Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ ZHPDiag v2016.1.27.21 By Nicolas Coolman (2016/01/27)
~ Run by Administrator (Administrator) (2016/01/27 14:25:18)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Documents and Settings\Administrator\Desktop\ZHPDiag.txt
~ Report: C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ Internet Browsers (2) - 1s
GCIE: Google Chrome v48.0.2564.82
MSIE: Internet Explorer v8.0.6001.18702
---\\ Windows Product Information (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : OK
---\\ System protection software (2) - 1s
ESET Smart Security v9.0.318.24
Malwarebytes Anti-Malware النسخة 2.2.0.1024
---\\ System optimization software (1) - 1s
CCleaner v5.13
---\\ Surveillance software (2) - 2s
Adobe Flash Player 12 Plugin
Adobe Reader XI
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1046.952 MB (15% free)
System Restore: Activé (Enable)
System drive C: has 122 GB () free of 149 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: JARRAH
~ User Name: Administrator
~ Logged in as Administrator
---\\ Enumeration of the disk units (3) - 5s
~ Drive C: has 122 GB free of 149 GB (System)
~ Drive D: has 156 GB free of 160 GB
~ Drive E: has 145 GB free of 166 GB
---\\ State of the Windows Security Center (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (23) - 1s
[MD5.2BB75B7F548D82A099125D0C5971DE7D] - 12/07/2012 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [1033728] =>.Microsoft Corporation
[MD5.037B1E7798960E0420003D05BB577EE6] - 14/04/2008 - (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\rundll32.exe [33280] =>.Microsoft Corporation
[MD5.553AD35768CD27959391DD5AA82CEF6F] - 12/07/2012 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] =>.Microsoft Corporation
[MD5.53A8857723277B1D6D5EE60A9F85B117] - 12/07/2012 - (.Microsoft Corporation - Windows NT Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [509440] =>.Microsoft Corporation
[MD5.64AA11D53A4A84CDF43370D7036517C3] - 12/07/2012 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [149504] =>.Microsoft Corporation
[MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - 12/07/2012 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] =>.Microsoft Corporation
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation
[MD5.C885B02847F5D2FD45A24E219ED93B32] - 14/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - 12/07/2012 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - 14/04/2008 - (.Microsoft Corporation - FIPS Crypto Driver.) -- C:\WINDOWS\System32\drivers\Fips.sys [44544] =>.Microsoft Corporation
[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - 13/04/2008 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [52480] =>.Microsoft Corporation
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 14/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 14/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation
[MD5.23C74D75E36E7158768DD63D92789A91] - 14/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation
[MD5.FB2FCCC70F7174C7BF64F48E96D3ADF4] - 12/07/2012 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [457856] =>.Microsoft Corporation
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 14/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation
[MD5.4C51D5275AE8A16999EDFE7E647D00DE] - 18/11/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [576384] =>.Microsoft Corporation
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - 12/07/2012 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [80128] =>.Microsoft Corporation
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 14/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation
[MD5.47EA20320E3D6FDC7B7BB22B2B881CA6] - 04/09/2009 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [195712] =>.Microsoft Corporation
[MD5.F828DD7E1419B6653894A8F97A0094C5] - 13/04/2008 - (.Microsoft Corporation - Redbook Audio Filter Driver.) -- C:\WINDOWS\System32\drivers\redbook.sys [57600] =>.Microsoft Corporation
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - 14/04/2008 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [52352] =>.Microsoft Corporation
---\\ Non Microsoft non disabled Windows Services (13) - 4s
O23 - Service: CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe =>.CyberLink®
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink - CyberLink Media Server Monitor Service.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe =>.CyberLink®
O23 - Service: CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink - CyberLink Media Server Service.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe =>.CyberLink®
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (.AnchorFree Inc. - Hotspot Shield 5.1.2.) - C:\Program Files\Hotspot Shield\bin\hsswd.exe =>.AnchorFree Inc®
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe =>.Oracle America, Inc.®
O23 - Service: (MBAMScheduler) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe =>.NVIDIA Corporation®
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe =>.RealNetworks, Inc.®
O23 - Service: Power Control [2015/04/01 21:50:28] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp. - .) - C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl =>.CyberLink®
---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 35s
SS - Demand [01/04/2015] [ 257928] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [14/03/2012] [ 87336] CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp..) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe =>.CyberLink®
SR - Auto [14/03/2012] [ 75048] CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe =>.CyberLink®
SR - Auto [14/03/2012] [ 296232] CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe =>.CyberLink®
SR - Auto [09/10/2015] [ 1971968] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SS - Auto [10/01/2016] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [10/01/2016] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [15/12/2015] [ 96600] Hotspot Shield Tray Service (HssTrayService) . (...) - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE =>.AnchorFree Inc®
SR - Auto [15/12/2015] [ 864464] Hotspot Shield Monitoring Service (HssWd) . (.AnchorFree Inc..) - C:\Program Files\Hotspot Shield\bin\hsswd.exe =>.AnchorFree Inc®
SR - Auto [01/04/2015] [ 182696] Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe =>.Oracle America, Inc.®
SR - Auto [05/10/2015] [ 1513784] (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SR - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [12/02/2014] [ 118896] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Demand [28/11/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG®
SR - Demand [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe =>.Nero AG®
SR - Auto [31/01/2013] [ 156448] NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation®
SS - Auto [31/01/2013] [ 1259296] NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe =>.NVIDIA Corporation®
SR - Auto [14/08/2013] [ 39056] RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe =>.RealNetworks, Inc.®
SS - Auto [19/03/2012] [ 87536] Power Control [2015/04/01 21:50:28] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp..) - C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl =>.CyberLink®
---\\ Process running (26) - 6s
[MD5.05D36FCAB501C67DEA797FAFB5C42AC5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1971968] [PID.1512] =>.ESET, spol. s r.o.®
[MD5.80FD4D46B0E9B620CF757A9A5C789329] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [577536] [PID.184] =>.Realtek Semiconductor Corp.
[MD5.02C02E1A92435043FC275101A8ECAAAB] - (.Copyright (C) 2003 - MaySample MFC Application.) -- C:\Program Files\Application\Video Wizard WDM Video Capture\Remote.exe [241664] [PID.220]
[MD5.0BCDFD7BA8AD4159A3B77B1F877120BE] - (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743136] [PID.244] =>.Wondershare Software Co., Ltd. ®
[MD5.8651F84ECBE5687A6628F1062300608C] - (.CyberLink - DMREngine.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544] [PID.252] =>.CyberLink®
[MD5.FBBD76D32C007B7AAC92399B9EB7BD11] - (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256] [PID.280] =>.CyberLink®
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.472] =>.RealNetworks, Inc.®
[MD5.86F0D0B3A07C142C81DAB47E8495A822] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872] [PID.932] =>.Nero AG®
[MD5.8025F05E5A51FD499584AFD7A688423C] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6602152] [PID.960] =>.Piriform Ltd®
[MD5.549F6A1198C3120BB836F04BB1BAF5B8] - (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336] [PID.804] =>.CyberLink®
[MD5.751E67A18468ADAE2D6AA90F026E2DBE] - (.CyberLink - CyberLink Media Server Monitor Service.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048] [PID.352] =>.CyberLink®
[MD5.3DE230F59C8830168EAAB163B606DD37] - (.CyberLink - CyberLink Media Server Service.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232] [PID.1832] =>.CyberLink®
[MD5.2F96B2D2338919162EC9E0554F8F727A] - (.AnchorFree Inc. - Hotspot Shield 5.1.2.) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe [864464] [PID.2164] =>.AnchorFree Inc®
[MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.2724] =>.Oracle America, Inc.®
[MD5.AB176B9E59C0435499D83047D84EDD59] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784] [PID.2764] =>.Malwarebytes Corporation®
[MD5.40C126CB15FAB7D6C66490DCA9C1AED2] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416] [PID.4088] =>.Malwarebytes Corporation®
[MD5.1982E96B2C5C2EFFEF38EFC37293A42E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\WINDOWS\system32\nvsvc32.exe [156448] [PID.2188] =>.NVIDIA Corporation®
[MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2820] =>.RealNetworks, Inc.®
[MD5.BABBBDEF9DBB5E012EE5210FCB47C33B] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [9832760] [PID.3552] =>.Malwarebytes Corporation®
[MD5.A328A46D87BB92CE4D8A4528E9D84787] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [279848] [PID.3568] =>.Nero AG®
[MD5.FFBD5650348D4F9E0AA8E72938DC6478] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1213736] [PID.3804] =>.Nero AG®
[MD5.E0ED4A85D35E3874A85A25C222326B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5532872] [PID.3228] =>.ESET, spol. s r.o.®
[MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.2872] =>.Google Inc®
[MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.3628] =>.Google Inc®
[MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.3268] =>.Google Inc®
[MD5.AD0F16DEF98337C3F11E69DCFDD9928E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Administrator\My Documents\Downloads\ZHPDiag3 (1).exe [2097152] [PID.1800] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (10) - 1s
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealDownloader
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 3s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll =>.Adobe Systems Incorporated
---\\ Internet Explorer Extensions, Start, Search (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)
---\\ Browser Helper Object (BHO) (3) - 1s
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Auto loading programs from Registry and folders (21) - 1s
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE =>.Realtek Semiconductor Corp.
O4 - HKLM\..\Run: [IR Control] . (.Copyright (C) 2003 - MaySample MFC Application.) -- C:\Program Files\Application\Video Wizard WDM Video Capture\Remote.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe =>.Wondershare Software Co., Ltd. ®
O4 - HKLM\..\Run: [PowerDVD12DMREngine] . (.CyberLink - DMREngine.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe =>.CyberLink®
O4 - HKLM\..\Run: [PowerDVD12Agent] . (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe =>.CyberLink®
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe =>.NVIDIA Corporation®
O4 - HKLM\..\Run: [NvMediaCenter] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\RunDLL32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [NvCplDaemon] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\RUNDLL32.EXE =>.Microsoft Corporation
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe =>.Nero AG®
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation®
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe =>.Apple Inc.®
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated®
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc.®
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe =>.Nero AG®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe =>.Nero AG®
O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
---\\ Global shortcuts Startup (112) - 39s
O4 - GS\Desktop [Administrator]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Administrator]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [Administrator]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Administrator]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Administrator]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [Administrator]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [Administrator]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [Administrator]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [Administrator]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [Administrator]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [Administrator]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [Administrator]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [Administrator]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [Administrator]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [Administrator]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\Desktop [Guest]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Guest]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [Guest]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Guest]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Guest]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [Guest]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [Guest]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [Guest]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [Guest]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [Guest]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [Guest]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [Guest]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [Guest]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [Guest]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [Guest]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\Desktop [HelpAssistant]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [HelpAssistant]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [HelpAssistant]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [HelpAssistant]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [HelpAssistant]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [HelpAssistant]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [HelpAssistant]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [HelpAssistant]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [HelpAssistant]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [HelpAssistant]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [HelpAssistant]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [HelpAssistant]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [HelpAssistant]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [HelpAssistant]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [HelpAssistant]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [HelpAssistant]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [HelpAssistant]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [HelpAssistant]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [HelpAssistant]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [HelpAssistant]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [HelpAssistant]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [HelpAssistant]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [HelpAssistant]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [HelpAssistant]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [HelpAssistant]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\Desktop [SUPPORT_388945a0]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [SUPPORT_388945a0]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [SUPPORT_388945a0]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [SUPPORT_388945a0]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [SUPPORT_388945a0]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [SUPPORT_388945a0]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [SUPPORT_388945a0]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [SUPPORT_388945a0]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [SUPPORT_388945a0]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [SUPPORT_388945a0]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [SUPPORT_388945a0]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [SUPPORT_388945a0]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\CommonDesktop [Public]: Allok Video Joiner.lnk . (...) C:\Program Files\Allok Video Joiner\Allok Video Joiner.exe
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Dial-Up.lnk . (.ZTE中兴 - Dial-Up Microsoft 基础类应用程序.) C:\Program Files\zte\PC_DIAL_FWPV5.00.09\Dial-Up.exe
O4 - GS\CommonDesktop [Public]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Hotspot Shield.lnk . (.AnchorFree Inc. - Hotspot Shield 5.1.2.) C:\Program Files\Hotspot Shield\bin\HSSCP.exe =>.AnchorFree Inc®
O4 - GS\CommonDesktop [Public]: RealPlayer.lnk . (.RealNetworks, Inc. - RealPlayer.) C:\Program Files\Real\RealPlayer\realplay.exe =>.RealNetworks, Inc.®
O4 - GS\CommonDesktop [Public]: Rome - Total War - Alexander.lnk . (.The Creative Assembly Ltd - Rome: Total War - Alexander.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW-ALX.exe =>.The Creative Assembly Ltd
O4 - GS\CommonDesktop [Public]: Rome - Total War - Barbarian Invasion.lnk . (.The Creative Assembly Ltd - Rome: Total War - Barbarian Invasion.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW-BI.exe =>.The Creative Assembly Ltd
O4 - GS\CommonDesktop [Public]: Rome - Total War.lnk . (.The Creative Assembly Ltd - Rome: Total War.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW.exe =>.The Creative Assembly Ltd
O4 - GS\Startup [Public]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Programs [Public]: Format Factory 2.60.lnk . (...) C:\Program Files\FormatFactory 2.60\FormatFactory.exe
---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCA34F41-23C0-4F74-8E15-B680EA6E9ED9}: DhcpNameServer = 192.168.1.1
---\\ Extra protocols (28) - 2s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll =>.Microsoft Corporation®
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Software installed (68) - 36s
O42 - Logiciel: ACDSee Free - (.ACD Systems International Inc..) [HKLM] -- ACDSee Free =>.ACD Systems International Inc®
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.04) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: AIMP3 - (.AIMP DevTeam.) [HKLM] -- AIMP3 =>.AIMP DevTeam
O42 - Logiciel: ALLMediaServer - (.ALLCinema Ltd..) [HKLM] -- {FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1
O42 - Logiciel: Allok Video Joiner 4.6.0529 - (.Allok Soft Inc..) [HKLM] -- Allok Video Joiner_is1
O42 - Logiciel: AllokSoft Allok Video Joiner v4.6.0529 ShamFuture.com - (.ShamFuture.com.) [HKLM] -- {1E0ED455-F294-460F-9845-CF7A55BF4D53}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc.
O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM] -- Blender =>.Blender Foundation
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink®
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink®
O42 - Logiciel: DriverPack Solution Updater - (.DriverPack Solution.) [HKCU] -- DRPSu Updater =>.Kuzyakov Artur Vyacheslavovich IP®
O42 - Logiciel: Drv - (.My Company Name.) [HKLM] -- {DA71A94B-3617-4935-8BBE-1566B2174C95}
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {993949EA-4382-4C42-A8B0-16FB3D4F8CF8} =>.ESET, spol. s r.o.
O42 - Logiciel: File Recover 8.0 - (.PC Tools.) [HKLM] -- File Recover_is1 {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory =>.Format Factory
O42 - Logiciel: Golden Al-Wafi Translator 1.12 - (.<>.) [HKLM] -- Golden Al-Wafi Translator (By DR.Ahmed Saker)_is1
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Hotspot Shield 5.1.2 - (.AnchorFree Inc..) [HKLM] -- HotspotShield =>.AnchorFree Inc®
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} =>.Oracle
O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Sun Microsystems, Inc.
O42 - Logiciel: jetAudio Basic - (.COWON.) [HKLM] -- {DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} {2B13AAC1A1EE61} =>.COWON
O42 - Logiciel: K-Lite Codec Pack 10.2.0 Full - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: Malwarebytes Anti-Malware النسخة 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Microsoft Software Update for Web Folders (Arabic) 12 - (.Microsoft Corporation.) [HKLM] -- {90120000-0010-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (...) [HKLM] -- MSTTS
O42 - Logiciel: Miro - (.Participatory Culture Foundation.) [HKLM] -- Miro =>.Participatory Culture Foundation
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MSXML 6.0 Parser (KB925673) - (.Microsoft Corporation.) [HKLM] -- {FE9126DB-5F84-495A-BB46-3C724F1C2D08} =>.Microsoft Corporation
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {C3CF41F1-0373-4DD7-BE99-F33B00E51033} =>.Nero AG
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA NView 136.53 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update Components - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA برنامج تشغيل الرسومات 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: PC_DIAL_FWPV5.00.09 - (.zte.) [HKLM] -- {88D613F4-D4AE-48F1-BF73-66A1886FB214} =>.ZTE
O42 - Logiciel: PhotoScape - (...) [HKLM] -- PhotoScape
O42 - Logiciel: Power Mp3 Cutter(Mp3 Sound Cutter) 1.40 - (.CooolSoft, Inc..) [HKLM] -- Power Mp3 Cutter(Mp3 Sound Cutter)_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} =>.Apple Inc.
O42 - Logiciel: Quraish - (.أفكـار ميديـا.) [HKLM] -- {5756E0B4-C092-4B0D-A935-80F72572B6F4}
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE} =>.RealNetworks, Inc.
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 16.0 =>.RealNetworks, Inc.®
O42 - Logiciel: Realtek AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.RealNetworks, Inc.
O42 - Logiciel: Rome - Total War - (.SCC-TDS.) [HKLM] -- {590EDC61-9823-4D56-9E87-0D32DFC5D81D} =>.Macrovision Corporation®
O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17} =>.SigmaTel
O42 - Logiciel: TeleText - (...) [HKLM] -- {D46BF5B1-315A-4E7F-AC0A-206497BA7705}
O42 - Logiciel: Video Downloader Pro - (.www.ad4cd.com.) [HKLM] -- Video Downloader Pro_is1
O42 - Logiciel: Video Wizard WDM Video Capture - (.Application.) [HKLM] -- {09AFDC81-D666-4194-B5B0-82461129F22C} =>.Application
O42 - Logiciel: Video Wizard WDM Video Capture - (.Application.) [HKLM] -- InstallShield_{09AFDC81-D666-4194-B5B0-82461129F22C} =>.Application
O42 - Logiciel: WebFldrs XP - (.Microsoft Corporation.) [HKLM] -- {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} =>.Microsoft Corporation
O42 - Logiciel: Who Is On My Wifi version 3.0.2 - (.IO3O LLC.) [HKLM] -- {010D45A1-093D-4534-8147-4E10E80F81CC}_is1
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp =>.Nullsoft, Inc
O42 - Logiciel: Windows Media Format Runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840} =>.Microsoft Corporation
O42 - Logiciel: WinRAR 5.00 بيتا 7 (32-بت) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC =>.Microsoft Corporation
O42 - Logiciel: Your Uninstaller Pro v7.3.2011.2 - (.Your Uninstaller Pro v7.3.2011.2.) [HKLM] -- {6D7E03A8-DF82-4D22-B4F7-251488BFEBC8}
O42 - Logiciel: Your Uninstaller! 7 - (.URSoft, Inc..) [HKLM] -- YU2010_is1 {20D86DE3316D2F604A4A91753B51F566}
O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman
O42 - Logiciel: Zoom Player MAX - (.www.ad4cd.com.) [HKLM] -- Zoom Player MAX_is1
O42 - Logiciel: تحديثات NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: دعم تطبيق Apple - (.Apple Inc..) [HKLM] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} =>.Apple Inc.
O42 - Logiciel: لوحة تحكم NVIDIA 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
---\\ HKCU & HKLM Software Keys (147) - 37s
HKLM\SOFTWARE\ACD Systems
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Ahead
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\Application
HKLM\SOFTWARE\Audible
HKLM\SOFTWARE\BlenderFoundation
HKLM\SOFTWARE\BrowserChoice
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\ComputerAssociates
HKLM\SOFTWARE\COWON
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\DT Soft
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\GENIATEC
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Golden Al-Wafi Translator
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GRETECH
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\Hasbro Interactive
HKLM\SOFTWARE\honestech
HKLM\SOFTWARE\HotspotShield
HKLM\SOFTWARE\Icaros
HKLM\SOFTWARE\Inmatrix
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\IO3O
HKLM\SOFTWARE\Items Technology Co., Ltd.
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\Lake
HKLM\SOFTWARE\LAV
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\magnet
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Mooii
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\My Company Name
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Participatory Culture Foundation
HKLM\SOFTWARE\PCTools
HKLM\SOFTWARE\Philips Semiconductors
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\SCC-TDS
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\SigmaTel
HKLM\SOFTWARE\Sims
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Sunisoft
HKLM\SOFTWARE\TunerData
HKLM\SOFTWARE\Voice
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\WinTVR
HKLM\SOFTWARE\Wondershare
HKLM\SOFTWARE\Xing Technology Corp.
HKLM\SOFTWARE\zte
HKCU\SOFTWARE\ACD Systems
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\ALLConverter PRO
HKCU\SOFTWARE\ALLMediaServer
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\CleanMyPC
HKCU\SOFTWARE\COWON
HKCU\SOFTWARE\Cyberlink
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DScaler5
HKCU\SOFTWARE\DT Soft
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Emulators
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\geissplugin
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Haemimont Games
HKCU\SOFTWARE\honestech
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Install
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\InterVideo
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MediaChance
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mooii
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nimbuzz
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Participatory Culture Foundation
HKCU\SOFTWARE\PCTools
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Project07
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\quareeb.exe
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SpinTop
HKCU\SOFTWARE\Sunisoft
HKCU\SOFTWARE\The Creative Assembly
HKCU\SOFTWARE\TheCreativeAssembly
HKCU\SOFTWARE\TikGames
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\URSoft
HKCU\SOFTWARE\VirtuaMedia
HKCU\SOFTWARE\Voice
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
---\\ Contents of the Common Files folders (220) - 128s
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\ACD Systems =>.ACD Systems International Inc®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\AfkarMedia
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\AIMP3
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\ALLMediaServer
O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\Allok Video Joiner
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\ALLPlayer
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\AlmawredDictionary
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Apple Software Update =>.Apple Inc.®
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Application
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Bigasoft
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Blender Foundation
O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\CleanMyPC
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 01/04/2015 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\CyberLink =>.CyberLink®
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 02/10/2015 - [] D -- C:\Program Files\File Recover {42ABDC237D1BA31664BA4E7B05F23652}
O43 - CFD: 09/06/2015 - [] D -- C:\Program Files\FreeTime =>.chen jun hao®
O43 - CFD: 02/10/2015 - [] D -- C:\Program Files\GetData
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Golden Al-Wafi Translator
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\GRETECH {78A2255D0AB283A4DC76EF94B250B7ED}
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\honestech
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\Hotspot Shield =>.AnchorFree Inc®
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\InstallShield Installation Information {2B13AAC1A1EE61}
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc.®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 27/05/2015 - [] D -- C:\Program Files\IO3O LLC
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\JetAudio
O43 - CFD: 28/05/2015 - [] D -- C:\Program Files\Jnes
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 25/01/2016 - [] D -- C:\Program Files\MediaMonkey
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 26/05/2015 - [] D -- C:\Program Files\MTK
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Mydrv
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Nero =>.Nero AG®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 03/06/2015 - [] D -- C:\Program Files\NirSoft =>.Nir Sofer®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Online Services
O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Opera
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Participatory Culture Foundation
O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\Philips Semiconductors
O43 - CFD: 16/08/2015 - [] D -- C:\Program Files\Photo!
O43 - CFD: 16/08/2015 - [] D -- C:\Program Files\PhotoScape =>.Mooii Tech®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Power Mp3 Cutter(Mp3 Sound Cutter)
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Real =>.RealNetworks, Inc.®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\RealNetworks =>.RealNetworks, Inc.®
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\SCC-TDS
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\SigmaTel =>.InstallShield Software Corporation®
O43 - CFD: 25/04/2015 - [] D -- C:\Program Files\TDS_SCC
O43 - CFD: 01/04/2015 - [0] D -- C:\Program Files\Uninstall Information
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Winamp
O43 - CFD: 02/04/2015 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 01/04/2015 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 03/06/2015 - [0] D -- C:\Program Files\Wondershare
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\xerox
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\Your Uninstaller! 7
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\ZHPFix
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Zoom Player MAX
O43 - CFD: 06/05/2015 - [] D -- C:\Program Files\zte
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\قاموس صخر الجديد
O43 - CFD: 03/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ACDSee Free
O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\AIMP3
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ALLMediaServer
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Allok Video Joiner
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Blender Foundation
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CyberLink PowerDVD 12
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET
O43 - CFD: 02/10/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\File Recover
O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Golden Al-Wafi Translator
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player
O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Hotspot Shield
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\jetAudio
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 22/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Miro
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero 7 Essentials
O43 - CFD: 06/05/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PC_DIAL_FWPV5.00.09
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Philips Semiconductors
O43 - CFD: 16/08/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PhotoScape
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Power Mp3 Cutter(Mp3 Sound Cutter)
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
O43 - CFD: 12/01/2016 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
O43 - CFD: 23/09/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Who Is On My Wifi
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
O43 - CFD: 24/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Your Uninstaller! 7
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ZHP
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu
O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\CyberLink
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\ESET
O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Hotspot Shield
O43 - CFD: 26/05/2015 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\install_clap
O43 - CFD: 22/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
O43 - CFD: 01/04/2015 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Nero
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\NVIDIA
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\PDVD
O43 - CFD: 03/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Real
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\RealNetworks
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\RogueKiller
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 07/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Steam
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 26/01/2016 - [0] AD -- C:\Documents and Settings\All Users\Application Data\TEMP
O43 - CFD: 03/06/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare Player
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\COWON
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\MSSoap
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\ODBC
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Wondershare
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\xing shared
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\AC3Filter
O43 - CFD: 18/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Adobe
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\AIMP3
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
O43 - CFD: 29/07/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\CyberLink
O43 - CFD: 26/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\DMCache
O43 - CFD: 02/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\DRPSu
O43 - CFD: 30/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\ESET
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\GRETECH
O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Hotspot Shield
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Identities
O43 - CFD: 26/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\IDM
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\InstallShield
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Macromedia
O43 - CFD: 26/05/2015 - [] SD -- C:\Documents and Settings\Administrator\Application Data\Microsoft
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Mozilla
O43 - CFD: 12/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\MPC-HC
O43 - CFD: 11/11/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Opera Software
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Participatory Culture Foundation
O43 - CFD: 27/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\PhotoScape
O43 - CFD: 27/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Real
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\RealNetworks
O43 - CFD: 24/09/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\SpinTop
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Sun
O43 - CFD: 07/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\The Creative Assembly
O43 - CFD: 24/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\URSoft
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Winamp
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\WinRAR
O43 - CFD: 27/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\ZHP
O43 - CFD: 18/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
O43 - CFD: 02/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ALLMediaServer
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\CyberLink
O43 - CFD: 10/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Deployment
O43 - CFD: 30/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ESET
O43 - CFD: 13/09/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaMonkey
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaServer
O43 - CFD: 03/04/2015 - [] SD -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
O43 - CFD: 01/04/2015 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
O43 - CFD: 11/11/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Opera Software
O43 - CFD: 31/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Skype
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun
O43 - CFD: 03/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Tipard Studio
O43 - CFD: 07/05/2015 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Wondershare
O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
O43 - CFD: 29/07/2015 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\AfkarMedia
O43 - CFD: 24/04/2010 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\AVer Zone
O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\FormatFactory
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\MTK Hotspot
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Nero 7 Essentials
O43 - CFD: 03/06/2015 - [0] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\NirSoft Wireless Network Watcher
O43 - CFD: 26/01/2016 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Video Downloader Pro
O43 - CFD: 24/04/2010 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Video Wizard WDM Video Capture
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Zoom Player MAX
O43 - CFD: 01/04/2015 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 01/04/2015 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup
---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\system32\cscui.dll =>.Microsoft Corporation
---\\ System Drivers List (60) - 15s
O58 - SDL:2007/01/23 12:00:00 RA . (.Philips Semiconductors GmbH - SAA713x Analog + Digital TV Card Driver.) -- C:\WINDOWS\System32\drivers\3xHybrid.sys [716160]
O58 - SDL:2008/09/23 23:40:22 RA . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368] =>.Realtek Semiconductor Corp.
O58 - SDL:2003/04/01 23:36:42 RA . (.Philips Semiconductors - cap7134.) -- C:\WINDOWS\System32\drivers\Cap7134.sys [348352]
O58 - SDL:2011/03/04 11:44:12 N . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [9072] =>.Sonic Solutions®
O58 - SDL:2011/03/04 11:44:12 N . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [9200] =>.Sonic Solutions®
O58 - SDL:2012/07/12 04:40:06 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] =>.RAVISENT Technologies Inc.
O58 - SDL:2012/07/12 04:40:06 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] =>.Compaq Computer Corporation
O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [799744] =>.Microsoft Corp., Veritas Software
O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153344] =>.Microsoft Corp., Veritas Software
O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] =>.Microsoft Corp., Veritas Software.
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [145512] =>.ESET, spol. s r.o.®
O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\WINDOWS\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\System32\drivers\epfwndis.sys [47168] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [69816] =>.ESET, spol. s r.o.®
O58 - SDL:2008/04/14 04:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] =>.Malwarebytes Corporation®
O58 - SDL:2016/01/27 03:56:43 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [170200] =>.Malwarebytes Corporation®
O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv61xxmm.sys [13616] =>.Marvell Semiconductor®
O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv64xxmm.sys [5632] =>.Marvell Semiconductor Inc.
O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mvxxmm.sys [13616] =>.Marvell Semiconductor®
O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2013/01/31 03:22:47 A . (.NVIDIA Corporation - NVIDIA Windows XP Miniport Driver, Version.) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [12648960] =>.NVIDIA Corporation®
O58 - SDL:2004/03/27 22:25:14 RA . (.China Geniatech Inc. - WDM TCL TV Tuner MiniDriver.) -- C:\WINDOWS\System32\drivers\PhTVTune.sys [24176]
O58 - SDL:2009/01/22 05:08:34 RA . (.Windows (R) Codename Longhorn DDK provider - Generic Port I/O.) -- C:\WINDOWS\System32\drivers\PortIo.sys [4864] =>.Windows (R) Codename Longhorn DDK provider
O58 - SDL:2008/04/14 04:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] =>.Parallel Technologies, Inc.
O58 - SDL:2011/03/04 11:44:14 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [45648] =>.Sonic Solutions®
O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2012/12/19 07:30:00 A . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [386528] =>.Realtek Semiconductor Corp®
O58 - SDL:2005/09/04 20:00:00 A . (.Philips Semiconductors - SAA713x TV Card - Video Capture Driver.) -- C:\WINDOWS\System32\drivers\SAA713x.sys [279552]
O58 - SDL:2008/04/14 04:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - CP2101 USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\slabbus.sys [58368] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabcm.sys [5504] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabcmnt.sys [5504] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - CP2101 USB to UART Bridge Controller WDM.) -- C:\WINDOWS\System32\drivers\slabser.sys [75776] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabwh.sys [5504] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabwhnt.sys [5504] =>.MCCI Corporation
O58 - SDL:2015/08/21 10:13:10 A . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\taphss.sys [33512] =>.AnchorFree Inc®
O58 - SDL:2016/01/24 00:54:31 A . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [24688] =>.Adlice®
O58 - SDL:2012/07/12 04:40:06 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] =>.Toshiba Corporation
O58 - SDL:2012/07/12 04:40:06 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] =>.RAVISENT Technologies Inc.
O58 - SDL:2005/09/04 20:00:00 A . (.Philips Semiconductors - WDM TV Tuner Driver.) -- C:\WINDOWS\System32\drivers\WDMTuner.sys [25984]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9029]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4768]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27866]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33840]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]
---\\ Last modified or created user files (2) - 23s
O61 - LFC: 2016/01/26 01:52:25 A . (..) -- C:\Documents and Settings\Administrator\Application Data\Participatory Culture Foundation\Miro\Support\gst_registry.bin [741368]
O61 - LFC: 2016/01/24 17:21:53 A . (..) -- C:\Documents and Settings\Administrator\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe [0]
---\\ File Associations Shell Spawning (8) - 0s
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr>[HKLM\..\open\Command] (...) -- "%1" /S
---\\ Start Menu Internet (17) - 1s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation®
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Opera\launcher.exe
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe =>.Microsoft Corporation
---\\ Search Browser Infection (2) - 3s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com/
---\\ Search Svchost Services (41) - 2s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\WINDOWS\system32\appmgmts.dll [167936] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] =>.Microsoft Corporation
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77824] =>.Microsoft Corporation
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] =>.Microsoft Corporation
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- C:\WINDOWS\system32\dmserver.dll [23552] =>.Microsoft Corp.
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976] =>.Microsoft Corporation
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] =>.Microsoft Corporation
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952] =>.Microsoft Corporation
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\system32\irmon.dll [28160] =>.Microsoft Corporation
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] =>.Microsoft Corporation
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [134144] =>.Microsoft Corporation
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] =>.Microsoft Corporation
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- C:\WINDOWS\system32\netman.dll [198144] =>.Microsoft Corporation
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\WINDOWS\system32\mswsock.dll [245248] =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- C:\WINDOWS\system32\ntmssvc.dll [435200] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] =>.Microsoft Corporation
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- C:\WINDOWS\system32\schedsvc.dll [192512] =>.Microsoft Corporation
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [18944] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\system32\ipnathlp.dll [330752] =>.Microsoft Corporation
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- C:\WINDOWS\system32\srsvc.dll [171008] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\WINDOWS\system32\tapisrv.dll [249856] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] =>.Microsoft Corporation
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [175616] =>.Microsoft Corporation
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- C:\WINDOWS\system32\wzcsvc.dll [483328] =>.Microsoft Corporation
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\WINDOWS\system32\advapi32.dll [617472] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [144896] =>.Microsoft Corporation
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] =>.Microsoft Corporation
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] =>.Microsoft Corporation
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- C:\WINDOWS\system32\qagentrt.dll [291328] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\WINDOWS\system32\kmsvc.dll [61440] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\system32\qmgr.dll [409088] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [23064] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400] =>.Microsoft Corporation
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [25088] =>.Microsoft Corporation
---\\ Additional Scan (O88) (1) - 0s
~ No malicious or unnecessary items found.
---\\ Summary of the elements found (1) - 0s
~ No malicious or unnecessary items found.
~ End of the scan, 22078 items in 00h05mn27s (918)(0)
~ Run by Administrator (Administrator) (2016/01/27 14:25:18)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Documents and Settings\Administrator\Desktop\ZHPDiag.txt
~ Report: C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)
---\\ Internet Browsers (2) - 1s
GCIE: Google Chrome v48.0.2564.82
MSIE: Internet Explorer v8.0.6001.18702
---\\ Windows Product Information (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : OK
---\\ System protection software (2) - 1s
ESET Smart Security v9.0.318.24
Malwarebytes Anti-Malware النسخة 2.2.0.1024
---\\ System optimization software (1) - 1s
CCleaner v5.13
---\\ Surveillance software (2) - 2s
Adobe Flash Player 12 Plugin
Adobe Reader XI
---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1046.952 MB (15% free)
System Restore: Activé (Enable)
System drive C: has 122 GB () free of 149 GB
---\\ Connection to the system mode (3) - 0s
~ Computer Name: JARRAH
~ User Name: Administrator
~ Logged in as Administrator
---\\ Enumeration of the disk units (3) - 5s
~ Drive C: has 122 GB free of 149 GB (System)
~ Drive D: has 156 GB free of 160 GB
~ Drive E: has 145 GB free of 166 GB
---\\ State of the Windows Security Center (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
---\\ Search Generic System Files (23) - 1s
[MD5.2BB75B7F548D82A099125D0C5971DE7D] - 12/07/2012 - (.Microsoft Corporation - Windows Explorer.) -- C:\WINDOWS\Explorer.exe [1033728] =>.Microsoft Corporation
[MD5.037B1E7798960E0420003D05BB577EE6] - 14/04/2008 - (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\rundll32.exe [33280] =>.Microsoft Corporation
[MD5.553AD35768CD27959391DD5AA82CEF6F] - 12/07/2012 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\WINDOWS\System32\wininet.dll [920064] =>.Microsoft Corporation
[MD5.53A8857723277B1D6D5EE60A9F85B117] - 12/07/2012 - (.Microsoft Corporation - Windows NT Logon Application.) -- C:\WINDOWS\System32\Winlogon.exe [509440] =>.Microsoft Corporation
[MD5.64AA11D53A4A84CDF43370D7036517C3] - 12/07/2012 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\WINDOWS\System32\dnsapi.dll [149504] =>.Microsoft Corporation
[MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - 12/07/2012 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\WINDOWS\System32\drivers\AFD.sys [138496] =>.Microsoft Corporation
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - 13/04/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation
[MD5.C885B02847F5D2FD45A24E219ED93B32] - 14/04/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - 12/07/2012 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - 14/04/2008 - (.Microsoft Corporation - FIPS Crypto Driver.) -- C:\WINDOWS\System32\drivers\Fips.sys [44544] =>.Microsoft Corporation
[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/04/2008 - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - 13/04/2008 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [52480] =>.Microsoft Corporation
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - 14/04/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - 14/04/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation
[MD5.23C74D75E36E7158768DD63D92789A91] - 14/04/2008 - (.Microsoft Corporation - IPSec Driver.) -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation
[MD5.FB2FCCC70F7174C7BF64F48E96D3ADF4] - 12/07/2012 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [457856] =>.Microsoft Corporation
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - 14/04/2008 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation
[MD5.4C51D5275AE8A16999EDFE7E647D00DE] - 18/11/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\WINDOWS\System32\drivers\ntfs.sys [576384] =>.Microsoft Corporation
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - 12/07/2012 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\WINDOWS\System32\drivers\Parport.sys [80128] =>.Microsoft Corporation
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - 14/04/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation
[MD5.47EA20320E3D6FDC7B7BB22B2B881CA6] - 04/09/2009 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [195712] =>.Microsoft Corporation
[MD5.F828DD7E1419B6653894A8F97A0094C5] - 13/04/2008 - (.Microsoft Corporation - Redbook Audio Filter Driver.) -- C:\WINDOWS\System32\drivers\redbook.sys [57600] =>.Microsoft Corporation
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - 14/04/2008 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\WINDOWS\System32\drivers\volsnap.sys [52352] =>.Microsoft Corporation
---\\ Non Microsoft non disabled Windows Services (13) - 4s
O23 - Service: CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe =>.CyberLink®
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink - CyberLink Media Server Monitor Service.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe =>.CyberLink®
O23 - Service: CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink - CyberLink Media Server Service.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe =>.CyberLink®
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
O23 - Service: خدمة Google Update (gupdate) (gupdate) . (.Google Inc. - مثبِّت Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
O23 - Service: Hotspot Shield Monitoring Service (HssWd) . (.AnchorFree Inc. - Hotspot Shield 5.1.2.) - C:\Program Files\Hotspot Shield\bin\hsswd.exe =>.AnchorFree Inc®
O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Program Files\Java\jre7\bin\jqs.exe =>.Oracle America, Inc.®
O23 - Service: (MBAMScheduler) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation®
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe =>.NVIDIA Corporation®
O23 - Service: RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe =>.RealNetworks, Inc.®
O23 - Service: Power Control [2015/04/01 21:50:28] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp. - .) - C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl =>.CyberLink®
---\\ Services not Microsoft (SR=Run, SS=Stop) (20) - 35s
SS - Demand [01/04/2015] [ 257928] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SR - Auto [14/03/2012] [ 87336] CLHNServiceForPowerDVD12 (CLHNServiceForPowerDVD12) . (.CyberLink Corp..) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe =>.CyberLink®
SR - Auto [14/03/2012] [ 75048] CyberLink PowerDVD 12 Media Server Monitor Service (CyberLink PowerDVD 12 Media Server Monitor Service) . (.CyberLink.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe =>.CyberLink®
SR - Auto [14/03/2012] [ 296232] CyberLink PowerDVD 12 Media Server Service (CyberLink PowerDVD 12 Media Server Service) . (.CyberLink.) - C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe =>.CyberLink®
SR - Auto [09/10/2015] [ 1971968] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe =>.ESET, spol. s r.o.®
SS - Auto [10/01/2016] [ 144200] خدمة Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [10/01/2016] [ 144200] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe =>.Google Inc®
SS - Demand [15/12/2015] [ 96600] Hotspot Shield Tray Service (HssTrayService) . (...) - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE =>.AnchorFree Inc®
SR - Auto [15/12/2015] [ 864464] Hotspot Shield Monitoring Service (HssWd) . (.AnchorFree Inc..) - C:\Program Files\Hotspot Shield\bin\hsswd.exe =>.AnchorFree Inc®
SR - Auto [01/04/2015] [ 182696] Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe =>.Oracle America, Inc.®
SR - Auto [05/10/2015] [ 1513784] (MBAMScheduler) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SR - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [12/02/2014] [ 118896] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®
SS - Demand [28/11/2007] [ 800040] NBService (NBService) . (.Nero AG.) - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe =>.Nero AG®
SR - Demand [27/06/2007] [ 279848] NMIndexingService (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe =>.Nero AG®
SR - Auto [31/01/2013] [ 156448] NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe =>.NVIDIA Corporation®
SS - Auto [31/01/2013] [ 1259296] NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe =>.NVIDIA Corporation®
SR - Auto [14/08/2013] [ 39056] RealNetworks Downloader Resolver Service (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe =>.RealNetworks, Inc.®
SS - Auto [19/03/2012] [ 87536] Power Control [2015/04/01 21:50:28] ({329F96B6-DF1E-4328-BFDA-39EA953C1312}) . (.CyberLink Corp..) - C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl =>.CyberLink®
---\\ Process running (26) - 6s
[MD5.05D36FCAB501C67DEA797FAFB5C42AC5] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1971968] [PID.1512] =>.ESET, spol. s r.o.®
[MD5.80FD4D46B0E9B620CF757A9A5C789329] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [577536] [PID.184] =>.Realtek Semiconductor Corp.
[MD5.02C02E1A92435043FC275101A8ECAAAB] - (.Copyright (C) 2003 - MaySample MFC Application.) -- C:\Program Files\Application\Video Wizard WDM Video Capture\Remote.exe [241664] [PID.220]
[MD5.0BCDFD7BA8AD4159A3B77B1F877120BE] - (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743136] [PID.244] =>.Wondershare Software Co., Ltd. ®
[MD5.8651F84ECBE5687A6628F1062300608C] - (.CyberLink - DMREngine.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe [501544] [PID.252] =>.CyberLink®
[MD5.FBBD76D32C007B7AAC92399B9EB7BD11] - (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe [371256] [PID.280] =>.CyberLink®
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.472] =>.RealNetworks, Inc.®
[MD5.86F0D0B3A07C142C81DAB47E8495A822] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872] [PID.932] =>.Nero AG®
[MD5.8025F05E5A51FD499584AFD7A688423C] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6602152] [PID.960] =>.Piriform Ltd®
[MD5.549F6A1198C3120BB836F04BB1BAF5B8] - (.CyberLink Corp. - CLHNServiceForPowerDVD12 Module.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336] [PID.804] =>.CyberLink®
[MD5.751E67A18468ADAE2D6AA90F026E2DBE] - (.CyberLink - CyberLink Media Server Monitor Service.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048] [PID.352] =>.CyberLink®
[MD5.3DE230F59C8830168EAAB163B606DD37] - (.CyberLink - CyberLink Media Server Service.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232] [PID.1832] =>.CyberLink®
[MD5.2F96B2D2338919162EC9E0554F8F727A] - (.AnchorFree Inc. - Hotspot Shield 5.1.2.) -- C:\Program Files\Hotspot Shield\bin\hsswd.exe [864464] [PID.2164] =>.AnchorFree Inc®
[MD5.80A79264302910C7C24BA7E44267EFEF] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [182696] [PID.2724] =>.Oracle America, Inc.®
[MD5.AB176B9E59C0435499D83047D84EDD59] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784] [PID.2764] =>.Malwarebytes Corporation®
[MD5.40C126CB15FAB7D6C66490DCA9C1AED2] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416] [PID.4088] =>.Malwarebytes Corporation®
[MD5.1982E96B2C5C2EFFEF38EFC37293A42E] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.8.) -- C:\WINDOWS\system32\nvsvc32.exe [156448] [PID.2188] =>.NVIDIA Corporation®
[MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.2820] =>.RealNetworks, Inc.®
[MD5.BABBBDEF9DBB5E012EE5210FCB47C33B] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [9832760] [PID.3552] =>.Malwarebytes Corporation®
[MD5.A328A46D87BB92CE4D8A4528E9D84787] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [279848] [PID.3568] =>.Nero AG®
[MD5.FFBD5650348D4F9E0AA8E72938DC6478] - (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe [1213736] [PID.3804] =>.Nero AG®
[MD5.E0ED4A85D35E3874A85A25C222326B81] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5532872] [PID.3228] =>.ESET, spol. s r.o.®
[MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.2872] =>.Google Inc®
[MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.3628] =>.Google Inc®
[MD5.51667022FACBD1AA611373DA16C98533] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [748872] [PID.3268] =>.Google Inc®
[MD5.AD0F16DEF98337C3F11E69DCFDD9928E] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\Administrator\My Documents\Downloads\ZHPDiag3 (1).exe [2097152] [PID.1800] =>.Nicolas Coolman
---\\ Google Chrome, Start,Search,Extensions (10) - 1s
G2 - GCE: Preference [User Data\Default] [aapocclcgogkmnckokdopfmhonfmgoek] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [felcaaldnbdncclmgdcncolpebgiejap] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealDownloader
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (1) - 3s
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll =>.Adobe Systems Incorporated
---\\ Internet Explorer Extensions, Start, Search (10) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer
---\\ Internet Explorer, Proxy Management (5) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)
---\\ Browser Helper Object (BHO) (3) - 1s
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll =>.Oracle America, Inc.®
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll =>.Oracle America, Inc.®
---\\ Auto loading programs from Registry and folders (21) - 1s
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE =>.Realtek Semiconductor Corp.
O4 - HKLM\..\Run: [IR Control] . (.Copyright (C) 2003 - MaySample MFC Application.) -- C:\Program Files\Application\Video Wizard WDM Video Capture\Remote.exe
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe =>.Wondershare Software Co., Ltd. ®
O4 - HKLM\..\Run: [PowerDVD12DMREngine] . (.CyberLink - DMREngine.) -- C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe =>.CyberLink®
O4 - HKLM\..\Run: [PowerDVD12Agent] . (.CyberLink Corp. - PowerDVD 12.) -- C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe =>.CyberLink®
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe =>.NVIDIA Corporation®
O4 - HKLM\..\Run: [NvMediaCenter] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\RunDLL32.exe =>.Microsoft Corporation
O4 - HKLM\..\Run: [NvCplDaemon] . (.Microsoft Corporation - Run a DLL as an App.) -- C:\WINDOWS\System32\RUNDLL32.EXE =>.Microsoft Corporation
O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe =>.Nero AG®
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe =>.Microsoft Corporation®
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe =>.Apple Inc.®
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems, Incorporated®
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe =>.RealNetworks, Inc.®
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe =>.Nero AG®
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe =>.Nero AG®
O4 - HKUS\S-1-5-21-1004336348-1767777339-1606980848-500\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
---\\ Global shortcuts Startup (112) - 39s
O4 - GS\Desktop [Administrator]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Administrator]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [Administrator]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [Administrator]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Administrator]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Administrator]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [Administrator]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [Administrator]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [Administrator]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [Administrator]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [Administrator]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [Administrator]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [Administrator]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Administrator]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [Administrator]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [Administrator]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [Administrator]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [Administrator]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [Administrator]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\Desktop [Guest]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [Guest]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [Guest]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [Guest]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [Guest]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [Guest]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [Guest]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [Guest]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [Guest]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [Guest]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [Guest]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [Guest]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [Guest]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [Guest]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [Guest]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [Guest]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [Guest]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [Guest]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [Guest]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [Guest]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\Desktop [HelpAssistant]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [HelpAssistant]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [HelpAssistant]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [HelpAssistant]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [HelpAssistant]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [HelpAssistant]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [HelpAssistant]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [HelpAssistant]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [HelpAssistant]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [HelpAssistant]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [HelpAssistant]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [HelpAssistant]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [HelpAssistant]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [HelpAssistant]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [HelpAssistant]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [HelpAssistant]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [HelpAssistant]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [HelpAssistant]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [HelpAssistant]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [HelpAssistant]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [HelpAssistant]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [HelpAssistant]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [HelpAssistant]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [HelpAssistant]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [HelpAssistant]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\Desktop [SUPPORT_388945a0]: ESET Smart Security.lnk . (.ESET - ESET Main GUI.) C:\Program Files\ESET\ESET Smart Security\egui.exe =>.ESET, spol. s r.o.®
O4 - GS\Desktop [SUPPORT_388945a0]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Desktop [SUPPORT_388945a0]: FM.lnk . (.版权所有 (C) 2004 - FM Microsoft 基础类应用程序.) C:\Program Files\Application\Video Wizard WDM Video Capture\FM.EXE
O4 - GS\Desktop [SUPPORT_388945a0]: Format Factory.lnk . (.Free Time - FormatFactory.) C:\Program Files\FreeTime\FormatFactory\FormatFactory.exe =>.chen jun hao®
O4 - GS\Desktop [SUPPORT_388945a0]: Golden Al-Wafi Translator.lnk . (.ATA Software Technology Ltd - Golden Al-Wafi Translation Software.) C:\Program Files\Golden Al-Wafi Translator\Golden Al-Wafi Translator.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Internet Download Manager.lnk . (...) C:\Program Files\Internet Download Manager\IDMan.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Desktop [SUPPORT_388945a0]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Desktop [SUPPORT_388945a0]: Quraish(Arabic).lnk . (.AfkarMedia® - Quraish main executable.) C:\Program Files\AfkarMedia\Quraish\Quraish.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Video Wizard WDM Video Capture.lnk . (.Copyright (C) 2004 - .) C:\Program Files\Application\Video Wizard WDM Video Capture\WinTVR.EXE
O4 - GS\Desktop [SUPPORT_388945a0]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Desktop [SUPPORT_388945a0]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) C:\Program Files\Your Uninstaller! 7\urmain.exe
O4 - GS\Desktop [SUPPORT_388945a0]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Documents and Settings\Administrator\Application Data\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [SUPPORT_388945a0]: ALL Media Server.lnk . (.ALLCinema Ltd. - .) C:\Program Files\ALLMediaServer\ALLMediaServer.exe
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Bigasoft Video Downloader Pro.lnk . (.Bigasoft Corporation - Video Downloader Pro.) C:\Program Files\Bigasoft\Video Downloader Pro\videodownloader.exe =>.Bigasoft Corporation
O4 - GS\Quicklaunch [SUPPORT_388945a0]: File Recover.lnk . (.PC Tools - File Recover.) C:\Program Files\File Recover\FileRecover.exe {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O4 - GS\Quicklaunch [SUPPORT_388945a0]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: jetAudio.lnk . (.JetAudio, Inc. - jetAudio.) C:\Program Files\JetAudio\JetAudio.exe {2B13AAC1A1EE61}
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Mozilla Firefox.lnk . (...) C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Nero Home Essentials SE.lnk . (.Nero AG - Nero Home.) C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe =>.Nero AG®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Nero StartSmart Essentials.lnk . (.Nero AG - Nero StartSmart.) C:\Program Files\Nero\Nero 7\Nero StartSmart\NeroStartSmart.exe =>.Nero AG®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: PhotoScape.lnk . (.Copyright (C) 2005 - PhotoScape.) C:\Program Files\PhotoScape\PhotoScape.exe =>.Mooii Tech®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Winamp.lnk . (.Nullsoft, Inc. - Winamp.) C:\Program Files\Winamp\winamp.exe =>.Nullsoft Inc.®
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Zoom Player MAX.lnk . (.Inmatrix LTD - Zoom Player.) C:\Program Files\Zoom Player MAX\zplayer.exe
O4 - GS\CommonDesktop [Public]: Allok Video Joiner.lnk . (...) C:\Program Files\Allok Video Joiner\Allok Video Joiner.exe
O4 - GS\CommonDesktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) C:\Program Files\CCleaner\CCleaner.exe =>.Piriform Ltd®
O4 - GS\CommonDesktop [Public]: Dial-Up.lnk . (.ZTE中兴 - Dial-Up Microsoft 基础类应用程序.) C:\Program Files\zte\PC_DIAL_FWPV5.00.09\Dial-Up.exe
O4 - GS\CommonDesktop [Public]: GOM Player.lnk . (.Copyright(C) Gretech Corp. All rights reserved. Since - GOM Player.) C:\Program Files\GRETECH\GomPlayer\GOM.EXE {78A2255D0AB283A4DC76EF94B250B7ED}
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files\Google\Chrome\Application\chrome.exe =>.Google Inc®
O4 - GS\CommonDesktop [Public]: Hotspot Shield.lnk . (.AnchorFree Inc. - Hotspot Shield 5.1.2.) C:\Program Files\Hotspot Shield\bin\HSSCP.exe =>.AnchorFree Inc®
O4 - GS\CommonDesktop [Public]: RealPlayer.lnk . (.RealNetworks, Inc. - RealPlayer.) C:\Program Files\Real\RealPlayer\realplay.exe =>.RealNetworks, Inc.®
O4 - GS\CommonDesktop [Public]: Rome - Total War - Alexander.lnk . (.The Creative Assembly Ltd - Rome: Total War - Alexander.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW-ALX.exe =>.The Creative Assembly Ltd
O4 - GS\CommonDesktop [Public]: Rome - Total War - Barbarian Invasion.lnk . (.The Creative Assembly Ltd - Rome: Total War - Barbarian Invasion.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW-BI.exe =>.The Creative Assembly Ltd
O4 - GS\CommonDesktop [Public]: Rome - Total War.lnk . (.The Creative Assembly Ltd - Rome: Total War.) C:\Program Files\SCC-TDS\Rome - Total War\RomeTW.exe =>.The Creative Assembly Ltd
O4 - GS\Startup [Public]: Who Is On My Wifi.lnk . (.Copyright © 2013 - mywifi3.) C:\Program Files\IO3O LLC\Who Is On My Wifi\mywifi.exe
O4 - GS\Programs [Public]: Format Factory 2.60.lnk . (...) C:\Program Files\FormatFactory 2.60\FormatFactory.exe
---\\ Lop.com/Domain Hijackers (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DCA34F41-23C0-4F74-8E15-B680EA6E9ED9}: DhcpNameServer = 192.168.1.1
---\\ Extra protocols (28) - 2s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll =>.Microsoft Corporation®
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll =>.Microsoft Corporation®
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL =>.Microsoft Corporation®
---\\ Software installed (68) - 36s
O42 - Logiciel: ACDSee Free - (.ACD Systems International Inc..) [HKLM] -- ACDSee Free =>.ACD Systems International Inc®
O42 - Logiciel: Adobe Flash Player 12 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 12 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Reader XI (11.0.04) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AB0000000001} =>.Adobe Systems Incorporated
O42 - Logiciel: AIMP3 - (.AIMP DevTeam.) [HKLM] -- AIMP3 =>.AIMP DevTeam
O42 - Logiciel: ALLMediaServer - (.ALLCinema Ltd..) [HKLM] -- {FE77909E-B782-4554-A92A-4D887CEF0ACC}_is1
O42 - Logiciel: Allok Video Joiner 4.6.0529 - (.Allok Soft Inc..) [HKLM] -- Allok Video Joiner_is1
O42 - Logiciel: AllokSoft Allok Video Joiner v4.6.0529 ShamFuture.com - (.ShamFuture.com.) [HKLM] -- {1E0ED455-F294-460F-9845-CF7A55BF4D53}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc.
O42 - Logiciel: Blender - (.Blender Foundation.) [HKLM] -- Blender =>.Blender Foundation
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner =>.Piriform Ltd®
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM] -- {B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink®
O42 - Logiciel: CyberLink PowerDVD 12 - (.CyberLink Corp..) [HKLM] -- InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A} =>.CyberLink®
O42 - Logiciel: DriverPack Solution Updater - (.DriverPack Solution.) [HKCU] -- DRPSu Updater =>.Kuzyakov Artur Vyacheslavovich IP®
O42 - Logiciel: Drv - (.My Company Name.) [HKLM] -- {DA71A94B-3617-4935-8BBE-1566B2174C95}
O42 - Logiciel: ESET Smart Security - (.ESET, spol. s r.o..) [HKLM] -- {993949EA-4382-4C42-A8B0-16FB3D4F8CF8} =>.ESET, spol. s r.o.
O42 - Logiciel: File Recover 8.0 - (.PC Tools.) [HKLM] -- File Recover_is1 {42ABDC237D1BA31664BA4E7B05F23652} =>.PC Tools
O42 - Logiciel: FormatFactory 3.6.0.0 - (.Format Factory.) [HKLM] -- FormatFactory =>.Format Factory
O42 - Logiciel: Golden Al-Wafi Translator 1.12 - (.<
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player =>.Gretech Corporation
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome =>.Google Inc®
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Hotspot Shield 5.1.2 - (.AnchorFree Inc..) [HKLM] -- HotspotShield =>.AnchorFree Inc®
O42 - Logiciel: Java 7 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217045FF} =>.Oracle
O42 - Logiciel: Java Auto Updater - (.Sun Microsystems, Inc..) [HKLM] -- {4A03706F-666A-4037-7777-5F2748764D10} =>.Sun Microsystems, Inc.
O42 - Logiciel: jetAudio Basic - (.COWON.) [HKLM] -- {DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A} {2B13AAC1A1EE61} =>.COWON
O42 - Logiciel: K-Lite Codec Pack 10.2.0 Full - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: Malwarebytes Anti-Malware النسخة 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Microsoft Software Update for Web Folders (Arabic) 12 - (.Microsoft Corporation.) [HKLM] -- {90120000-0010-0401-0000-0000000FF1CE} =>.Microsoft Corporation
O42 - Logiciel: Microsoft Text-to-Speech Engine 4.0 (English) - (...) [HKLM] -- MSTTS
O42 - Logiciel: Miro - (.Participatory Culture Foundation.) [HKLM] -- Miro =>.Participatory Culture Foundation
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: MSXML 6.0 Parser (KB925673) - (.Microsoft Corporation.) [HKLM] -- {FE9126DB-5F84-495A-BB46-3C724F1C2D08} =>.Microsoft Corporation
O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM] -- {C3CF41F1-0373-4DD7-BE99-F33B00E51033} =>.Nero AG
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} =>.Nero AG
O42 - Logiciel: NVIDIA Install Application - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA NView 136.53 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA Update Components - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update =>.NVIDIA Corporation
O42 - Logiciel: NVIDIA برنامج تشغيل الرسومات 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver =>.NVIDIA Corporation
O42 - Logiciel: PC_DIAL_FWPV5.00.09 - (.zte.) [HKLM] -- {88D613F4-D4AE-48F1-BF73-66A1886FB214} =>.ZTE
O42 - Logiciel: PhotoScape - (...) [HKLM] -- PhotoScape
O42 - Logiciel: Power Mp3 Cutter(Mp3 Sound Cutter) 1.40 - (.CooolSoft, Inc..) [HKLM] -- Power Mp3 Cutter(Mp3 Sound Cutter)_is1
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {B67BAFBA-4C9F-48FA-9496-933E3B255044} =>.Apple Inc.
O42 - Logiciel: Quraish - (.أفكـار ميديـا.) [HKLM] -- {5756E0B4-C092-4B0D-A935-80F72572B6F4}
O42 - Logiciel: RealDownloader - (.RealNetworks, Inc..) [HKLM] -- {C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE} =>.RealNetworks, Inc.
O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 16.0 =>.RealNetworks, Inc.®
O42 - Logiciel: Realtek AC'97 Audio - (...) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB} =>.RealNetworks, Inc.
O42 - Logiciel: Rome - Total War - (.SCC-TDS.) [HKLM] -- {590EDC61-9823-4D56-9E87-0D32DFC5D81D} =>.Macrovision Corporation®
O42 - Logiciel: SigmaTel Audio - (.SigmaTel.) [HKLM] -- {A462213D-EED4-42C2-9A60-7BDD4D4B0B17} =>.SigmaTel
O42 - Logiciel: TeleText - (...) [HKLM] -- {D46BF5B1-315A-4E7F-AC0A-206497BA7705}
O42 - Logiciel: Video Downloader Pro - (.www.ad4cd.com.) [HKLM] -- Video Downloader Pro_is1
O42 - Logiciel: Video Wizard WDM Video Capture - (.Application.) [HKLM] -- {09AFDC81-D666-4194-B5B0-82461129F22C} =>.Application
O42 - Logiciel: Video Wizard WDM Video Capture - (.Application.) [HKLM] -- InstallShield_{09AFDC81-D666-4194-B5B0-82461129F22C} =>.Application
O42 - Logiciel: WebFldrs XP - (.Microsoft Corporation.) [HKLM] -- {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} =>.Microsoft Corporation
O42 - Logiciel: Who Is On My Wifi version 3.0.2 - (.IO3O LLC.) [HKLM] -- {010D45A1-093D-4534-8147-4E10E80F81CC}_is1
O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp =>.Nullsoft, Inc
O42 - Logiciel: Windows Media Format Runtime - (...) [HKLM] -- Windows Media Format Runtime
O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840} =>.Microsoft Corporation
O42 - Logiciel: WinRAR 5.00 بيتا 7 (32-بت) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver =>.win.rar GmbH®
O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC =>.Microsoft Corporation
O42 - Logiciel: Your Uninstaller Pro v7.3.2011.2 - (.Your Uninstaller Pro v7.3.2011.2.) [HKLM] -- {6D7E03A8-DF82-4D22-B4F7-251488BFEBC8}
O42 - Logiciel: Your Uninstaller! 7 - (.URSoft, Inc..) [HKLM] -- YU2010_is1 {20D86DE3316D2F604A4A91753B51F566}
O42 - Logiciel: ZHPFix 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1 =>.Nicolas Coolman
O42 - Logiciel: Zoom Player MAX - (.www.ad4cd.com.) [HKLM] -- Zoom Player MAX_is1
O42 - Logiciel: تحديثات NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update =>.NVIDIA Corporation
O42 - Logiciel: دعم تطبيق Apple - (.Apple Inc..) [HKLM] -- {5D09C772-ECB3-442B-9CC6-B4341C78FDC2} =>.Apple Inc.
O42 - Logiciel: لوحة تحكم NVIDIA 307.83 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel =>.NVIDIA Corporation
---\\ HKCU & HKLM Software Keys (147) - 37s
HKLM\SOFTWARE\ACD Systems
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\Ahead
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Apple Inc.
HKLM\SOFTWARE\Application
HKLM\SOFTWARE\Audible
HKLM\SOFTWARE\BlenderFoundation
HKLM\SOFTWARE\BrowserChoice
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\ComputerAssociates
HKLM\SOFTWARE\COWON
HKLM\SOFTWARE\CyberLink
HKLM\SOFTWARE\Disc Soft
HKLM\SOFTWARE\DT Soft
HKLM\SOFTWARE\Electronic Arts
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\GENIATEC
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Golden Al-Wafi Translator
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GRETECH
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\Hasbro Interactive
HKLM\SOFTWARE\honestech
HKLM\SOFTWARE\HotspotShield
HKLM\SOFTWARE\Icaros
HKLM\SOFTWARE\Inmatrix
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\IO3O
HKLM\SOFTWARE\Items Technology Co., Ltd.
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\Lake
HKLM\SOFTWARE\LAV
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\magnet
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Mooii
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\My Company Name
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Participatory Culture Foundation
HKLM\SOFTWARE\PCTools
HKLM\SOFTWARE\Philips Semiconductors
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\SCC-TDS
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\SigmaTel
HKLM\SOFTWARE\Sims
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Sunisoft
HKLM\SOFTWARE\TunerData
HKLM\SOFTWARE\Voice
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\WinTVR
HKLM\SOFTWARE\Wondershare
HKLM\SOFTWARE\Xing Technology Corp.
HKLM\SOFTWARE\zte
HKCU\SOFTWARE\ACD Systems
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\ALLConverter PRO
HKCU\SOFTWARE\ALLMediaServer
HKCU\SOFTWARE\AnchorFree
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\CleanMyPC
HKCU\SOFTWARE\COWON
HKCU\SOFTWARE\Cyberlink
HKCU\SOFTWARE\Disc Soft
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\drpsu
HKCU\SOFTWARE\DScaler5
HKCU\SOFTWARE\DT Soft
HKCU\SOFTWARE\Electronic Arts
HKCU\SOFTWARE\Emulators
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\FreeTime
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\geissplugin
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\GRETECH
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Haemimont Games
HKCU\SOFTWARE\honestech
HKCU\SOFTWARE\Icaros
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Install
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\InterVideo
HKCU\SOFTWARE\JavaSoft
HKCU\SOFTWARE\Lake
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\madshi
HKCU\SOFTWARE\MainConcept
HKCU\SOFTWARE\MediaChance
HKCU\SOFTWARE\MediaInfo
HKCU\SOFTWARE\Mooii
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nimbuzz
HKCU\SOFTWARE\NVIDIA Corporation
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Participatory Culture Foundation
HKCU\SOFTWARE\PCTools
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\Project07
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\quareeb.exe
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\SpinTop
HKCU\SOFTWARE\Sunisoft
HKCU\SOFTWARE\The Creative Assembly
HKCU\SOFTWARE\TheCreativeAssembly
HKCU\SOFTWARE\TikGames
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\URSoft
HKCU\SOFTWARE\VirtuaMedia
HKCU\SOFTWARE\Voice
HKCU\SOFTWARE\Winamp
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper
---\\ Contents of the Common Files folders (220) - 128s
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\ACD Systems =>.ACD Systems International Inc®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Adobe =>.Adobe Systems, Incorporated®
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\AfkarMedia
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\AIMP3
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\ALLMediaServer
O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\Allok Video Joiner
O43 - CFD: 22/08/2015 - [] D -- C:\Program Files\ALLPlayer
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\AlmawredDictionary
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Apple Software Update =>.Apple Inc.®
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Application
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Bigasoft
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Blender Foundation
O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\CCleaner =>.Piriform Ltd®
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\CleanMyPC
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 01/04/2015 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\CyberLink =>.CyberLink®
O43 - CFD: 12/01/2016 - [] D -- C:\Program Files\ESET =>.ESET, spol. s r.o.®
O43 - CFD: 02/10/2015 - [] D -- C:\Program Files\File Recover {42ABDC237D1BA31664BA4E7B05F23652}
O43 - CFD: 09/06/2015 - [] D -- C:\Program Files\FreeTime =>.chen jun hao®
O43 - CFD: 02/10/2015 - [] D -- C:\Program Files\GetData
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Golden Al-Wafi Translator
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Google =>.Google Inc®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\GRETECH {78A2255D0AB283A4DC76EF94B250B7ED}
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\honestech
O43 - CFD: 18/12/2015 - [] D -- C:\Program Files\Hotspot Shield =>.AnchorFree Inc®
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\InstallShield Installation Information {2B13AAC1A1EE61}
O43 - CFD: 26/01/2016 - [] D -- C:\Program Files\Internet Download Manager =>.Tonec Inc.®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 27/05/2015 - [] D -- C:\Program Files\IO3O LLC
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Java =>.Oracle America, Inc.®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\JetAudio
O43 - CFD: 28/05/2015 - [] D -- C:\Program Files\Jnes
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\K-Lite Codec Pack
O43 - CFD: 22/01/2016 - [] D -- C:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 25/01/2016 - [] D -- C:\Program Files\MediaMonkey
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\microsoft frontpage
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Office =>.Microsoft Corporation®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\MSN Gaming Zone
O43 - CFD: 26/05/2015 - [] D -- C:\Program Files\MTK
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Mydrv
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Nero =>.Nero AG®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 03/06/2015 - [] D -- C:\Program Files\NirSoft =>.Nir Sofer®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\NVIDIA Corporation =>.NVIDIA Corporation®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Online Services
O43 - CFD: 08/01/2016 - [] D -- C:\Program Files\Opera
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Participatory Culture Foundation
O43 - CFD: 22/04/2015 - [] D -- C:\Program Files\Philips Semiconductors
O43 - CFD: 16/08/2015 - [] D -- C:\Program Files\Photo!
O43 - CFD: 16/08/2015 - [] D -- C:\Program Files\PhotoScape =>.Mooii Tech®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Power Mp3 Cutter(Mp3 Sound Cutter)
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Real =>.RealNetworks, Inc.®
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\RealNetworks =>.RealNetworks, Inc.®
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 10/01/2016 - [] D -- C:\Program Files\SCC-TDS
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\SigmaTel =>.InstallShield Software Corporation®
O43 - CFD: 25/04/2015 - [] D -- C:\Program Files\TDS_SCC
O43 - CFD: 01/04/2015 - [0] D -- C:\Program Files\Uninstall Information
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Winamp
O43 - CFD: 02/04/2015 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 01/04/2015 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\WinRAR =>.win.rar GmbH®
O43 - CFD: 03/06/2015 - [0] D -- C:\Program Files\Wondershare
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\xerox
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\Your Uninstaller! 7
O43 - CFD: 24/01/2016 - [] D -- C:\Program Files\ZHPFix
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Zoom Player MAX
O43 - CFD: 06/05/2015 - [] D -- C:\Program Files\zte
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\قاموس صخر الجديد
O43 - CFD: 03/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ACDSee Free
O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\AIMP3
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ALLMediaServer
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Allok Video Joiner
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Blender Foundation
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CyberLink PowerDVD 12
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET
O43 - CFD: 02/10/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\File Recover
O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Golden Al-Wafi Translator
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\GOM Player
O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Hotspot Shield
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Java
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\jetAudio
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 22/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Office
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Miro
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Nero 7 Essentials
O43 - CFD: 06/05/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PC_DIAL_FWPV5.00.09
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Philips Semiconductors
O43 - CFD: 16/08/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PhotoScape
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Power Mp3 Cutter(Mp3 Sound Cutter)
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks
O43 - CFD: 12/01/2016 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
O43 - CFD: 23/09/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Who Is On My Wifi
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
O43 - CFD: 24/04/2015 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Your Uninstaller! 7
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ZHP
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Apple Computer
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Baidu
O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\CyberLink
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\ESET
O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Hotspot Shield
O43 - CFD: 26/05/2015 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\install_clap
O43 - CFD: 22/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
O43 - CFD: 01/04/2015 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Microsoft Help
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Nero
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\NVIDIA
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\PDVD
O43 - CFD: 03/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Real
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\RealNetworks
O43 - CFD: 12/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\RogueKiller
O43 - CFD: 24/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Skype
O43 - CFD: 07/01/2016 - [] D -- C:\Documents and Settings\All Users\Application Data\Steam
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Sun
O43 - CFD: 26/01/2016 - [0] AD -- C:\Documents and Settings\All Users\Application Data\TEMP
O43 - CFD: 03/06/2015 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare Player
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\COWON
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 24/04/2015 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Java
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\MSSoap
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\ODBC
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\Wondershare
O43 - CFD: 01/04/2015 - [] D -- C:\Program Files\Common Files\xing shared
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\AC3Filter
O43 - CFD: 18/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Adobe
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\AIMP3
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Apple Computer
O43 - CFD: 29/07/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\CyberLink
O43 - CFD: 26/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\DMCache
O43 - CFD: 02/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\DRPSu
O43 - CFD: 30/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\ESET
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\GRETECH
O43 - CFD: 02/11/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Hotspot Shield
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Identities
O43 - CFD: 26/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\IDM
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\InstallShield
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Macromedia
O43 - CFD: 26/05/2015 - [] SD -- C:\Documents and Settings\Administrator\Application Data\Microsoft
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Mozilla
O43 - CFD: 12/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\MPC-HC
O43 - CFD: 11/11/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Opera Software
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Participatory Culture Foundation
O43 - CFD: 27/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Application Data\PhotoScape
O43 - CFD: 27/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Real
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\RealNetworks
O43 - CFD: 24/09/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\SpinTop
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Sun
O43 - CFD: 07/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\The Creative Assembly
O43 - CFD: 24/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\URSoft
O43 - CFD: 22/04/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\Winamp
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Application Data\WinRAR
O43 - CFD: 27/01/2016 - [] D -- C:\Documents and Settings\Administrator\Application Data\ZHP
O43 - CFD: 18/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Adobe
O43 - CFD: 02/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Ahead
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ALLMediaServer
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Apple Computer
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\CyberLink
O43 - CFD: 10/01/2016 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Deployment
O43 - CFD: 30/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\ESET
O43 - CFD: 13/09/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Google
O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaMonkey
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\MediaServer
O43 - CFD: 03/04/2015 - [] SD -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft
O43 - CFD: 01/04/2015 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft Help
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla
O43 - CFD: 11/11/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Opera Software
O43 - CFD: 31/05/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Skype
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Sun
O43 - CFD: 03/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Tipard Studio
O43 - CFD: 07/05/2015 - [0] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\WMTools Downloaded Files
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Local Settings\Application Data\Wondershare
O43 - CFD: 01/04/2015 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Accessories
O43 - CFD: 29/07/2015 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
O43 - CFD: 10/01/2016 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\AfkarMedia
O43 - CFD: 24/04/2010 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\AVer Zone
O43 - CFD: 09/06/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\FormatFactory
O43 - CFD: 26/05/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\MTK Hotspot
O43 - CFD: 04/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Nero 7 Essentials
O43 - CFD: 03/06/2015 - [0] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\NirSoft Wireless Network Watcher
O43 - CFD: 26/01/2016 - [] RD -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Video Downloader Pro
O43 - CFD: 24/04/2010 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Video Wizard WDM Video Capture
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\WinRAR
O43 - CFD: 01/04/2015 - [] D -- C:\Documents and Settings\Administrator\Start Menu\Programs\Zoom Player MAX
O43 - CFD: 01/04/2015 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 01/04/2015 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup
---\\ ShellIconOverlayIdentifiers (SIOI) (7) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll =>.Microsoft Corporation®
O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\system32\cscui.dll =>.Microsoft Corporation
---\\ System Drivers List (60) - 15s
O58 - SDL:2007/01/23 12:00:00 RA . (.Philips Semiconductors GmbH - SAA713x Analog + Digital TV Card Driver.) -- C:\WINDOWS\System32\drivers\3xHybrid.sys [716160]
O58 - SDL:2008/09/23 23:40:22 RA . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS [4122368] =>.Realtek Semiconductor Corp.
O58 - SDL:2003/04/01 23:36:42 RA . (.Philips Semiconductors - cap7134.) -- C:\WINDOWS\System32\drivers\Cap7134.sys [348352]
O58 - SDL:2011/03/04 11:44:12 N . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\WINDOWS\System32\drivers\cdr4_xp.sys [9072] =>.Sonic Solutions®
O58 - SDL:2011/03/04 11:44:12 N . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\WINDOWS\System32\drivers\cdralw2k.sys [9200] =>.Sonic Solutions®
O58 - SDL:2012/07/12 04:40:06 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] =>.RAVISENT Technologies Inc.
O58 - SDL:2012/07/12 04:40:06 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] =>.Compaq Computer Corporation
O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [799744] =>.Microsoft Corp., Veritas Software
O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153344] =>.Microsoft Corp., Veritas Software
O58 - SDL:2008/04/14 04:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] =>.Microsoft Corp., Veritas Software.
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [205800] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [145512] =>.ESET, spol. s r.o.®
O58 - SDL:2015/10/07 06:16:32 A . (.ESET - ESET OPP Keyboard Filter.) -- C:\WINDOWS\System32\drivers\ekbdflt.sys [111040] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [161992] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\System32\drivers\epfwndis.sys [47168] =>.ESET, spol. s r.o.®
O58 - SDL:2015/09/23 09:30:22 A . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [69816] =>.ESET, spol. s r.o.®
O58 - SDL:2008/04/14 04:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] =>.Malwarebytes Corporation®
O58 - SDL:2016/01/27 03:56:43 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [170200] =>.Malwarebytes Corporation®
O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv61xxmm.sys [13616] =>.Marvell Semiconductor®
O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv64xxmm.sys [5632] =>.Marvell Semiconductor Inc.
O58 - SDL:2012/07/12 04:44:02 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mvxxmm.sys [13616] =>.Marvell Semiconductor®
O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2013/01/31 03:22:47 A . (.NVIDIA Corporation - NVIDIA Windows XP Miniport Driver, Version.) -- C:\WINDOWS\System32\drivers\nv4_mini.sys [12648960] =>.NVIDIA Corporation®
O58 - SDL:2004/03/27 22:25:14 RA . (.China Geniatech Inc. - WDM TCL TV Tuner MiniDriver.) -- C:\WINDOWS\System32\drivers\PhTVTune.sys [24176]
O58 - SDL:2009/01/22 05:08:34 RA . (.Windows (R) Codename Longhorn DDK provider - Generic Port I/O.) -- C:\WINDOWS\System32\drivers\PortIo.sys [4864] =>.Windows (R) Codename Longhorn DDK provider
O58 - SDL:2008/04/14 04:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] =>.Parallel Technologies, Inc.
O58 - SDL:2011/03/04 11:44:14 N . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\System32\drivers\PxHelp20.sys [45648] =>.Sonic Solutions®
O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2012/07/12 04:40:06 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2012/12/19 07:30:00 A . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\System32\drivers\Rtenicxp.sys [386528] =>.Realtek Semiconductor Corp®
O58 - SDL:2005/09/04 20:00:00 A . (.Philips Semiconductors - SAA713x TV Card - Video Capture Driver.) -- C:\WINDOWS\System32\drivers\SAA713x.sys [279552]
O58 - SDL:2008/04/14 04:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - CP2101 USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\slabbus.sys [58368] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabcm.sys [5504] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabcmnt.sys [5504] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - CP2101 USB to UART Bridge Controller WDM.) -- C:\WINDOWS\System32\drivers\slabser.sys [75776] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabwh.sys [5504] =>.MCCI Corporation
O58 - SDL:2007/03/01 11:12:16 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\System32\drivers\slabwhnt.sys [5504] =>.MCCI Corporation
O58 - SDL:2015/08/21 10:13:10 A . (.AnchorFree Inc - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\taphss.sys [33512] =>.AnchorFree Inc®
O58 - SDL:2016/01/24 00:54:31 A . (...) -- C:\WINDOWS\System32\drivers\TrueSight.sys [24688] =>.Adlice®
O58 - SDL:2012/07/12 04:40:06 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] =>.Toshiba Corporation
O58 - SDL:2012/07/12 04:40:06 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] =>.RAVISENT Technologies Inc.
O58 - SDL:2005/09/04 20:00:00 A . (.Philips Semiconductors - WDM TV Tuner Driver.) -- C:\WINDOWS\System32\drivers\WDMTuner.sys [25984]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9029]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4768]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27866]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33840]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2008/04/14 04:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]
---\\ Last modified or created user files (2) - 23s
O61 - LFC: 2016/01/26 01:52:25 A . (..) -- C:\Documents and Settings\Administrator\Application Data\Participatory Culture Foundation\Miro\Support\gst_registry.bin [741368]
O61 - LFC: 2016/01/24 17:21:53 A . (..) -- C:\Documents and Settings\Administrator\Application Data\GRETECH\GomPlayer\GrLauncherTempSetup.exe [0]
---\\ File Associations Shell Spawning (8) - 0s
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.scr>
---\\ Start Menu Internet (17) - 1s
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
---\\ Search Browser Infection (2) - 3s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com/
---\\ Search Svchost Services (41) - 2s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\WINDOWS\system32\appmgmts.dll [167936] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] =>.Microsoft Corporation
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77824] =>.Microsoft Corporation
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] =>.Microsoft Corporation
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- C:\WINDOWS\system32\dmserver.dll [23552] =>.Microsoft Corp.
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976] =>.Microsoft Corporation
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] =>.Microsoft Corporation
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952] =>.Microsoft Corporation
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: HidServ (HidServ) . (.Microsoft Corporation - HID Audio Service.) -- C:\WINDOWS\system32\hidserv.dll [21504] =>.Microsoft Corporation
O83 - Search Svchost Services: Irmon (Irmon) . (.Microsoft Corporation - Infrared Monitor.) -- C:\WINDOWS\system32\irmon.dll [28160] =>.Microsoft Corporation
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] =>.Microsoft Corporation
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [134144] =>.Microsoft Corporation
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] =>.Microsoft Corporation
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- C:\WINDOWS\system32\netman.dll [198144] =>.Microsoft Corporation
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\WINDOWS\system32\mswsock.dll [245248] =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- C:\WINDOWS\system32\ntmssvc.dll [435200] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] =>.Microsoft Corporation
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- C:\WINDOWS\system32\schedsvc.dll [192512] =>.Microsoft Corporation
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [18944] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\system32\ipnathlp.dll [330752] =>.Microsoft Corporation
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- C:\WINDOWS\system32\srsvc.dll [171008] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\WINDOWS\system32\tapisrv.dll [249856] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] =>.Microsoft Corporation
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [175616] =>.Microsoft Corporation
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- C:\WINDOWS\system32\wzcsvc.dll [483328] =>.Microsoft Corporation
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\WINDOWS\system32\advapi32.dll [617472] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [144896] =>.Microsoft Corporation
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] =>.Microsoft Corporation
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] =>.Microsoft Corporation
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- C:\WINDOWS\system32\qagentrt.dll [291328] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\WINDOWS\system32\kmsvc.dll [61440] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\system32\qmgr.dll [409088] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [23064] =>.Microsoft Windows Component Publisher®
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400] =>.Microsoft Corporation
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [25088] =>.Microsoft Corporation
---\\ Additional Scan (O88) (1) - 0s
~ No malicious or unnecessary items found.
---\\ Summary of the elements found (1) - 0s
~ No malicious or unnecessary items found.
~ End of the scan, 22078 items in 00h05mn27s (918)(0)