunch [omar mokran]: QQ影音.lnk . (.腾讯科技(深圳)有限公司 - QQ影音.) C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar

---\\ Lop.com/Domain Hijackers (16) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 109.69.8.51,192.71.245.208
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 156.154.71.22,37.187.23.23
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 109.69.8.51,192.71.245.208
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 156.154.71.22,37.187.23.23
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 0.0.0.0
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpDomain = domain.name
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 109.69.8.51,192.71.245.208,
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 192.168.1.1,192.168.1.1,
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 109.69.8.51,192.71.245.208,192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 192.168.1.1,192.168.1.1,192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 156.154.71.22,37.187.23.23,192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 156.154.71.22,37.187.23.23,

---\\ Extra protocols (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\SysWOW64\inetcomm.dll ©
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\SysWOW64\urlmon.dll ©
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\SysWOW64\itss.dll ©
O18 - Handler: osf [64Bits] - {D924BDC6-C83A-4BD5-90D0-095128A113D1} . (.Microsoft Corporation - Microsoft Office 2013 component.) -- C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL ©
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\SysWOW64\MSVidCtl.dll ©
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\SysWOW64\mshtml.dll ©
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\SysWOW64\mscoree.dll ©
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL ©

---\\ Non Microsoft non disabled Windows Services (5) - 1s
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
O23 - Service: Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender - Bitdefender Update Service.) - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe ©
O23 - Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender - Bitdefender Security Service.) - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe ©
O23 - Service: Wise Boot Assistant (WiseBootAssistant) . (.WiseCleaner.com - Wise BootTime Service.) - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe ©

---\\ Task Planned Automatically (18) - 3s
[MD5.70685AC6E02E9C2DFB88D4851954F5B4] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [998088] ©
[MD5.EE526B0428581B57FFC571FF57309E28] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6369048] ©
[MD5.F607821FF3700141FDDBC5D65161C108] [APT] [DriverEasy Scheduled Scan] (.Easeware.) -- C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3189520] ©
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848] ©
[MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107848] ©
[MD5.7A7CB5FDCC319CBE08792005C423D5DC] [APT] [Maxthon Update] (.Maxthon International ltd..) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [257448] ©
[MD5.4E59FD37BF7C0F5DC45FD73947A59DE4] [APT] [Wise Turbo Checker] (.WiseCleaner.COM.) -- C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [1399616] ©
O39 - APT: DriverEasy Scheduled Scan - (.Easeware.) -- C:\Windows\Tasks\DriverEasy Scheduled Scan.job [424] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [852] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [856] ©
O39 - APT: Wise Turbo Checker - (.WiseCleaner.COM.) -- C:\Windows\Tasks\Wise Turbo Checker.job [426] ©
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3886] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2790] ©
O39 - APT: DriverEasy Scheduled Scan - (.Easeware.) -- C:\Windows\System32\Tasks\DriverEasy Scheduled Scan [3822] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3592] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3828] ©
O39 - APT: Maxthon Update - (.Maxthon International ltd..) -- C:\Windows\System32\Tasks\Maxthon Update [3596] ©
O39 - APT: Wise Turbo Checker - (.WiseCleaner.COM.) -- C:\Windows\System32\Tasks\Wise Turbo Checker [3088] ©

---\\ Software installed (94) - 12s
O42 - Logiciel: Bitdefender Total Security 2015 - (.Bitdefender.) [HKLM][64Bits] -- Bitdefender ©
O42 - Logiciel: Canon LBP2900 - (...) [HKLM][64Bits] -- Canon LBP2900
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner ©
O42 - Logiciel: CrystalDiskMark 5.0.2 - (.Crystal Dew World.) [HKLM][64Bits] -- CrystalDiskMark5_is1 ©
O42 - Logiciel: CyberGhost 5 - (.CyberGhost S.R.L..) [HKLM][64Bits] -- CyberGhost 5_is1 ©
O42 - Logiciel: DriverEasy 4.9.5 - (.Easeware.) [HKLM][64Bits] -- DriverEasy_is1 ©
O42 - Logiciel: WinRAR 5.01 (64-bit) - (.win.rar GmbH.) [HKLM][64Bits] -- WinRAR archiver ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: Microsoft Access MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Access MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Access MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0015-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Excel MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Excel MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Excel MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0016-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft SharePoint Designer MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0017-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft SharePoint Designer MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0017-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft PowerPoint MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft PowerPoint MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft PowerPoint MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0018-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Publisher MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Publisher MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Publisher MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0019-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Outlook MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Outlook MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Outlook MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001A-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Word MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Word MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Word MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-001B-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft InfoPath MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft InfoPath MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft InfoPath MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0044-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft DCF MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft DCF MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft DCF MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0090-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft OneNote MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft OneNote MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft OneNote MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00A1-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Groove MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Groove MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Groove MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-00BA-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: Microsoft X MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0101-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft X MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0101-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Access Setup Metadata MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-0117-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Microsoft Lync MUI (Arabic) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0401-1000-0000000FF1CE} ©
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0401-1000-0000000FF1CE}_Office15.OMUI.ar-sa_{4B154642-070A-4391-A5A6-E41FDC0FF38B} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0401-1000-0000000FF1CE}_Office15.OMUI.ar-sa_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: Microsoft Lync MUI (English) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE} ©
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: Microsoft Lync MUI (French) 2013 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE} ©
O42 - Logiciel: Security Update for Skype for Business 2015 (KB3055014) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.OMUI.fr-fr_{8C2B62DE-0BBD-421A-A0F8-4517146C7725} ©
O42 - Logiciel: Update for Skype for Business 2015 (KB2889853) 64-Bit Edition - (.Microsoft.) [HKLM][64Bits] -- {90150000-012B-040C-1000-0000000FF1CE}_Office15.OMUI.fr-fr_{DD51BA84-F589-4939-B5FE-5538B3DCC12E} ©
O42 - Logiciel: Eassos PartitionGuru Free 3.7.0 - (.Eassos Co., Ltd..) [HKLM][64Bits] -- {971F12D0-D834-4BAC-BD22-8769EBA08106}_is1
O42 - Logiciel: NetLimiter 4 - (.Locktime Software.) [HKLM][64Bits] -- {A73810DD-B51D-419B-946D-FC062247219E} ©
O42 - Logiciel: CrystalDiskInfo 6.5.2 - (.Crystal Dew World.) [HKLM][64Bits] -- CrystalDiskInfo_is1 ©
O42 - Logiciel: DVBViewer TE2 - (.CM&V.) [HKLM][64Bits] -- DVBViewer TE2_is1
O42 - Logiciel: FormatFactory 2.96 - (.Free Time.) [HKLM][64Bits] -- FormatFactory ©
O42 - Logiciel: Google Chrome - (.Google Inc‎.‎.) [HKLM][64Bits] -- Google Chrome ©
O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM][64Bits] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} ©
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM][64Bits] -- Internet Download Manager ©
O42 - Logiciel: Maxthon Cloud Browser - (.Maxthon International Limited.) [HKLM][64Bits] -- Maxthon3 ©
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 en-US) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 40.0.3 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService ©
O42 - Logiciel: NetLimiter 4 - (.Locktime Software.) [HKLM][64Bits] -- NetLimiter 4 4.0.8.0 ©
O42 - Logiciel: ProgDVB - (.Prog.) [HKLM][64Bits] -- ProgDVB
O42 - Logiciel: StartIsBack+ - (.startisback.com.) [HKLM][64Bits] -- StartIsBack ©
O42 - Logiciel: WinPcap 4.1.3 - (.Riverbed Technology, Inc..) [HKLM][64Bits] -- WinPcapInst ©
O42 - Logiciel: Wise Care 365 3.83 - (.WiseCleaner.com, Inc..) [HKLM][64Bits] -- Wise Care 365_is1 ©
O42 - Logiciel: Wise Data Recovery 3.72 - (.WiseCleaner.com, Inc..) [HKLM][64Bits] -- Wise Data Recovery_is1 ©
O42 - Logiciel: Windows Software Development Kit EULA - (.Microsoft Corporations.) [HKLM][64Bits] -- {1F5C7BAE-1E1A-7C93-1B90-84CE308AFC1C}
O42 - Logiciel: Ralink RT2870 Wireless LAN Card - (.Ralink.) [HKLM][64Bits] -- {28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D} ©
O42 - Logiciel: Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549} ©
O42 - Logiciel: Google Earth Pro - (.Google.) [HKLM][64Bits] -- {35DAA04C-1720-4BE3-A920-A03731EC6A1D} ©
O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9} ©
O42 - Logiciel: WPT Redistributables - (.Microsoft.) [HKLM][64Bits] -- {64F3FB9A-9250-B2D6-00B4-50BE0358AEE8} ©
O42 - Logiciel: Skype™ 7.9 - (.Skype Technologies S.A..) [HKLM][64Bits] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} ©
O42 - Logiciel: MainConcept DTV Decoder Pro - (.MainConcept GmbH.) [HKLM][64Bits] -- {793FCE60-DE5E-4977-A942-A7B69A45B17D}
O42 - Logiciel: System Requirements Lab Detection - (.Husdawg, LLC.) [HKLM][64Bits] -- {7CA92482-8D14-47B5-816B-B182C5771C8F} ©
O42 - Logiciel: Adobe Acrobat Reader DC - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1033-7B44-AC0F074E4100} ©
O42 - Logiciel: Setup - (.Microsoft.) [HKLM][64Bits] -- {AFB80F59-AE19-41F5-9118-36D84A9029E9} ©
O42 - Logiciel: Kits Configuration Installer - (.Microsoft.) [HKLM][64Bits] -- {B74E65FD-CC47-41C5-4B89-791A3F61942D} ©
O42 - Logiciel: WPTx64 - (.Microsoft.) [HKLM][64Bits] -- {BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB} ©
O42 - Logiciel: TechniSat DVB-PC TV Star - (.TechniSat.) [HKLM][64Bits] -- {D032A7F0-8B5C-4603-8B46-235025D5F9C1}
O42 - Logiciel: Windows Software Development Kit for Windows 8.1 - (.Microsoft Corporation.) [HKLM][64Bits] -- {ed3a6e6d-9661-4357-abe4-fcc03dc57a07} ©
O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM][64Bits] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640} ©
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM][64Bits] -- {F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA} ©
O42 - Logiciel: Intel(R) Control Center - (.Intel Corporation.) [HKLM][64Bits] -- {F8A9085D-4C7A-41a9-8A77-C8998A96C421} ©
O42 - Logiciel: Maxthon Nitro - (.Maxthon International Limited.) [HKCU][64Bits] -- MxNitro ©
O42 - Logiciel: QQ影音3.9 - (.腾讯科技(深圳)有限公司.) [HKCU][64Bits] -- QQPlayer
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKCU][64Bits] -- uTorrent

---\\ HKCU & HKLM Software Keys (86) - 12s
HKLM\SOFTWARE\Wow6432Node\Adobe
HKLM\SOFTWARE\Wow6432Node\AdwCleaner
HKLM\SOFTWARE\Wow6432Node\AviSynth
HKLM\SOFTWARE\Wow6432Node\Bitdefender
HKLM\SOFTWARE\Wow6432Node\Caphyon
HKLM\SOFTWARE\Wow6432Node\CoreCodec
HKLM\SOFTWARE\Wow6432Node\CyberGhost
HKLM\SOFTWARE\Wow6432Node\CyberLink
HKLM\SOFTWARE\Wow6432Node\EA Games
HKLM\SOFTWARE\Wow6432Node\Elecard
HKLM\SOFTWARE\Wow6432Node\GNU
HKLM\SOFTWARE\Wow6432Node\Google
HKLM\SOFTWARE\Wow6432Node\HaaliMkx
HKLM\SOFTWARE\Wow6432Node\IM Providers
HKLM\SOFTWARE\Wow6432Node\InstallShield
HKLM\SOFTWARE\Wow6432Node\Intel
HKLM\SOFTWARE\Wow6432Node\Internet Download Manager
HKLM\SOFTWARE\Wow6432Node\Locktime Software
HKLM\SOFTWARE\Wow6432Node\Macromedia
HKLM\SOFTWARE\Wow6432Node\Maxthon3
HKLM\SOFTWARE\Wow6432Node\Mozilla
HKLM\SOFTWARE\Wow6432Node\mozilla.org
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\PowerPivot
HKLM\SOFTWARE\Wow6432Node\Ralink
HKLM\SOFTWARE\Wow6432Node\Skype
HKLM\SOFTWARE\Wow6432Node\Solveig Multimedia
HKLM\SOFTWARE\Wow6432Node\TDS
HKLM\SOFTWARE\Wow6432Node\TechniSat
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\VIA Technologies, Inc
HKLM\SOFTWARE\Wow6432Node\WIBU-SYSTEMS
HKLM\SOFTWARE\Wow6432Node\WinPcap
HKLM\SOFTWARE\Wow6432Node\WiseCleaner
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Akeo Consulting
HKCU\SOFTWARE\AntSpec
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Bitdefender
HKCU\SOFTWARE\BitTorrent
HKCU\SOFTWARE\Canon
HKCU\SOFTWARE\CompSoft
HKCU\SOFTWARE\CoreAAC
HKCU\SOFTWARE\CyberGhost
HKCU\SOFTWARE\CyberLink
HKCU\SOFTWARE\DownloadCenter
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\DSP-worx
HKCU\SOFTWARE\Elecard
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GetData
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Innovative Solutions
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\Local AppWizard-Generated Applications
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\Maxthon3
HKCU\SOFTWARE\Mediachance
HKCU\SOFTWARE\mkvmergeGUI
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MP_ALL
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\ReflexiveArcade
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Solveig Multimedia
HKCU\SOFTWARE\Spoon
HKCU\SOFTWARE\StartIsBack
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contents of the Common Files folders (186) - 9s
O43 - CFD: 2015/08/23 00:51:03 - [] D -- C:\Program Files (x86)\Adobe
O43 - CFD: 2015/08/17 04:43:52 - [] D -- C:\Program Files (x86)\Cisco
O43 - CFD: 2015/09/04 17:19:00 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 2015/08/19 02:15:21 - [] D -- C:\Program Files (x86)\CoreCodec
O43 - CFD: 2015/08/29 07:05:54 - [] D -- C:\Program Files (x86)\CrystalDiskInfo
O43 - CFD: 2015/08/21 09:01:36 - [] D -- C:\Program Files (x86)\DVBViewer TE2
O43 - CFD: 2015/08/19 02:35:51 - [] D -- C:\Program Files (x86)\Elecard
O43 - CFD: 2015/08/17 04:36:37 - [] D -- C:\Program Files (x86)\FreeTime
O43 - CFD: 2015/08/19 10:26:48 - [] D -- C:\Program Files (x86)\Google
O43 - CFD: 2015/08/21 08:11:50 - [] D -- C:\Program Files (x86)\Innovative Solutions
O43 - CFD: 2015/09/23 11:45:40 - [] HD -- C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 2015/08/17 04:28:33 - [] D -- C:\Program Files (x86)\Intel
O43 - CFD: 2015/09/01 03:03:16 - [] D -- C:\Program Files (x86)\Internet Download Manager
O43 - CFD: 2015/09/16 21:00:55 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 2015/08/18 06:07:23 - [] HD -- C:\Program Files (x86)\iSafe AllInOne Keylogger
O43 - CFD: 2015/08/17 19:40:30 - [] D -- C:\Program Files (x86)\MainConcept
O43 - CFD: 2015/08/25 05:08:07 - [] D -- C:\Program Files (x86)\Maxthon
O43 - CFD: 2015/08/22 21:58:37 - [] D -- C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 2015/08/22 21:58:16 - [] D -- C:\Program Files (x86)\Microsoft Office
O43 - CFD: 2015/08/21 07:47:17 - [] D -- C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 2015/08/22 22:01:36 - [] D -- C:\Program Files (x86)\Microsoft SQL Server
O43 - CFD: 2015/08/22 22:09:42 - [] D -- C:\Program Files (x86)\Microsoft Visual Studio 8
O43 - CFD: 2015/09/02 06:49:22 - [] D -- C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 2015/09/05 11:04:52 - [] D -- C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 2015/09/05 14:08:45 - [] D -- C:\Program Files (x86)\Mozilla Maintenance Service
O43 - CFD: 2015/07/18 00:35:13 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 2015/08/17 19:55:50 - [] D -- C:\Program Files (x86)\NSIS Uninstall Information
O43 - CFD: 2015/08/29 12:45:28 - [] D -- C:\Program Files (x86)\ProgDVB
O43 - CFD: 2015/08/17 04:43:48 - [] D -- C:\Program Files (x86)\Ralink
O43 - CFD: 2015/07/18 00:35:13 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 2015/08/19 13:53:43 - [] RD -- C:\Program Files (x86)\Skype
O43 - CFD: 2015/09/04 17:18:57 - [] D -- C:\Program Files (x86)\Solveig Multimedia
O43 - CFD: 2015/08/22 21:02:33 - [] D -- C:\Program Files (x86)\StartIsBack
O43 - CFD: 2015/08/29 07:44:42 - [] D -- C:\Program Files (x86)\SystemRequirementsLab
O43 - CFD: 2015/08/21 09:01:52 - [] D -- C:\Program Files (x86)\TechniSat DVB
O43 - CFD: 2015/08/17 19:30:02 - [] D -- C:\Program Files (x86)\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/08/17 20:31:48 - [] D -- C:\Program Files (x86)\VIA
O43 - CFD: 2015/08/19 12:13:08 - [] D -- C:\Program Files (x86)\WebcamMax
O43 - CFD: 2015/08/21 07:45:45 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 2015/09/01 03:21:31 - [] D -- C:\Program Files (x86)\Windows Kits
O43 - CFD: 2014/11/21 16:14:15 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 2014/11/21 16:14:14 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 2014/11/21 16:14:15 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 2013/08/22 16:36:30 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 2014/11/21 16:14:14 - [] D -- C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 2014/11/21 16:14:15 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 2013/08/22 16:36:30 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 2013/08/22 16:36:30 - [] D -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 2015/08/17 20:59:27 - [] D -- C:\Program Files (x86)\WinPcap
O43 - CFD: 2015/08/17 19:34:11 - [0] D -- C:\Program Files (x86)\WinRAR
O43 - CFD: 2015/08/21 07:58:47 - [] D -- C:\Program Files (x86)\Wise
O43 - CFD: 2014/11/21 16:14:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2015/07/18 00:20:03 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/07/18 00:20:01 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/09/24 16:32:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015
O43 - CFD: 2015/08/17 19:49:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
O43 - CFD: 2015/08/19 06:31:20 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 2015/08/29 07:05:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
O43 - CFD: 2015/08/29 07:03:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark5
O43 - CFD: 2015/08/22 23:38:53 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
O43 - CFD: 2015/09/16 05:10:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
O43 - CFD: 2015/08/21 09:01:36 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVBViewer TE2
O43 - CFD: 2015/08/19 03:22:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elecard
O43 - CFD: 2015/08/19 10:27:04 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 2015/08/17 04:26:41 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
O43 - CFD: 2015/08/17 19:50:12 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2013/08/22 16:36:33 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/25 05:08:21 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
O43 - CFD: 2015/09/16 14:12:47 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
O43 - CFD: 2015/08/21 07:44:00 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/09/17 13:10:13 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
O43 - CFD: 2015/08/31 06:08:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartitionGuru Free
O43 - CFD: 2015/08/29 12:45:28 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProgDVB
O43 - CFD: 2015/08/17 04:44:25 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ralink Wireless
O43 - CFD: 2015/08/19 13:53:46 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 2015/09/04 17:19:10 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solveig Multimedia
O43 - CFD: 2015/09/03 13:49:00 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 2014/11/21 16:14:52 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2014/11/21 08:18:57 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 2015/08/21 09:01:40 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechniSat DVB
O43 - CFD: 2015/08/19 12:13:07 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebcamMax
O43 - CFD: 2015/09/01 03:21:32 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
O43 - CFD: 2015/08/17 20:59:27 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
O43 - CFD: 2015/08/17 19:36:05 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/08/17 04:29:47 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
O43 - CFD: 2015/08/21 07:58:49 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Data Recovery
O43 - CFD: 2015/08/23 00:50:57 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 2015/08/19 13:39:07 - [] D -- C:\ProgramData\BDLogging
O43 - CFD: 2015/09/24 16:38:46 - [] D -- C:\ProgramData\Bitdefender
O43 - CFD: 2015/08/19 17:50:47 - [] D -- C:\ProgramData\CMUV
O43 - CFD: 2015/08/17 19:57:59 - [] D -- C:\ProgramData\CyberLink
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 2015/09/23 07:48:17 - [] D -- C:\ProgramData\FarmFrenzy2
O43 - CFD: 2015/08/17 19:50:14 - [0] D -- C:\ProgramData\IDM
O43 - CFD: 2015/08/17 19:54:08 - [] D -- C:\ProgramData\install_clap
O43 - CFD: 2015/09/17 13:10:19 - [] D -- C:\ProgramData\Locktime
O43 - CFD: 2015/09/03 13:49:16 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 2015/09/16 20:46:06 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 2015/08/22 21:29:36 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O43 - CFD: 2015/09/01 03:21:25 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 2015/08/29 12:35:49 - [] D -- C:\ProgramData\Prog
O43 - CFD: 2015/09/12 06:39:20 - [] D -- C:\ProgramData\ProgDVB
O43 - CFD: 2015/08/17 06:07:58 - [0] D -- C:\ProgramData\Ralink
O43 - CFD: 2015/08/17 04:43:53 - [] D -- C:\ProgramData\Ralink Driver
O43 - CFD: 2015/08/22 22:01:22 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 2015/09/05 11:21:58 - [] D -- C:\ProgramData\Skype
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 2015/08/23 06:50:46 - [] D -- C:\ProgramData\SUPPORTDIR
O43 - CFD: 2015/08/17 19:40:42 - [] D -- C:\ProgramData\Technisat
O43 - CFD: 2015/08/17 19:55:43 - [0] D -- C:\ProgramData\Temp
O43 - CFD: 2013/08/22 15:45:52 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 2015/08/17 19:36:54 - [] D -- C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/08/18 06:20:26 - [] D -- C:\ProgramData\WebcamMax
O43 - CFD: 2015/08/17 04:16:15 - [] HD -- C:\ProgramData\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3}
O43 - CFD: 2015/08/23 00:51:18 - [] D -- C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 2015/08/25 05:59:29 - [] D -- C:\Program Files (x86)\Common Files\EagleGet
O43 - CFD: 2015/08/19 03:22:46 - [] D -- C:\Program Files (x86)\Common Files\Elecard
O43 - CFD: 2015/08/17 20:31:25 - [] D -- C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 2015/08/17 04:26:36 - [] D -- C:\Program Files (x86)\Common Files\Intel
O43 - CFD: 2015/08/22 22:00:48 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 2013/08/22 16:36:33 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 2015/08/19 13:53:43 - [] D -- C:\Program Files (x86)\Common Files\Skype
O43 - CFD: 2015/09/04 17:19:05 - [] D -- C:\Program Files (x86)\Common Files\Solveig Multimedia
O43 - CFD: 2014/11/21 16:14:14 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 2015/08/17 19:30:06 - [] D -- C:\Program Files (x86)\Common Files\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/08/18 05:38:14 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Adobe
O43 - CFD: 2015/09/04 17:13:29 - [] D -- C:\Users\omar mokrani\AppData\Roaming\avidemux
O43 - CFD: 2015/09/24 16:32:32 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Bitdefender
O43 - CFD: 2015/08/17 19:58:01 - [] D -- C:\Users\omar mokrani\AppData\Roaming\CyberLink
O43 - CFD: 2015/09/25 15:05:06 - [] D -- C:\Users\omar mokrani\AppData\Roaming\DMCache
O43 - CFD: 2015/08/19 09:42:52 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Easeware
O43 - CFD: 2015/08/19 19:14:17 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Identities
O43 - CFD: 2015/09/25 15:28:46 - [] D -- C:\Users\omar mokrani\AppData\Roaming\IDM
O43 - CFD: 2015/08/17 04:43:36 - [] D -- C:\Users\omar mokrani\AppData\Roaming\InstallShield
O43 - CFD: 2015/09/17 13:10:58 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Locktime
O43 - CFD: 2015/09/17 13:09:34 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Locktime Software
O43 - CFD: 2015/08/17 20:54:13 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Macromedia
O43 - CFD: 2015/08/25 05:08:34 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Maxthon3
O43 - CFD: 2015/08/31 19:53:54 - [] SD -- C:\Users\omar mokrani\AppData\Roaming\Microsoft
O43 - CFD: 2015/08/17 13:18:37 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Mozilla
O43 - CFD: 2015/08/25 07:37:30 - [] D -- C:\Users\omar mokrani\AppData\Roaming\mxnitro
O43 - CFD: 2015/08/19 13:22:19 - [0] D -- C:\Users\omar mokrani\AppData\Roaming\QuickScan
O43 - CFD: 2015/09/05 13:26:23 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Skype
O43 - CFD: 2015/09/04 17:19:14 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Solveig Multimedia
O43 - CFD: 2015/08/17 04:26:23 - [0] D -- C:\Users\omar mokrani\AppData\Roaming\Splashtop
O43 - CFD: 2015/08/17 19:36:53 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
O43 - CFD: 2015/09/23 08:51:08 - [] D -- C:\Users\omar mokrani\AppData\Roaming\uTorrent
O43 - CFD: 2015/08/17 04:36:28 - [] D -- C:\Users\omar mokrani\AppData\Roaming\WinRAR
O43 - CFD: 2015/09/25 15:24:21 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Wise Care 365
O43 - CFD: 2015/08/21 07:58:50 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Wise Data Recovery
O43 - CFD: 2015/09/02 06:54:29 - [] D -- C:\Users\omar mokrani\AppData\Roaming\WiseUpdate
O43 - CFD: 2015/09/25 15:31:03 - [] D -- C:\Users\omar mokrani\AppData\Roaming\ZHP
O43 - CFD: 2015/08/23 06:55:17 - [] D -- C:\Users\omar mokrani\AppData\Local\Adobe
O43 - CFD: 2015/08/17 03:50:40 - [0] SHD -- C:\Users\omar mokrani\AppData\Local\Application Data
O43 - CFD: 2015/08/23 06:55:18 - [] D -- C:\Users\omar mokrani\AppData\Local\CEF
O43 - CFD: 2015/08/29 13:24:54 - [] D -- C:\Users\omar mokrani\AppData\Local\CrystalDiskMark5
O43 - CFD: 2015/08/22 23:45:27 - [] D -- C:\Users\omar mokrani\AppData\Local\CyberGhost
O43 - CFD: 2015/08/17 19:57:46 - [] D -- C:\Users\omar mokrani\AppData\Local\CyberLink
O43 - CFD: 2015/09/19 05:10:43 - [] D -- C:\Users\omar mokrani\AppData\Local\Diagnostics
O43 - CFD: 2015/09/13 20:53:51 - [] D -- C:\Users\omar mokrani\AppData\Local\Google
O43 - CFD: 2015/08/19 00:26:06 - [] D -- C:\Users\omar mokrani\AppData\Local\GWX
O43 - CFD: 2015/08/17 03:50:40 - [0] SHD -- C:\Users\omar mokrani\AppData\Local\History
O43 - CFD: 2015/08/23 16:29:18 - [] D -- C:\Users\omar mokrani\AppData\Local\Microsoft
O43 - CFD: 2015/08/22 20:28:04 - [0] D -- C:\Users\omar mokrani\AppData\Local\Microsoft Help
O43 - CFD: 2015/08/17 13:26:57 - [] D -- C:\Users\omar mokrani\AppData\Local\Mozilla
O43 - CFD: 2015/09/04 14:53:18 - [] D -- C:\Users\omar mokrani\AppData\Local\Packages
O43 - CFD: 2015/08/17 04:29:38 - [] D -- C:\Users\omar mokrani\AppData\Local\Programs
O43 - CFD: 2015/08/17 18:15:14 - [] D -- C:\Users\omar mokrani\AppData\Local\Skype
O43 - CFD: 2015/09/25 15:31:09 - [] D -- C:\Users\omar mokrani\AppData\Local\Temp
O43 - CFD: 2015/08/17 03:50:40 - [0] SHD -- C:\Users\omar mokrani\AppData\Local\Temporary Internet Files
O43 - CFD: 2015/08/22 23:45:27 - [] D -- C:\Users\omar mokrani\AppData\Local\VirtualStore
O43 - CFD: 2015/09/01 07:01:21 - [] D -- C:\Users\omar mokrani\AppData\Local\Windows Performance Analyzer
O43 - CFD: 2014/11/21 16:14:52 - [] RD -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 2014/11/21 16:14:52 - [] RD -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 2015/08/17 03:51:28 - [] RD -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/08/17 04:36:51 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
O43 - CFD: 2015/08/17 19:50:12 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/08/17 19:40:32 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MainConcept
O43 - CFD: 2013/08/22 16:36:32 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 2015/08/25 07:37:32 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon Nitro
O43 - CFD: 2015/08/23 11:23:54 - [] RD -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 2015/07/18 00:20:03 - [] RD -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 2015/08/17 19:36:05 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 2015/08/17 19:30:05 - [] D -- C:\Users\omar mokrani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件

---\\ ShellIconOverlayIdentifiers (SIOI) (3) - 0s
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 1 (ErrorConflict) [ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 2 (SyncInProgress) [ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL ©
O106 - SIOI: Microsoft SkyDrive Pro Icon Overlay 3 (InSync) [ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1}. (.Microsoft Corporation - Microsoft OneDrive for Business Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL ©

---\\ System Drivers List (50) - 6s
O58 - SDL:2013/08/22 13:43:41 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\Windows\System32\drivers\3ware.sys [108896] ©
O58 - SDL:2013/08/22 13:43:41 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\Windows\System32\drivers\adp80xx.sys [782176] ©
O58 - SDL:2013/08/22 13:43:41 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79200] ©
O58 - SDL:2013/08/22 13:43:41 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [259424] ©
O58 - SDL:2013/08/22 13:43:40 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [25952] ©
O58 - SDL:2011/01/11 02:16:08 A . (...) -- C:\Windows\System32\drivers\AppleCharger.sys [21104]
O58 - SDL:2013/08/22 13:43:41 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [114016] ©
O58 - SDL:2015/05/28 13:37:47 A . (.BitDefender - Active Virus Control filter driver.) -- C:\Windows\System32\drivers\avc3.sys [1369288] ©
O58 - SDL:2015/05/29 09:50:59 A . (.BitDefender - BitDefender AntiVirus Active Virus Control.) -- C:\Windows\System32\drivers\avchv.sys [271272] ©
O58 - SDL:2015/05/28 14:21:52 A . (.BitDefender - Active Virus Control Kernel Filtering drive.) -- C:\Windows\System32\drivers\avckf.sys [747120] ©
O58 - SDL:2013/08/13 00:25:46 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\drivers\bcmfn2.sys [17624] ©
O58 - SDL:2013/09/08 20:04:56 A . (.Bitdefender - Bitdefender Early Launch Anti-Malware Drive.) -- C:\Windows\System32\drivers\bdelam.sys [23568] ©
O58 - SDL:2014/12/15 18:04:17 A . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) -- C:\Windows\System32\drivers\bdfndisf6.sys [98768] ©
O58 - SDL:2013/07/30 18:41:09 A . (.BitDefender - FileVault Disk Driver.) -- C:\Windows\System32\drivers\bdvedisk.sys [79192] ©
O58 - SDL:2013/08/22 13:43:41 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbda.sys [531296] ©
O58 - SDL:2013/10/29 08:26:46 A . (.CyberLink Corporation - CyberLink WebCam Virtual Driver.) -- C:\Windows\System32\drivers\clwvd6.sys [41704] ©
O58 - SDL:2013/06/18 15:45:28 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G6032E.sys [147584] ©
O58 - SDL:2013/08/22 13:43:45 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbda.sys [3357024] ©
O58 - SDL:2015/02/24 16:52:40 A . (.BitDefender LLC - BitDefender Gonzales FileSystem Driver.) -- C:\Windows\System32\drivers\gzflt.sys [160544] ©
O58 - SDL:2013/08/22 13:43:45 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [64352] ©
O58 - SDL:2013/07/30 19:47:35 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568] ©
O58 - SDL:2013/07/25 20:05:39 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320] ©
O58 - SDL:2013/08/10 01:39:30 A . (.Intel Corporation - Intel Rapid Storage Technology driver (inbo.) -- C:\Windows\System32\drivers\iaStorAV.sys [651248] ©
O58 - SDL:2013/08/22 13:43:45 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\System32\drivers\iaStorV.sys [412000] ©
O58 - SDL:2015/06/12 03:00:58 A . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [197616] ©
O58 - SDL:2012/03/23 18:13:28 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd64.sys [10627744] ©
O58 - SDL:2011/03/23 03:20:58 A . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controll.) -- C:\Windows\System32\drivers\L1C62x64.sys [77936] ©
O58 - SDL:2012/06/22 05:02:52 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) -- C:\Windows\System32\drivers\L1C63x64.sys [110744] ©
O58 - SDL:2013/08/22 13:43:44 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [109408] ©
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [93536] ©
O58 - SDL:2013/08/22 13:43:44 A . (.LSI Corporation - LSI SAS Gen3 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas3.sys [81760] ©
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sss.sys [82784] ©
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [56672] ©
O58 - SDL:2013/08/22 13:43:45 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\megasr.sys [575840] ©
O58 - SDL:2013/08/22 13:43:49 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\Windows\System32\drivers\mvumis.sys [63840] ©
O58 - SDL:2013/06/18 19:30:32 A . (.Ralink Technology Corp. - Ralink 802.11n Wireless Adapter Driver.) -- C:\Windows\System32\drivers\netr28ux.sys [2408208] ©
O58 - SDL:2013/03/01 02:49:12 A . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\drivers\npf.sys [36600] ©
O58 - SDL:2013/08/22 13:43:31 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [150368] ©
O58 - SDL:2013/08/22 13:43:32 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [168288] ©
O58 - SDL:2013/08/22 16:35:09 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [23040] ©
O58 - SDL:2013/08/22 13:43:31 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [44896] ©
O58 - SDL:2013/08/22 13:43:32 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [81760] ©
O58 - SDL:2010/05/10 17:09:36 A . (.TechniSat Digital, S.A. - NDIS 5.0 driver.) -- C:\Windows\System32\drivers\SkyNET_AMD64.sys [617048]
O58 - SDL:2013/08/22 13:43:32 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\drivers\stexstor.sys [31072] ©
O58 - SDL:2013/08/22 13:40:24 A . (.The OpenVPN Project - TAP-Windows Virtual Network Driver.) -- C:\Windows\System32\drivers\tap0901.sys [40664] ©
O58 - SDL:2014/10/15 17:14:12 A . (.BitDefender S.R.L. - Trufos Kernel Module.) -- C:\Windows\System32\drivers\trufos.sys [452040] ©
O58 - SDL:2011/07/12 13:52:06 A . (.VIA Technologies, Inc. - VIA High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\viahduaa.sys [2165360] ©
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [19808] ©
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [168800] ©
O58 - SDL:2013/08/22 13:43:34 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\Windows\System32\drivers\VSTXRAID.SYS [305504] ©

---\\ Last modified or created user files (1) - 11s
O61 - LFC: 2015/09/18 18:06:48 A . (..) -- C:\Users\omar mokrani\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]

---\\ File Associations Shell Spawning (11) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©

---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Maxthon International ltd. - Maxthon Cloud Browser.) -- C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe ©

---\\ Search Browser Infection (3) - 5s
O69 - SBI: SearchScopes [HKCU] {C888FD7B-F8DD-4ae6-9DCB-388215F4DC47} [DefaultScope] - (Google) - http://www.google.com/
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/

---\\ Search Svchost Services (36) - 1s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [214528] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [156160] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [156160] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\system32\srvsvc.dll [329216] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [1360896] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\ikeext.dll [1084928] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [926208] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\system32\seclogon.dll [31744] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [110080] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\system32\iscsiexe.dll [151040] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [110592] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\system32\schedsvc.dll [1265152] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [230400] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\system32\mmcss.dll [71168] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [135168] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [228864] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [339968] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [84992] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\system32\kmsvc.dll [101376] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [348672] ©
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Windows Location Framework Service.) -- C:\Windows\System32\GeofenceMonitorService.dll [522240] ©
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft® Account Service.) -- C:\Windows\system32\wlidsvc.dll [1639424] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\system32\themeservice.dll [59392] ©
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Device Setup Manager.) -- C:\Windows\System32\DeviceSetupManager.dll [206848] ©
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant Se.) -- C:\Windows\System32\ncasvc.dll [166400] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [102912] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [542208] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [226816] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\sens.dll [73728] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [452608] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [313344] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [3705344] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [933376] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [640000] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [187904] ©
O83 - Search Svchost Services: MsKeyboardFilter (MsKeyboardFilter) . (.Microsoft Corporation - SvcHost Service for Microsoft Keyboard Filt.) -- C:\Windows\System32\KeyboardFilterSvc.dll [92992] ©

---\\ Firewall Active Exception List (11) - 7s
O87 - FAEL: "{4621F526-58BC-4E7C-A912-0C2BD50161EF}" [In-None-P6-TRUE] .(.版权所有 (C) 2008 Tencent - QQDeskUpdate.) -- C:\Program Files (x86)\Tencent\QQPlayer\QQDeskUpdate.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{33C67BE7-71E1-49A3-A1F2-8E12A9FFCF88}" [In-None-P17-TRUE] .(.版权所有 (C) 2008 Tencent - QQDeskUpdate.) -- C:\Program Files (x86)\Tencent\QQPlayer\QQDeskUpdate.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{56C34555-BD6B-438C-8E64-7DD78AF1DA93}" [In-None-P6-TRUE] .(.腾讯科技(深圳)有限公司 - QQ影音.) -- C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{0FF7E561-3831-4120-8B80-BE9E7D2F0878}" [In-None-P17-TRUE] .(.腾讯科技(深圳)有限公司 - QQ影音.) -- C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{9230B012-F77E-4EF2-9DF8-91E08191A62A}" [In-None-P17-TRUE] .(.Tencent Ltd. - QQ影音工具箱.) -- C:\Program Files (x86)\Tencent\QQPlayer\QPToolbox.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{34803BF3-4FD0-4BD6-BA59-C651B3E51F86}" [In-None-P6-TRUE] .(.Tencent - QQ影音在线升级程序.) -- C:\Program Files (x86)\Tencent\QQPlayer\QPUp.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{1564B4C3-2D0C-41DE-8B78-2B5A03231E7E}" [In-None-P17-TRUE] .(.Tencent - QQ影音在线升级程序.) -- C:\Program Files (x86)\Tencent\QQPlayer\QPUp.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{7CE7D222-548C-4B1C-B3A1-C1ED7D1B761D}" [In-None-P6-TRUE] .(.Tencent - 腾讯高速下载引擎.) -- C:\Program Files (x86)\Common Files\Tencent\QQDownload\118\Tencentdl.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{DB072519-3909-4A52-A8B9-C5AAF1AA6880}" [In-None-P17-TRUE] .(.Tencent - 腾讯高速下载引擎.) -- C:\Program Files (x86)\Common Files\Tencent\QQDownload\118\Tencentdl.exe =>PUP.Optional.TencentAddressBar
O87 - FAEL: "{A968F229-2DB5-479A-8EBA-3EC5CF60ED16}" [In-None-P6-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\omar mokrani\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{9B9CC8A6-0D5B-4ED0-9E22-98E291BB26AC}" [In-None-P17-TRUE] .(.BitTorrent Inc. - µTorrent.) -- C:\Users\omar mokrani\AppData\Roaming\uTorrent\uTorrent.exe

---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 16s

SS - Disabled [2015/06/12 17:25:00] [ 82112] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [2015/07/24 13:41:41] [ 78144] Bitdefender Desktop Parental Control (BdDesktopParental) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe ©
SS - Demand [2015/08/10 11:24:14] [ 63968] CyberGhost 5 Client Service (CGVPNCliService) . (.CyberGhost S.R.L.) - C:\Program Files\CyberGhost 5\Service.exe ©
SS - Auto [2015/08/19 10:26:29] [ 107848] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Demand [2015/08/19 10:26:29] [ 107848] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ©
SS - Disabled [2015/08/25 05:10:33] [ 1871784] Maxthon Core Update Service (MaxthonUpdateSvc) . (.Maxthon.) - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe ©
SS - Disabled [2015/08/26 13:46:31] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe ©
SS - Demand [2014/09/15 21:43:27] [ 328832] NetLimiter 4 Service (nlsvc) . (.Locktime Software.) - C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe ©
SS - Disabled [2013/09/15 20:14:18] [ 59816] ProgDVB Scheduler Service (ProgDVBService) . (...) - C:\Program Files (x86)\ProgDVB\ProgDVBService.exe
SS - Disabled [2010/11/11 19:00:24] [ 374112] Ralink Registry Writer (RalinkRegistryWriter) . (.Ralink Technology, Corp..) - C:\Program Files (x86)\Ralink\Common\RaRegistry.exe ©
SS - Disabled [2010/11/11 19:00:48] [ 451936] Ralink Registry Writer 64 (RalinkRegistryWriter64) . (.Ralink Technology, Corp..) - C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe ©
SS - Demand [2010/12/31 19:05:46] [ 619872] RaMediaServer (RaMediaServer) . (...) - C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
SS - Disabled [2013/03/01 02:48:58] [ 118520] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.Riverbed Technology, Inc..) - C:\Program Files (x86)\WinPcap\rpcapd.exe ©
SS - Auto [2015/07/09 13:14:04] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe ©
SR - Auto [2015/04/22 17:21:58] [ 67320] Bitdefender Desktop Update Service (UPDATESRV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe ©
SS - Disabled [2011/07/12 13:52:12] [ 27760] VIA Karaoke digital mixer Service (VIAKaraokeService) . (.VIA Technologies, Inc..) - C:\Windows\system32\viakaraokesrv.exe ©
SR - Auto [2015/07/27 12:42:02] [ 1540744] Bitdefender Virus Shield (VSSERV) . (.Bitdefender.) - C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe ©
SS - Auto [2015/04/30 10:27:26] [ 579904] Wise Boot Assistant (WiseBootAssistant) . (.WiseCleaner.com.) - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe ©
SS - Demand [2015/08/21 07:58:13] [ 14800] WiseHDInfo (WiseHDInfo) . (.wisecleaner.com.) - C:\Windows\WiseHDInfo64.dll ©

---\\ Search Tracing Registry Key (1) - 1s
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASAPI32 =>PUP.Optional.TencentAddressBar

---\\ Additional Scan (O88) (13) - 0s
HKLM\SOFTWARE\Wow6432Node\Tencent =>PUP.Optional.TencentAddressBar
HKCU\SOFTWARE\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent =>PUP.Optional.TencentAddressBar
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
C:\ProgramData\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Common Files\Tencent =>PUP.Optional.TencentAddressBar
C:\Users\omar mokrani\AppData\Roaming\Tencent =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPlayer\QQDeskUpdate.exe =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPlayer\QQPlayer.exe =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPlayer\QPToolbox.exe =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Tencent\QQPlayer\QPUp.exe =>PUP.Optional.TencentAddressBar
C:\Program Files (x86)\Common Files\Tencent\QQDownload\118\Tencentdl.exe =>PUP.Optional.TencentAddressBar
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\tencentdl_RASAPI32 =>PUP.Optional.TencentAddressBar

---\\ Summary of the elements found (2) - 0s
http://www.nicolascoolman.fr/adware-tencentaddressbar/ =>PUP.Optional.TencentAddressBar
http://www.nicolascoolman.fr/trojan-autokms/ =>HackTool.AutoKMS

~ End of the scan, 43758 items in 120 seconds (761)(0)()

Publicité


Signaler le contenu de ce document

Publicité