cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2016.2.16.51 By Nicolas Coolman (2016/02/16)
~ Run by adel (Administrator) (2016/02/19 01:12:09)
~ Web: http://www.nicolascoolman.com
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: D:\Documents and Settings\adel\Desktop\ZHPDiag.txt
~ Report: D:\Documents and Settings\adel\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3, v.3300 (Build 2600)

---\\ Internet Browsers (2) - 0s
MFIE: Mozilla Firefox 44.0.2 (x86 en-US)
MSIE: Internet Explorer v6.0.2900.3300

---\\ Windows Product Information (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : KO

---\\ System protection software (1) - 1s
Malwarebytes Anti-Malware version 2.2.0.1024

---\\ System protection software (Superfluous) (1) - 1s
SpyHunter 4.21.10.4585 4.21.10.4585 v4.21.10.4585

---\\ Surveillance software (1) - 1s
Adobe Flash Player 20 NPAPI

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 15 Model 4 Stepping 9, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 2031.088 MB (67% free)
System Restore: Activé (Enable)
System drive D: has 30 GB () free of 39 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: KINGOOO
~ User Name: adel
~ Logged in as Administrator

---\\ Enumeration of the disk units (5) - 0s
~ Drive C: has 58 GB free of 78 GB
~ Drive D: has 30 GB free of 39 GB (System)
~ Drive E: has 70 GB free of 78 GB
~ Drive F: has 19 GB free of 37 GB
~ Drive G: has GB free of 0 GB

---\\ State of the Windows Security Center (8) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Search Generic System Files (22) - 0s
[MD5.F0D1A9D147E3722C4636FBB74A76723E] - 03/02/2008 - (.Microsoft Corporation - Windows Explorer.) -- D:\WINDOWS\Explorer.exe [1840128] =>.Microsoft Corporation
[MD5.72C09505C858CF38F3A7AA54AE87C65D] - 26/01/2008 - (.Microsoft Corporation - Run a DLL as an App.) -- D:\WINDOWS\System32\rundll32.exe [33280] =>.Microsoft Corporation
[MD5.5390FBE8B096EF3FDFE1C06455A0D66D] - 26/01/2008 - (.Microsoft Corporation - Internet Extensions for Win32.) -- D:\WINDOWS\System32\wininet.dll [666112] =>.Microsoft Corporation
[MD5.7C87833890A151E4C88C086797EF1D98] - 26/01/2008 - (.Microsoft Corporation - Windows NT Logon Application.) -- D:\WINDOWS\System32\Winlogon.exe [507904] =>.Microsoft Corporation
[MD5.E5385CE56C2787036040407B90CFCFF7] - 26/01/2008 - (.Microsoft Corporation - DNS Client API DLL.) -- D:\WINDOWS\System32\dnsapi.dll [147968] =>.Microsoft Corporation
[MD5.18072710F0D60F4B5B72B300DF44624A] - 25/01/2008 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- D:\WINDOWS\System32\drivers\AFD.sys [138112] =>.Microsoft Corporation
[MD5.6A4824B8EBC19B439BCDA3D2766A9E27] - 25/01/2008 - (.Microsoft Corporation - IDE/ATAPI Port Driver.) -- D:\WINDOWS\System32\drivers\atapi.sys [96512] =>.Microsoft Corporation
[MD5.9531E20891C2B5D1C86855929B4538A1] - 25/01/2008 - (.Microsoft Corporation - CD-ROM File System Driver.) -- D:\WINDOWS\System32\drivers\Cdfs.sys [63744] =>.Microsoft Corporation
[MD5.03BF57D9E8C3C18E5E54A61D60202F45] - 25/01/2008 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- D:\WINDOWS\System32\drivers\Cdrom.sys [62976] =>.Microsoft Corporation
[MD5.350E055D392C6DD135B5107B035EB025] - 25/01/2008 - (.Microsoft Corporation - FIPS Crypto Driver.) -- D:\WINDOWS\System32\drivers\Fips.sys [44544] =>.Microsoft Corporation
[MD5.EF2557FDC3FC06380057864782F0E93D] - 25/01/2008 - (.Microsoft Corporation - i8042 Port Driver.) -- D:\WINDOWS\System32\drivers\i8042prt.sys [52480] =>.Microsoft Corporation
[MD5.581DB1C65873FCE8E6FD59673C9A634A] - 25/01/2008 - (.Microsoft Corporation - IMAPI Kernel Driver.) -- D:\WINDOWS\System32\drivers\Imapi.sys [42112] =>.Microsoft Corporation
[MD5.119A63B7E2E8ECA875F5CB7AE4071872] - 25/01/2008 - (.Microsoft Corporation - IP Network Address Translator.) -- D:\WINDOWS\System32\drivers\IpNat.sys [152832] =>.Microsoft Corporation
[MD5.6AF992F72B79B106ECF721E3C5885F30] - 25/01/2008 - (.Microsoft Corporation - IPSec Driver.) -- D:\WINDOWS\System32\drivers\IPSec.sys [75264] =>.Microsoft Corporation
[MD5.9124A9C44103CB5D93EAF29B8C7636E1] - 25/01/2008 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- D:\WINDOWS\System32\drivers\MRxSmb.sys [456576] =>.Microsoft Corporation
[MD5.856295A4AB3B398B0535B4B04ACB9507] - 25/01/2008 - (.Microsoft Corporation - MBT Transport driver.) -- D:\WINDOWS\System32\drivers\netBT.sys [162816] =>.Microsoft Corporation
[MD5.E4DD5D1004928AB734B9256E99DCA683] - 25/01/2008 - (.Microsoft Corporation - NT File System Driver.) -- D:\WINDOWS\System32\drivers\ntfs.sys [574976] =>.Microsoft Corporation
[MD5.CBEC8C2C74949B260C98704A641F1E54] - 12/02/2008 - (.Microsoft Corporation - Parallel Port Driver.) -- D:\WINDOWS\System32\drivers\Parport.sys [80128] =>.Microsoft Corporation
[MD5.0CAB1AD11D185483935877C0076EAAFC] - 25/01/2008 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- D:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] =>.Microsoft Corporation
[MD5.DCD507E1E9DC472F2AFD4B6396828DC9] - 25/01/2008 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- D:\WINDOWS\System32\drivers\rdpdr.sys [196224] =>.Microsoft Corporation
[MD5.940B888D1AAA9463372D984EFEBE461A] - 26/01/2008 - (.Microsoft Corporation - Redbook Audio Filter Driver.) -- D:\WINDOWS\System32\drivers\redbook.sys [57600] =>.Microsoft Corporation
[MD5.8C65E6A22C5207BA5E3B8F5F04FB3588] - 25/01/2008 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- D:\WINDOWS\System32\drivers\volsnap.sys [52352] =>.Microsoft Corporation

---\\ Non Microsoft non disabled Windows Services (1) - 0s
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®

---\\ Services not Microsoft (SR=Run, SS=Stop) (5) - 15s

SS - Demand [18/02/2016] [ 269504] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - D:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe =>.Adobe Systems Incorporated®
SS - Disabl [05/10/2015] [ 1513784] (MBAMScheduler) . (.Malwarebytes.) - D:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe =>.Malwarebytes Corporation®
SS - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - D:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe =>.Malwarebytes Corporation®
SS - Demand [18/02/2016] [ 146888] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - D:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe =>.Mozilla Corporation®

---\\ Process running (6) - 0s
[MD5.A1DE660F7CDA71CB7FC0B7EC398F307C] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- D:\WINDOWS\soundman.exe [577536] [PID.508] =>.Realtek Semiconductor Corp.
[MD5.8667FEE7C62C0773EA5C277105DE9609] - (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe [3915832] [PID.836] =>.Tonec Inc.
[MD5.E9C6EF9437ECB30911488F9313AD821A] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- D:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.1336] =>.Tonec Inc.®
[MD5.4234E76A1B12C5F76B264C99540FD736] - (.Mozilla Corporation - Firefox.) -- D:\Program Files\Mozilla Firefox\firefox.exe [392136] [PID.128] =>.Mozilla Corporation®
[MD5.6484DD841376E16DCC59EBB7F5CD2E82] - (.Mozilla Corporation - Plugin Container for Firefox.) -- D:\Program Files\Mozilla Firefox\plugin-container.exe [276936] [PID.2068] =>.Mozilla Corporation®
[MD5.5AE930CBDC0E46B3FBFCE1F00A7A9B13] - (.Nicolas Coolman - ZHPDiag.) -- D:\Documents and Settings\adel\My Documents\Downloads\Programs\ZHPDiag3.exe [2122752] [PID.1140] =>.Nicolas Coolman

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (2) - 0s
P2 - EXT: (.Mozilla - Default.) -- D:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} =>.Mozilla
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- D:\WINDOWS\system32\Macromed\Flash\NPSWF32_20_0_0_306.dll =>.Adobe Systems Incorporated

---\\ Internet Explorer Extensions, Start, Search (8) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=D:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (23)

---\\ Browser Helper Object (BHO) (1) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- D:\Program Files\Internet Download Manager\IDMIECC.dll =>.Tonec Inc.®

---\\ Auto loading programs from Registry and folders (15) - 1s
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- D:\WINDOWS\SOUNDMAN.EXE =>.Realtek Semiconductor Corp.
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [MsnMsgr] D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (.not file.)
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll
O4 - HKUS\S-1-5-21-2000478354-1767777339-1644491937-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- D:\WINDOWS\system32\ctfmon.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2000478354-1767777339-1644491937-1003\..\Run: [MsnMsgr] D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (.not file.)
O4 - HKUS\S-1-5-21-2000478354-1767777339-1644491937-1003\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.

---\\ Global shortcuts Startup (35) - 3s
O4 - GS\Desktop [adel]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [adel]: SpyHunter 4.21.10.4585.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) D:\Program Files\SpyHunter 4.21.10.4585\SpyHunter4.exe =>.Enigma Software Group USA, LLC.
O4 - GS\Desktop [adel]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) D:\Program Files\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [adel]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) D:\Documents and Settings\adel\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [adel]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [Administrator]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Administrator]: SpyHunter 4.21.10.4585.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) D:\Program Files\SpyHunter 4.21.10.4585\SpyHunter4.exe =>.Enigma Software Group USA, LLC.
O4 - GS\Desktop [Administrator]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) D:\Program Files\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) D:\Documents and Settings\adel\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [ASPNET]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [ASPNET]: SpyHunter 4.21.10.4585.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) D:\Program Files\SpyHunter 4.21.10.4585\SpyHunter4.exe =>.Enigma Software Group USA, LLC.
O4 - GS\Desktop [ASPNET]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) D:\Program Files\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [ASPNET]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) D:\Documents and Settings\adel\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [ASPNET]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [Guest]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [Guest]: SpyHunter 4.21.10.4585.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) D:\Program Files\SpyHunter 4.21.10.4585\SpyHunter4.exe =>.Enigma Software Group USA, LLC.
O4 - GS\Desktop [Guest]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) D:\Program Files\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [Guest]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) D:\Documents and Settings\adel\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Guest]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [HelpAssistant]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [HelpAssistant]: SpyHunter 4.21.10.4585.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) D:\Program Files\SpyHunter 4.21.10.4585\SpyHunter4.exe =>.Enigma Software Group USA, LLC.
O4 - GS\Desktop [HelpAssistant]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) D:\Program Files\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [HelpAssistant]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) D:\Documents and Settings\adel\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [HelpAssistant]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\Desktop [SUPPORT_388945a0]: Internet Download Manager.lnk . (.Tonec Inc. - Internet Download Manager (IDM).) D:\Program Files\Internet Download Manager\IDMan.exe =>.Tonec Inc.
O4 - GS\Desktop [SUPPORT_388945a0]: SpyHunter 4.21.10.4585.lnk . (.Enigma Software Group USA, LLC. - SpyHunter4 application.) D:\Program Files\SpyHunter 4.21.10.4585\SpyHunter4.exe =>.Enigma Software Group USA, LLC.
O4 - GS\Desktop [SUPPORT_388945a0]: Your Uninstaller!.lnk . (.URSoft,Inc - Your Uninstaller! - New way to uninstall pr.) D:\Program Files\Your Uninstaller! 7\urmain.exe {2D52C7CF5E69A633AC3AED0E78F988DC}
O4 - GS\Desktop [SUPPORT_388945a0]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) D:\Documents and Settings\adel\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [SUPPORT_388945a0]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: EasyBCD 2.0.lnk . (.NeoSmart Technologies - EasyBCD.) D:\Program Files\NeoSmart Technologies\EasyBCD\EasyBCD.exe =>.NeoSmart Technologies
O4 - GS\CommonDesktop [Public]: GridinSoft Anti-Malware.lnk . (.GridinSoft LLC - GridinSoft Anti-Malware.) D:\Program Files\GridinSoft Anti-Malware\gsam.exe {36E430A048545F5E36E1B55CE55F65E0} =>.GridinSoft LLC
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) D:\Program Files\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation®
O4 - GS\CommonDesktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O4 - GS\CommonDesktop [Public]: SimpleTV.lnk . (.VSG - SimpleTV v0.4.7 r2.) D:\Program Files\SimpleTV\tv.exe

---\\ Lop.com/Domain Hijackers (4) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6060937A-7EA2-4044-BCFE-FA00EABE9C5D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6060937A-7EA2-4044-BCFE-FA00EABE9C5D}: DhcpDomain = lan

---\\ Extra protocols (28) - 1s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- D:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- D:\WINDOWS\system32\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- D:\WINDOWS\system32\itss.dll =>.Microsoft Corporation
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- D:\WINDOWS\system32\msvidctl.dll =>.Microsoft Corporation
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- D:\WINDOWS\system32\mshtml.dll =>.Microsoft Corporation
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- D:\WINDOWS\system32\wiascr.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- D:\WINDOWS\system32\mscoree.dll =>.Microsoft Corporation®
O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- D:\WINDOWS\system32\urlmon.dll =>.Microsoft Corporation
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation

---\\ Software installed (26) - 12s
O42 - Logiciel: Adobe Flash Player 20 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Flash Player 20 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI =>.Adobe Systems Incorporated®
O42 - Logiciel: Adobe Shockwave Player 12.2 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player =>.Adobe Systems, Inc.
O42 - Logiciel: Citrix ICA Client - (...) [HKLM] -- Citrix ICA Client
O42 - Logiciel: EasyBCD 2.0 - (.NeoSmart Technologies.) [HKLM] -- EasyBCD =>.NeoSmart Technologies
O42 - Logiciel: GridinSoft Anti-Malware - (.GridinSoft LLC.) [HKLM] -- GridinSoft Anti-Malware {36E430A048545F5E36E1B55CE55F65E0} =>.GridinSoft LLC
O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 =>.Microsoft Corporation
O42 - Logiciel: Internet Download Manager - (.Tonec Inc..) [HKLM] -- Internet Download Manager =>.Tonec Inc.®
O42 - Logiciel: Kel's CPL 24-in-One Bonus Pack! - (.KelCorp.) [HKLM] -- CPLBonus =>.KelCorp
O42 - Logiciel: K-Lite Codec Pack 3.4.5 Full - (...) [HKLM] -- KLiteCodecPack_is1
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Mozilla Firefox 44.0.2 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 44.0.2 (x86 en-US) =>.Mozilla Corporation®
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService =>.Mozilla
O42 - Logiciel: Notepad++ - (.Notepad++ Team.) [HKLM] -- Notepad++ =>.Notepad++ Team
O42 - Logiciel: Platform - (.VIA Technologies, Inc..) [HKLM] -- {20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc.
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E} =>.Realtek Semiconductor Corp.
O42 - Logiciel: REALTEK Gigabit and Fast Ethernet NIC Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {94FB906A-CF42-4128-A509-D353026A607E} =>.Realtek Semiconductor Corp.
O42 - Logiciel: SimpleTV 0.4.7 r2 - (.SergeyVS.) [HKLM] -- {7EEB77C3-FDDC-4BC6-9ABA-F4E22B12AC63}_is1
O42 - Logiciel: SpyHunter 4.21.10.4585 4.21.10.4585 - (.SADANET.) [HKLM] -- SpyHunter 4.21.10.4585 4.21.10.4585
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} =>.Adobe Systems, Inc
O42 - Logiciel: VIA Platform Device Manager - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} =>.VIA Technologies, Inc.
O42 - Logiciel: WebFldrs XP - (.Microsoft Corporation.) [HKLM] -- {350C97B0-3D7C-4EE8-BAA9-00BCB3D54227} =>.Microsoft Corporation
O42 - Logiciel: Windows Support Tools - (.Microsoft Corporation.) [HKLM] -- {89B078C4-50B0-453E-BF53-3A7E6A0D85FA} =>.Microsoft Corporation
O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver
O42 - Logiciel: WMI ODBC Driver - (.Microsoft Corporation.) [HKLM] -- {0CB034AF-1D7F-49E9-929A-4CDB8581FC36} =>.Microsoft Corporation
O42 - Logiciel: Your Uninstaller! 7 - (.URSoft, Inc..) [HKLM] -- YU2010_is1 {2D52C7CF5E69A633AC3AED0E78F988DC}

---\\ HKCU & HKLM Software Keys (67) - 12s
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Citrix
HKLM\SOFTWARE\Codec tweak Tool
HKLM\SOFTWARE\Cyberlink
HKLM\SOFTWARE\DivXNetworks
HKLM\SOFTWARE\EnigmaSoftwareGroup
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\GNU
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\GridinSoft
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\InstallShield
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\KLCodecPack
HKLM\SOFTWARE\LanSetup
HKLM\SOFTWARE\Licenses
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\NeoSmart Technologies
HKLM\SOFTWARE\Notepad++
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.
HKLM\SOFTWARE\REALTEK Semiconductor Corporation
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\S3R521
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\TrendMicro
HKLM\SOFTWARE\VIA Technologies, Inc
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKCU\SOFTWARE\AC3filter
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\ched
HKCU\SOFTWARE\Cyberlink
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\Downloadcenter
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\DreamMultimedia
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\GNU
HKCU\SOFTWARE\GridinSoft
HKCU\SOFTWARE\GSpot Appliance Corp
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\HaaliMkx
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\KasperskyLab
HKCU\SOFTWARE\KasperskyLabSetup
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\SimpleTV by SergeyVS#3
HKCU\SOFTWARE\techPowerUp
HKCU\SOFTWARE\URSoft
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\ZebHelpProcess Helper

---\\ Contents of the Common Files folders (90) - 5s
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\AvRack
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\Citrix
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Common Files
O43 - CFD: 16/02/2016 - [0] D -- D:\Program Files\ComPlus Applications
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\ESET
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\GridinSoft Anti-Malware {36E430A048545F5E36E1B55CE55F65E0}
O43 - CFD: 18/02/2016 - [] HD -- D:\Program Files\InstallShield Installation Information =>.Macrovision Corporation®
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Internet Download Manager
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\Internet Explorer
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\K-Lite Codec Pack
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Malwarebytes Anti-Malware =>.Malwarebytes Corporation®
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\Microsoft.NET
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Movie Maker
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Mozilla Firefox =>.Mozilla Corporation®
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Mozilla Maintenance Service =>.Mozilla Corporation®
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\MSBuild
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\NeoSmart Technologies
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\NetMeeting
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Notepad++
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Online Services
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Outlook Express
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Realtek AC97
O43 - CFD: 18/02/2016 - [0] D -- D:\Program Files\Realtek Sound Manager
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\Reference Assemblies
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\SimpleTV
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\SpyHunter 4.21.10.4585 =>.Enigma Software Group USA, LLC®
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\Support Tools
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\trend micro
O43 - CFD: 17/02/2016 - [0] HD -- D:\Program Files\Uninstall Information
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\VIA
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Windows Media Player
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Windows NT
O43 - CFD: 16/02/2016 - [0] HD -- D:\Program Files\WindowsUpdate
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\WinRAR
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\Your Uninstaller! 7
O43 - CFD: 16/02/2016 - [] RHD -- D:\Documents and Settings\All Users\Start Menu\Programs\Accessories
O43 - CFD: 17/02/2016 - [] RHD -- D:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
O43 - CFD: 17/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\Citrix ICA Client
O43 - CFD: 16/02/2016 - [] RHD -- D:\Documents and Settings\All Users\Start Menu\Programs\Games
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\GridinSoft Anti-Malware
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Internet Download Manager
O43 - CFD: 16/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
O43 - CFD: 18/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 17/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\NeoSmart Technologies
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Notepad++
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\REALTEK Gigabit and Fast Ethernet NIC Driver
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\All Users\Start Menu\Programs\Realtek Sound Manager
O43 - CFD: 17/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\SimpleTV
O43 - CFD: 16/02/2016 - [] RHD -- D:\Documents and Settings\All Users\Start Menu\Programs\Startup
O43 - CFD: 17/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\Windows Support Tools
O43 - CFD: 16/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
O43 - CFD: 17/02/2016 - [] HD -- D:\Documents and Settings\All Users\Start Menu\Programs\Your Uninstaller! 7
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\All Users\Application Data\GridinSoft
O43 - CFD: 18/02/2016 - [0] D -- D:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\All Users\Application Data\Malwarebytes
O43 - CFD: 18/02/2016 - [] SD -- D:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 18/02/2016 - [0] AD -- D:\Documents and Settings\All Users\Application Data\TEMP
O43 - CFD: 18/02/2016 - [] D -- D:\Program Files\Common Files\InstallShield
O43 - CFD: 17/02/2016 - [] D -- D:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Common Files\MSSoap
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Common Files\ODBC
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Common Files\Services
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Common Files\SpeechEngines
O43 - CFD: 16/02/2016 - [] D -- D:\Program Files\Common Files\System
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\Adobe
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\DMCache
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\ICAClient
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\Identities
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\IDM
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\Macromedia
O43 - CFD: 18/02/2016 - [] SD -- D:\Documents and Settings\adel\Application Data\Microsoft
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\Mozilla
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\Notepad++
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\SimpleTV V03
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\URSoft
O43 - CFD: 19/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\ZHP
O43 - CFD: 18/02/2016 - [0] D -- D:\Documents and Settings\adel\Local Settings\Application Data\Adobe
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Local Settings\Application Data\ESET
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Local Settings\Application Data\Microsoft
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Local Settings\Application Data\Mozilla
O43 - CFD: 17/02/2016 - [] D -- D:\Documents and Settings\adel\Local Settings\Application Data\NeoSmart_Technologies
O43 - CFD: 17/02/2016 - [] RD -- D:\Documents and Settings\adel\Start Menu\Programs\Accessories
O43 - CFD: 18/02/2016 - [] D -- D:\Documents and Settings\adel\Start Menu\Programs\Internet Download Manager
O43 - CFD: 18/02/2016 - [] RD -- D:\Documents and Settings\adel\Start Menu\Programs\Startup
O43 - CFD: 16/02/2016 - [] D -- D:\Documents and Settings\adel\Start Menu\Programs\WinRAR
O43 - CFD: 16/02/2016 - [] RD -- D:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 16/02/2016 - [] RD -- D:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup
O43 - CFD: 16/02/2016 - [] D -- D:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\WinRAR
O43 - CFD: 19/02/2016 - [] D -- D:\Documents and Settings\adel\Application Data\DMCache

---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: IDM Shell Extension [ IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- D:\Program Files\Internet Download Manager\IDMShellExt.dll =>.Tonec Inc.®
O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Client Side Caching UI.) -- D:\WINDOWS\system32\cscui.dll =>.Microsoft Corporation

---\\ System Drivers List (35) - 1s
O58 - SDL:2006/03/31 14:38:48 RA . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- D:\WINDOWS\System32\drivers\alcxwdm.sys [3960896] =>.Realtek Semiconductor Corp.
O58 - SDL:2008/02/12 16:22:27 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- D:\WINDOWS\System32\drivers\cinemst2.sys [262528] =>.RAVISENT Technologies Inc.
O58 - SDL:2008/02/12 16:22:27 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- D:\WINDOWS\System32\drivers\cpqdap01.sys [11776] =>.Compaq Computer Corporation
O58 - SDL:2008/01/25 22:34:32 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- D:\WINDOWS\System32\drivers\dmboot.sys [799744] =>.Microsoft Corp., Veritas Software
O58 - SDL:2008/01/25 22:34:28 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- D:\WINDOWS\System32\drivers\dmio.sys [153344] =>.Microsoft Corp., Veritas Software
O58 - SDL:2001/08/23 15:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- D:\WINDOWS\System32\drivers\dmload.sys [5888] =>.Microsoft Corp., Veritas Software.
O58 - SDL:2016/01/18 18:01:24 A . (.Windows (R) Win 7 DDK provider - GridinSoft Trojan Killer Mini-Filter Driver.) -- D:\WINDOWS\System32\drivers\gtkdrv.sys [16128] {3342F9C793FB9687D0852BFF37D40D9F} =>.Windows (R) Win 7 DDK provider
O58 - SDL:2016/01/28 11:20:10 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- D:\WINDOWS\System32\drivers\idmtdi.sys [138864] =>.Tonec Inc.®
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- D:\WINDOWS\System32\drivers\mbam.sys [23256] =>.Malwarebytes Corporation®
O58 - SDL:2015/10/05 09:50:10 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- D:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] =>.Malwarebytes Corporation®
O58 - SDL:2016/02/18 20:27:22 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- D:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [170200] =>.Malwarebytes Corporation®
O58 - SDL:2008/02/12 16:22:27 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- D:\WINDOWS\System32\drivers\nikedrv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2001/08/23 15:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- D:\WINDOWS\System32\drivers\ptilink.sys [17792] =>.Parallel Technologies, Inc.
O58 - SDL:2008/02/12 16:22:27 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- D:\WINDOWS\System32\drivers\rio8drv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2008/02/12 16:22:27 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- D:\WINDOWS\System32\drivers\riodrv.sys [12032] =>.S3/Diamond Multimedia Systems
O58 - SDL:2008/01/25 23:22:02 A . (.Realtek Semiconductor Corporation - Realtek RTL8139 NDIS 5.0 Driver.) -- D:\WINDOWS\System32\drivers\RTL8139.sys [20992] =>.Realtek Semiconductor Corporation
O58 - SDL:2005/03/04 13:10:26 A . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- D:\WINDOWS\System32\drivers\Rtlnicxp.sys [74496] =>.Realtek Semiconductor Corporation
O58 - SDL:2008/01/25 20:26:26 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- D:\WINDOWS\System32\drivers\secdrv.sys [20480] =>.Macrovision Corporation, Macrovision Europe Limited,
O58 - SDL:2008/02/12 16:22:27 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- D:\WINDOWS\System32\drivers\tsbvcap.sys [21376] =>.Toshiba Corporation
O58 - SDL:2008/02/12 16:22:27 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- D:\WINDOWS\System32\drivers\vdmindvd.sys [58112] =>.RAVISENT Technologies Inc.
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\ansi.sys [9029]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\himem.sys [4768]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2008/01/25 20:36:20 A . (...) -- D:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\ntdos.sys [27866]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2001/08/23 15:00:00 A . (...) -- D:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2008/01/25 20:35:14 A . (...) -- D:\WINDOWS\System32\ntio.sys [33840]
O58 - SDL:2008/01/25 20:35:18 A . (...) -- D:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2008/01/25 20:35:14 A . (...) -- D:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2008/01/25 20:35:18 A . (...) -- D:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2008/01/25 20:35:16 A . (...) -- D:\WINDOWS\System32\ntio804.sys [34560]

---\\ Last modified or created user files (4) - 4s
O61 - LFC: 2016/02/17 14:36:27 A . (.URSoft, Inc..) -- D:\Documents and Settings\adel\My Documents\Downloads\yusetup7.exe [6822592] {2D52C7CF5E69A633AC3AED0E78F988DC}
O61 - LFC: 2016/02/18 07:09:50 A . (..) -- D:\Documents and Settings\adel\My Documents\Downloads\Programs\gsam-3.0.27-setup.exe [54308544] {36E430A048545F5E36E1B55CE55F65E0}
O61 - LFC: 2016/02/18 16:12:50 A . (.Dream Multimedia TV.) -- D:\Documents and Settings\adel\Desktop\Unused Desktop Shortcuts\DreamUP.exe [802304]
O61 - LFC: 2016/02/18 16:12:40 A . (.Dream Multimedia TV.) -- D:\Documents and Settings\adel\Desktop\Unused Desktop Shortcuts\DreamUP_1_3_3_4.exe [802304]

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- D:\WINDOWS\system32\shell32.dll =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\IEXPLORE.EXE =>.Microsoft Corporation
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- D:\WINDOWS\system32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- D:\WINDOWS\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®

---\\ Start Menu Internet (8) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- D:\Program Files\Mozilla Firefox\firefox.exe =>.Mozilla Corporation®
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- D:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- D:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- D:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- D:\Program Files\Mozilla Firefox\uninstall\helper.exe =>.Mozilla Corporation
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- D:\WINDOWS\system32\shmgrate.exe =>.Microsoft Corporation

---\\ Search Svchost Services (39) - 1s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- D:\WINDOWS\system32\appmgmts.dll [167936] =>.Microsoft Corporation
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- D:\WINDOWS\system32\audiosrv.dll [42496] =>.Microsoft Corporation
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- D:\WINDOWS\system32\browser.dll [77824] =>.Microsoft Corporation
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- D:\WINDOWS\system32\cryptsvc.dll [62464] =>.Microsoft Corporation
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- D:\WINDOWS\system32\dmserver.dll [23552] =>.Microsoft Corp.
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- D:\WINDOWS\system32\dhcpcsvc.dll [126976] =>.Microsoft Corporation
O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- D:\WINDOWS\system32\ersvc.dll [23040] =>.Microsoft Corporation
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- D:\WINDOWS\system32\es.dll [246272] =>.Microsoft Corporation
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- D:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: HidServ (HidServ) . (...) -- D:\WINDOWS\System32\hidserv.dll [0]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- D:\WINDOWS\system32\srvsvc.dll [96768] =>.Microsoft Corporation
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- D:\WINDOWS\system32\wkssvc.dll [132096] =>.Microsoft Corporation
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- D:\WINDOWS\system32\netman.dll [198144] =>.Microsoft Corporation
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- D:\WINDOWS\system32\mswsock.dll [245248] =>.Microsoft Corporation
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- D:\WINDOWS\system32\ntmssvc.dll [435200] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- D:\WINDOWS\system32\rasauto.dll [88576] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- D:\WINDOWS\system32\rasmans.dll [186368] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- D:\WINDOWS\system32\mprdim.dll [53248] =>.Microsoft Corporation
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- D:\WINDOWS\system32\schedsvc.dll [192512] =>.Microsoft Corporation
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- D:\WINDOWS\system32\seclogon.dll [18944] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- D:\WINDOWS\system32\sens.dll [39424] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- D:\WINDOWS\system32\ipnathlp.dll [331264] =>.Microsoft Corporation
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- D:\WINDOWS\system32\srsvc.dll [171008] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- D:\WINDOWS\system32\tapisrv.dll [249856] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- D:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- D:\WINDOWS\system32\trkwks.dll [90112] =>.Microsoft Corporation
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- D:\WINDOWS\system32\w32time.dll [175104] =>.Microsoft Corporation
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- D:\WINDOWS\system32\wzcsvc.dll [483840] =>.Microsoft Corporation
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- D:\WINDOWS\system32\advapi32.dll [617472] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- D:\WINDOWS\system32\wbem\wmisvc.dll [144896] =>.Microsoft Corporation
O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- D:\WINDOWS\system32\wscsvc.dll [80896] =>.Microsoft Corporation
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- D:\WINDOWS\system32\xmlprov.dll [129024] =>.Microsoft Corporation
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- D:\WINDOWS\system32\qagentrt.dll [291328] =>.Microsoft Corporation
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- D:\WINDOWS\system32\kmsvc.dll [61440] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- D:\WINDOWS\system32\qmgr.dll [409088] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- D:\WINDOWS\system32\wuauserv.dll [6656] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- D:\WINDOWS\system32\shsvcs.dll [135168] =>.Microsoft Corporation
O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- D:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll [38400] =>.Microsoft Corporation
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- D:\WINDOWS\system32\mspmsnsv.dll [52224] =>.Microsoft Corporation

---\\ Additional Scan (O88) (1) - 0s
~ No malicious or unnecessary items found.

---\\ Summary of the elements found (1) - 0s
~ No malicious or unnecessary items found.

~ End of the scan, 18558 items in 00h00mn58s (482)(0)

Publicité


Signaler le contenu de ce document

Publicité