~ ZHPDiag v2015.10.19.153 By Nicolas Coolman (2015/10/19) ~ Run by ahmed (Administrator) (2015/10/21 22:09:13) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Documents and Settings\ahmed\Desktop\ZHPDiag.txt ~ Report: C:\Documents and Settings\ahmed\Application Data\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ Internet Browsers (3) - 0s MFIE: Mozilla Firefox 40.0.3 (x86 en-US) v40.0.3 OPIE: Opera 31.0.1889.174 v31.0.1889.174 MSIE: Internet Explorer v8.0.6001.18702 ---\\ Windows Product Information (3) - 0s Windows Automatic Updates : OK Windows Activation Technologies : KO Windows Genuine Advantage : KO ---\\ System protection software (2) - 2s ESET Smart Security v8.0.319.0 Malwarebytes Anti-Malware version 2.1.8.1057 ---\\ System optimization software (1) - 3s CCleaner v3.19 ---\\ Surveillance software (2) - 3s Adobe Flash Player 19 NPAPI Adobe Reader X ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 14 Stepping 8, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 1038.384 MB (12% free) ~ System Restore: Activé (Enable) ~ System drive C: has 14 GB free of 24 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: GENIUS-PC ~ User Name: ahmed ~ Logged in as Administrator ---\\ Enumeration of the disk units (3) - 0s ~ Drive C: has 14 GB free of 24 GB (System) ~ Drive D: has 1 GB free of 31 GB ~ Drive E: has 0 GB free of 19 GB ---\\ State of the Windows Security Center (9) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (23) - 1s [MD5.2BB75B7F548D82A099125D0C5971DE7D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [1033728] © [MD5.037B1E7798960E0420003D05BB577EE6] - (.Microsoft Corporation - Run a DLL as an App.) () -- C:\WINDOWS\System32\rundll32.exe [33280] © [MD5.9357C4249F4810FB0E49C13387A8A77C] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [919552] © [MD5.53A8857723277B1D6D5EE60A9F85B117] - (.Microsoft Corporation - Windows NT Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [509440] © [MD5.64AA11D53A4A84CDF43370D7036517C3] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [149504] © [MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496] © [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512] © [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] © [MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] © [MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44544] © [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384] [MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [52480] © [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] © [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] © [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] © [MD5.0AF15A971F120246C9EEF2C46E290539] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [457216] © [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816] © [MD5.AE8CAD8F28DB13B515A68510A539B0B8] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [576512] © [MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80128] © [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] © [MD5.47EA20320E3D6FDC7B7BB22B2B881CA6] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [195712] © [MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) () -- C:\WINDOWS\System32\drivers\redbook.sys [57600] © [MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [52352] © ---\\ Process running (15) - 1s [MD5.61E71BC3CD3530444000A9B68F7EE931] - (...) -- C:\WINDOWS\system32\WLTRYSVC.EXE [18944] [PID.772] [MD5.9A0CE1DB25F1CDD3ED11236884800538] - (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\BCMWLTRY.EXE [1093632] [PID.800] © [MD5.0F32048BF3EA2A85FE3AC48E8E7B7C85] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720] [PID.1024] © [MD5.388144E78383D57744398C07A5C007F1] - (.HP - HP Smart-Install Service.) -- C:\WINDOWS\system32\HPSIsvc.exe [99896] [PID.1052] © [MD5.54F1F98C4AD8F99BBBE8FBB62B38733F] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [94208] [PID.2088] © [MD5.32FB9368F485A7FE944EB6678B61734B] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784] [PID.2096] © [MD5.F11C343318DA14137669AE14ADE27DF1] - (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\WLTRAY.EXE [1236992] [PID.2108] © [MD5.C15D502F788763303CA9EDE20271DF9C] - (.مركز طيبة بإشراف أحمد سليلو - برنامج الحماية من فيروسات الفلاشات والأوتور.) -- C:\Program Files\USB Disk Security\USBGuard.exe [1085440] [PID.2132] [MD5.4EE76D4CB055E8EC281177771345E8B3] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE [312376] [PID.2152] © [MD5.8FDABAC05324CD63B8A33AB1F410A473] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480] [PID.2188] © [MD5.35EB9CEEEB0FEB77CA061B8869A42B92] - (.WASEL Pro VPN Service - WASEL Pro.) -- C:\Program Files\WASEL Pro VPN Service\WASEL Pro\wasel_pro.exe [1916856] [PID.2196] [MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [377000] [PID.1940] © [MD5.A3E33718D1090A1587AC069597EC4FA6] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3907152] [PID.3456] © [MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3556] © [MD5.D0066FBB3BA6C522B6185D0A1E3AF0E8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\ahmed\My Documents\Downloads\Programs\ZHPDiag3.exe [1958400] [PID.3716] © ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (22) - 3s M0 - MFSP: prefs.js [ahmed - ftweeuuw.default] http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQeV9dAwlARxgTJQsITA1AEQAOeF0KVhQTQAdAIQ9dBwlCEg0FIk0FA18DB0VXfWFoKB8fHHNKLE1dE2sUUkBPNEo= =>PUP.Optional.Browser P2 - EXT: (.Coupons, Inc. - Coupons, Inc. Coupon Printer DLL.) -- C:\Program Files\Mozilla Firefox\Plugins\npCouponPrinter.dll P2 - EXT: (.Coupons, Inc. - Coupons, Inc. Coupon Printer Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npMozCouponPrinter.dll P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\adblockpopups@jessehakanen.net.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\client@anonymox.net.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\firefox@mega.co.nz.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\firefox@zenmate.com.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-rs90nxQtPi3Asg@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\killjasmin@pierros14.com.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\popuplogout@iniqua.com.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a2}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\searchplugins\default.xml P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\searchplugins\google-avast.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - EXT: (.Zapyo - Zapyo.) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-AlAaAeISf3xDHw@jetpack P2 - EXT: (.V@no - Cookies Manager+.) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll © ---\\ Opera, Plugins,Start,Search (1) - 0s B2 - EXT: [{background:{scripts:[background.js]}content_scrip] C:\Documents and Settings\ahmed\Application Data\Opera Software\Opera Stable\Extensions\hcpmfcmlnoogcdfecehmddfjkpgkacah ---\\ Internet Explorer Extensions, Start, Search (9) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (19) ---\\ Browser Helper Object (BHO) (4) - 0s O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll © O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll © O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll © O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll © ---\\ Auto loading programs from Registry and folders (18) - 0s O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe © O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe © O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\WLTRAY.EXE © O4 - HKLM\..\Run: [USB Security] . (.مركز طيبة بإشراف أحمد سليلو - برنامج الحماية من فيروسات الفلاشات والأوتور.) -- C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKCU\..\Run: [Memory Cleaner] . (.KoshyJohn.com - MemoryCleaner.) -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com\MemClean\MemClean.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe © O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [Memory Cleaner] . (.KoshyJohn.com - MemoryCleaner.) -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com\MemClean\MemClean.exe O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe © ---\\ Lop.com/Domain Hijackers (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2 ---\\ Extra protocols (25) - 0s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll © O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll © O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll © O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll © O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll © O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll © O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll © O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll © O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll © O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll © ---\\ Non Microsoft non disabled Windows Services (4) - 1s O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe © O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\WINDOWS\system32\HPSIsvc.exe © O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe © O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) . (...) - C:\WINDOWS\system32\WLTRYSVC.EXE ---\\ Software installed (115) - 11s O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI © O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11b Network Adapter © O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner © O42 - Logiciel: Folder Marker Free - (.ArcticLine Software.) [HKLM] -- Folder Marker Free_is1 O42 - Logiciel: Folder Marker Pro - (.ArcticLine Software.) [HKLM] -- Folder Marker Pro_is1 O42 - Logiciel: HP LaserJet Professional P1100-P1560-P1600 Series - (...) [HKLM] -- HP LaserJet Professional P1100-P1560-P1600 Series O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM] -- HP Photo Creations © O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} © O42 - Logiciel: Internet Download Manager - (...) [HKLM] -- Internet Download Manager O42 - Logiciel: Security Update for Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802 © O42 - Logiciel: Security Update for Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632 © O42 - Logiciel: Security Update for Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960 © O42 - Logiciel: Security Update for Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971 © O42 - Logiciel: Security Update for Windows XP (KB2479943) - (.Microsoft Corporation.) [HKLM] -- KB2479943 © O42 - Logiciel: Security Update for Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185 © O42 - Logiciel: Security Update for Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663 © O42 - Logiciel: Security Update for Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212 © O42 - Logiciel: Security Update for Windows XP (KB2507938) - (.Microsoft Corporation.) [HKLM] -- KB2507938 © O42 - Logiciel: Security Update for Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429 © O42 - Logiciel: Security Update for Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553 © O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2510531) - (.Microsoft Corporation.) [HKLM] -- KB2510531-IE8 © O42 - Logiciel: Security Update for Windows XP (KB2535512) - (.Microsoft Corporation.) [HKLM] -- KB2535512 © O42 - Logiciel: Security Update for Windows XP (KB2544893-v2) - (.Microsoft Corporation.) [HKLM] -- KB2544893-v2 © O42 - Logiciel: Security Update for Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454 © O42 - Logiciel: Security Update for Windows XP (KB2570947) - (.Microsoft Corporation.) [HKLM] -- KB2570947 © O42 - Logiciel: Security Update for Windows XP (KB2584146) - (.Microsoft Corporation.) [HKLM] -- KB2584146 © O42 - Logiciel: Security Update for Windows XP (KB2585542) - (.Microsoft Corporation.) [HKLM] -- KB2585542 © O42 - Logiciel: Security Update for Windows XP (KB2592799) - (.Microsoft Corporation.) [HKLM] -- KB2592799 © O42 - Logiciel: Security Update for Windows XP (KB2598479) - (.Microsoft Corporation.) [HKLM] -- KB2598479 © O42 - Logiciel: Security Update for Windows XP (KB2603381) - (.Microsoft Corporation.) [HKLM] -- KB2603381 © O42 - Logiciel: Security Update for Windows XP (KB2631813) - (.Microsoft Corporation.) [HKLM] -- KB2631813 © O42 - Logiciel: Security Update for Windows XP (KB2653956) - (.Microsoft Corporation.) [HKLM] -- KB2653956 © O42 - Logiciel: Security Update for Windows XP (KB2655992) - (.Microsoft Corporation.) [HKLM] -- KB2655992 © O42 - Logiciel: Security Update for Windows XP (KB2659262) - (.Microsoft Corporation.) [HKLM] -- KB2659262 © O42 - Logiciel: Security Update for Windows XP (KB2661637) - (.Microsoft Corporation.) [HKLM] -- KB2661637 © O42 - Logiciel: Security Update for Windows XP (KB2676562) - (.Microsoft Corporation.) [HKLM] -- KB2676562 © O42 - Logiciel: Security Update for Windows XP (KB2686509) - (.Microsoft Corporation.) [HKLM] -- KB2686509 © O42 - Logiciel: Security Update for Windows XP (KB2698365) - (.Microsoft Corporation.) [HKLM] -- KB2698365 © O42 - Logiciel: Security Update for Windows XP (KB2712808) - (.Microsoft Corporation.) [HKLM] -- KB2712808 © O42 - Logiciel: Security Update for Windows XP (KB2719985) - (.Microsoft Corporation.) [HKLM] -- KB2719985 © O42 - Logiciel: Security Update for Windows XP (KB2723135-v2) - (.Microsoft Corporation.) [HKLM] -- KB2723135-v2 © O42 - Logiciel: Update for Windows XP (KB2749655) - (.Microsoft Corporation.) [HKLM] -- KB2749655 © O42 - Logiciel: Security Update for Windows XP (KB2770660) - (.Microsoft Corporation.) [HKLM] -- KB2770660 © O42 - Logiciel: Security Update for Windows XP (KB2780091) - (.Microsoft Corporation.) [HKLM] -- KB2780091 © O42 - Logiciel: Security Update for Windows XP (KB2802968) - (.Microsoft Corporation.) [HKLM] -- KB2802968 © O42 - Logiciel: Security Update for Windows XP (KB2807986) - (.Microsoft Corporation.) [HKLM] -- KB2807986 © O42 - Logiciel: Update for Windows XP (KB2813347-v2) - (.Microsoft Corporation.) [HKLM] -- KB2813347-v2 © O42 - Logiciel: Security Update for Windows XP (KB2820917) - (.Microsoft Corporation.) [HKLM] -- KB2820917 © O42 - Logiciel: Security Update for Windows XP (KB2834886) - (.Microsoft Corporation.) [HKLM] -- KB2834886 © O42 - Logiciel: Security Update for Windows Media Player (KB2834904-v2) - (.Microsoft Corporation.) [HKLM] -- KB2834904-v2_WM11 © O42 - Logiciel: Security Update for Windows XP (KB2847311) - (.Microsoft Corporation.) [HKLM] -- KB2847311 © O42 - Logiciel: Security Update for Windows XP (KB2859537) - (.Microsoft Corporation.) [HKLM] -- KB2859537 © O42 - Logiciel: Security Update for Windows XP (KB2862152) - (.Microsoft Corporation.) [HKLM] -- KB2862152 © O42 - Logiciel: Security Update for Windows XP (KB2862330) - (.Microsoft Corporation.) [HKLM] -- KB2862330 © O42 - Logiciel: Security Update for Windows XP (KB2862335) - (.Microsoft Corporation.) [HKLM] -- KB2862335 © O42 - Logiciel: Security Update for Windows XP (KB2864063) - (.Microsoft Corporation.) [HKLM] -- KB2864063 © O42 - Logiciel: Security Update for Windows XP (KB2868626) - (.Microsoft Corporation.) [HKLM] -- KB2868626 © O42 - Logiciel: Security Update for Windows XP (KB2876217) - (.Microsoft Corporation.) [HKLM] -- KB2876217 © O42 - Logiciel: Security Update for Windows XP (KB2876331) - (.Microsoft Corporation.) [HKLM] -- KB2876331 © O42 - Logiciel: Security Update for Windows XP (KB2892075) - (.Microsoft Corporation.) [HKLM] -- KB2892075 © O42 - Logiciel: Security Update for Windows XP (KB2893294) - (.Microsoft Corporation.) [HKLM] -- KB2893294 © O42 - Logiciel: Security Update for Windows XP (KB2898715) - (.Microsoft Corporation.) [HKLM] -- KB2898715 © O42 - Logiciel: Security Update for Windows XP (KB2900986) - (.Microsoft Corporation.) [HKLM] -- KB2900986 © O42 - Logiciel: Update for Windows XP (KB2904266) - (.Microsoft Corporation.) [HKLM] -- KB2904266 © O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2909210) - (.Microsoft Corporation.) [HKLM] -- KB2909210-IE8 © O42 - Logiciel: Security Update for Windows XP (KB2914368) - (.Microsoft Corporation.) [HKLM] -- KB2914368 © O42 - Logiciel: Security Update for Windows XP (KB2916036) - (.Microsoft Corporation.) [HKLM] -- KB2916036 © O42 - Logiciel: Security Update for Windows XP (KB2922229) - (.Microsoft Corporation.) [HKLM] -- KB2922229 © O42 - Logiciel: Security Update for Windows XP (KB2929961) - (.Microsoft Corporation.) [HKLM] -- KB2929961 © O42 - Logiciel: Security Update for Windows XP (KB2930275) - (.Microsoft Corporation.) [HKLM] -- KB2930275 © O42 - Logiciel: Update for Windows XP (KB2934207) - (.Microsoft Corporation.) [HKLM] -- KB2934207 © O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011 © O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1 © O42 - Logiciel: Memory Cleaner 2.00 - (.KoshyJohn.com.) [HKLM] -- MemClean O42 - Logiciel: Microsoft Report Viewer Redistributable 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft Report Viewer Redistributable 2005 © O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 40.0.3 (x86 en-US) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService © O42 - Logiciel: Opera Stable 31.0.1889.174 - (.Opera Software.) [HKLM] -- Opera 31.0.1889.174 © O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO © O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller © O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- ShockwaveFlash © O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1 O42 - Logiciel: VC RamCleaner 1.10 Build 039 - (.VC Computer Services.) [HKLM] -- VC RamCleaner_is1 O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player © O42 - Logiciel: WASEL Pro - (.WASEL Pro VPN Service.) [HKLM] -- WASEL Pro O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007 © O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 © O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst © O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver © O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100 © O42 - Logiciel: Wondershare Video Editor(Build 5.1.0) - (.Wondershare Software.) [HKLM] -- Wondershare Video Editor_is1 © O42 - Logiciel: Who Is On My Wifi version 2.1.1 - (.IO3O LLC.) [HKLM] -- {010D45A1-093D-4534-8147-4E10E80F81CC}_is1 O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2} © O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} © O42 - Logiciel: HP Deskjet 1050 J410 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM] -- {226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD} © O42 - Logiciel: HP Deskjet 1050 J410 series Help - (.Hewlett Packard.) [HKLM] -- {5C90D8CF-F12A-41C6-9007-3B651A1F0D78} © O42 - Logiciel: Bing Rewards Client Installer - (.Microsoft Corporation.) [HKLM] -- {61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17} © O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM] -- {623B8278-8CAD-45C1-B844-58B687C07805} © O42 - Logiciel: Windows Rights Management Client with Service Pack 2 - (.Microsoft.) [HKLM] -- {62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0} © O42 - Logiciel: HP Deskjet 1050 J410 series Product Improvement Study - (.Hewlett-Packard Co..) [HKLM] -- {7414C891-720D-4E86-85E5-C3AA898DA9EC} © O42 - Logiciel: SketchUp 8 - (.Trimble Navigation Limited.) [HKLM] -- {779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE} O42 - Logiciel: Tadween 1.0.0 beta - (.Mohammad Hejazi.) [HKLM] -- {7C17B5E1-C81C-4668-AD90-50CCCDBA0BBE}_is1 O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} © O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {88547073-C566-4895-9005-EBE98EA3F7C7} © O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {928B06E4-DDAA-476A-926A-641620326327} © O42 - Logiciel: Folder Colorizer version 1.1.0 - (.Softorino.) [HKLM] -- {A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1 © O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824147215} © O42 - Logiciel: Adobe Reader X (10.1.2) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001} © O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE} © O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} © O42 - Logiciel: Atheros Wireless LAN - (...) [HKLM] -- {D70DE630-0D13-4394-A15B-5ACE6CF2A18D} O42 - Logiciel: Windows Rights Management Client Backwards Compatibility SP2 - (.Microsoft.) [HKLM] -- {EC905264-BCFE-423B-9C42-C3A106266790} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © ---\\ HKCU & HKLM Software Keys (85) - 11s HKLM\SOFTWARE\acer HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\AdwCleaner HKLM\SOFTWARE\Ahead HKLM\SOFTWARE\ArcticLine HKLM\SOFTWARE\Atheros HKLM\SOFTWARE\Broadcom HKLM\SOFTWARE\C07ft5Y HKLM\SOFTWARE\Cygnus Solutions HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Gemplus HKLM\SOFTWARE\Google HKLM\SOFTWARE\Hewlett-Packard HKLM\SOFTWARE\HewlettPackard HKLM\SOFTWARE\HP HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\KoshyJohn.com HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\Malwarebytes Anti-Rootkit HKLM\SOFTWARE\Marvell HKLM\SOFTWARE\McAfee.com HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\Nero HKLM\SOFTWARE\NVIDIA Corporation HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Opera Software HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\PowerISO HKLM\SOFTWARE\Program Groups HKLM\SOFTWARE\Realtek HKLM\SOFTWARE\Realtek Semiconductor Corp. HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\RocketLife HKLM\SOFTWARE\SAMSUNG HKLM\SOFTWARE\Schlumberger HKLM\SOFTWARE\Secure HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\Visan HKLM\SOFTWARE\Windows 3.1 Migration Status HKLM\SOFTWARE\WinPcap HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\Wondershare HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Ahead HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ArcticLine HKCU\SOFTWARE\ASProtect HKCU\SOFTWARE\Broadcom HKCU\SOFTWARE\Bugsplat HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Cygnus Solutions HKCU\SOFTWARE\DownloadAstro HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Google HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\HP HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JEDI-VCL HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Marvell HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\PowerISO HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Samsung HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\techPowerUp HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\Visan HKCU\SOFTWARE\VSRevoGroup HKCU\SOFTWARE\WASEL Pro VPN Service HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Xenocode HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software ---\\ Contents of the Common Files folders (150) - 12s O43 - CFD: 2015/06/02 13:24:57 - [] D -- C:\Program Files\25_escape O43 - CFD: 2015/06/02 13:28:35 - [] D -- C:\Program Files\Adobe O43 - CFD: 2015/07/12 00:14:58 - [0] D -- C:\Program Files\Ahead O43 - CFD: 2015/06/02 13:01:29 - [] D -- C:\Program Files\Atheros O43 - CFD: 2015/06/02 13:00:16 - [] D -- C:\Program Files\Broadcom O43 - CFD: 2015/07/12 00:12:21 - [] D -- C:\Program Files\CCleaner O43 - CFD: 2015/07/25 00:09:49 - [] D -- C:\Program Files\Common Files O43 - CFD: 2015/06/02 12:40:50 - [0] D -- C:\Program Files\ComPlus Applications O43 - CFD: 2015/09/18 01:39:14 - [] D -- C:\Program Files\ESET O43 - CFD: 2015/07/13 02:47:20 - [] D -- C:\Program Files\Folder Colorizer O43 - CFD: 2015/07/18 23:37:58 - [] D -- C:\Program Files\Folder Marker O43 - CFD: 2015/08/08 17:58:26 - [] D -- C:\Program Files\Google O43 - CFD: 2015/06/04 00:09:00 - [] D -- C:\Program Files\HP O43 - CFD: 2015/06/03 23:45:51 - [] D -- C:\Program Files\HP Photo Creations O43 - CFD: 2015/10/08 20:48:37 - [] HD -- C:\Program Files\InstallShield Installation Information O43 - CFD: 2015/06/02 12:52:28 - [] D -- C:\Program Files\Intel O43 - CFD: 2015/06/02 13:13:02 - [] D -- C:\Program Files\Internet Download Manager O43 - CFD: 2006/10/08 15:38:54 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 2015/09/23 22:04:05 - [] D -- C:\Program Files\IO3O LLC O43 - CFD: 2015/10/13 23:34:27 - [] D -- C:\Program Files\Malwarebytes Anti-Malware O43 - CFD: 2015/06/03 23:46:55 - [] D -- C:\Program Files\Microsoft O43 - CFD: 2015/06/09 22:53:01 - [] D -- C:\Program Files\Microsoft Silverlight O43 - CFD: 2015/06/06 20:58:31 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 2006/10/08 15:39:34 - [] D -- C:\Program Files\Movie Maker O43 - CFD: 2015/09/02 21:58:34 - [] D -- C:\Program Files\Mozilla Firefox O43 - CFD: 2015/09/02 21:58:34 - [] D -- C:\Program Files\Mozilla Maintenance Service O43 - CFD: 2015/06/03 23:46:35 - [] D -- C:\Program Files\MSN Toolbar O43 - CFD: 2015/06/02 12:35:40 - [] D -- C:\Program Files\MSXML 4.0 O43 - CFD: 2015/06/02 12:44:24 - [] D -- C:\Program Files\NetMeeting O43 - CFD: 2015/07/18 19:34:33 - [0] D -- C:\Program Files\Ninja Download Manager O43 - CFD: 2015/06/02 12:44:53 - [] D -- C:\Program Files\Online Services O43 - CFD: 2015/10/21 21:56:28 - [] D -- C:\Program Files\Opera O43 - CFD: 2015/06/02 12:44:21 - [] D -- C:\Program Files\Outlook Express O43 - CFD: 2015/07/18 23:02:35 - [] D -- C:\Program Files\PowerISO O43 - CFD: 2015/06/02 12:57:46 - [] D -- C:\Program Files\Realtek O43 - CFD: 2015/10/08 20:47:53 - [] D -- C:\Program Files\SAMSUNG O43 - CFD: 2015/06/02 12:38:47 - [] D -- C:\Program Files\System O43 - CFD: 2015/06/02 13:08:34 - [] D -- C:\Program Files\Tadween O43 - CFD: 2015/06/02 12:49:45 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 2015/06/02 23:12:02 - [] D -- C:\Program Files\USB Disk Security O43 - CFD: 2015/07/12 00:35:24 - [] D -- C:\Program Files\VC RamCleaner O43 - CFD: 2015/07/12 00:13:30 - [] D -- C:\Program Files\VS Revo Group O43 - CFD: 2015/10/02 23:21:45 - [] D -- C:\Program Files\WASEL Pro VPN Service O43 - CFD: 2015/06/02 12:44:39 - [] D -- C:\Program Files\Windows Media Connect 2 O43 - CFD: 2006/10/08 15:40:41 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 2015/06/02 12:34:19 - [] D -- C:\Program Files\Windows NT O43 - CFD: 2015/06/02 12:44:58 - [0] HD -- C:\Program Files\WindowsUpdate O43 - CFD: 2015/10/07 20:39:04 - [] D -- C:\Program Files\WinPcap O43 - CFD: 2015/09/04 23:33:33 - [] D -- C:\Program Files\WinRAR O43 - CFD: 2015/06/02 13:07:09 - [] D -- C:\Program Files\Wondershare O43 - CFD: 2015/06/03 23:43:14 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories O43 - CFD: 2015/06/02 12:46:44 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/06/02 13:00:39 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Broadcom Wireless O43 - CFD: 2015/07/12 00:02:46 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner O43 - CFD: 2015/09/18 01:39:15 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET O43 - CFD: 2015/07/13 02:47:19 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Folder Colorizer O43 - CFD: 2015/07/18 23:37:58 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Folder Marker O43 - CFD: 2015/06/02 12:39:35 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Games O43 - CFD: 2015/06/04 00:10:04 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\HP O43 - CFD: 2015/07/12 00:26:37 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\KoshyJohn.com O43 - CFD: 2015/10/13 23:34:30 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 2015/06/06 22:05:47 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2015/07/18 23:02:37 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PowerISO O43 - CFD: 2015/10/08 20:48:48 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung O43 - CFD: 2015/08/08 17:58:50 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\SketchUp 8 O43 - CFD: 2015/10/20 22:33:36 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup O43 - CFD: 2015/06/02 13:08:34 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Tadween O43 - CFD: 2015/06/02 13:21:00 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\USB Disk Security O43 - CFD: 2015/07/12 00:35:24 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\VC Soft O43 - CFD: 2015/06/02 13:30:42 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN O43 - CFD: 2015/10/02 23:22:24 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WASEL Pro VPN Service O43 - CFD: 2015/09/23 22:04:07 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Who Is On My Wifi O43 - CFD: 2015/10/07 20:39:03 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap O43 - CFD: 2015/09/04 23:33:42 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR O43 - CFD: 2015/06/02 13:07:35 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Wondershare O43 - CFD: 2015/06/05 23:25:41 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 2015/09/21 21:42:44 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software O43 - CFD: 2015/09/18 01:39:14 - [] D -- C:\Documents and Settings\All Users\Application Data\ESET O43 - CFD: 2015/08/08 17:59:44 - [] D -- C:\Documents and Settings\All Users\Application Data\Google O43 - CFD: 2015/07/11 23:59:14 - [] D -- C:\Documents and Settings\All Users\Application Data\HP O43 - CFD: 2015/06/03 23:52:57 - [] D -- C:\Documents and Settings\All Users\Application Data\HP Photo Creations O43 - CFD: 2015/06/02 13:13:11 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM O43 - CFD: 2015/06/23 14:45:17 - [] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes O43 - CFD: 2015/06/03 23:13:01 - [0] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) O43 - CFD: 2015/06/03 22:52:11 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee O43 - CFD: 2015/07/12 00:21:45 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan O43 - CFD: 2015/06/03 23:46:58 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 2015/06/02 13:11:21 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla O43 - CFD: 2015/10/08 20:53:10 - [] D -- C:\Documents and Settings\All Users\Application Data\Samsung O43 - CFD: 2015/06/02 12:43:26 - [] D -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage O43 - CFD: 2015/06/03 20:37:35 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare O43 - CFD: 2015/06/02 13:07:59 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare Video Editor O43 - CFD: 2015/06/02 23:11:42 - [0] D -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab O43 - CFD: 2015/06/02 13:28:44 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 2015/06/11 23:35:14 - [] D -- C:\Program Files\Common Files\Ahead O43 - CFD: 2015/06/02 12:59:59 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 2015/07/12 00:43:34 - [] D -- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 2015/06/02 12:44:21 - [] D -- C:\Program Files\Common Files\MSSoap O43 - CFD: 2015/06/11 23:38:27 - [] D -- C:\Program Files\Common Files\Nero O43 - CFD: 2015/06/02 15:29:16 - [] D -- C:\Program Files\Common Files\ODBC O43 - CFD: 2015/06/02 12:44:23 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 2006/10/08 15:38:00 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 2015/06/02 13:08:43 - [] D -- C:\Program Files\Common Files\Wondershare O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Application Data\Adobe O43 - CFD: 2015/07/18 23:14:11 - [] D -- C:\Documents and Settings\ahmed\Application Data\ArcticLine O43 - CFD: 2015/10/13 00:14:27 - [] D -- C:\Documents and Settings\ahmed\Application Data\DMCache O43 - CFD: 2015/07/17 22:11:35 - [] D -- C:\Documents and Settings\ahmed\Application Data\DownloadNinja O43 - CFD: 2015/09/18 01:47:00 - [] D -- C:\Documents and Settings\ahmed\Application Data\ESET O43 - CFD: 2015/08/08 17:59:39 - [] D -- C:\Documents and Settings\ahmed\Application Data\Google O43 - CFD: 2015/06/11 21:57:47 - [0] D -- C:\Documents and Settings\ahmed\Application Data\Help O43 - CFD: 2015/06/03 23:44:35 - [0] D -- C:\Documents and Settings\ahmed\Application Data\HpUpdate O43 - CFD: 2015/06/02 12:49:48 - [] D -- C:\Documents and Settings\ahmed\Application Data\Identities O43 - CFD: 2015/09/02 23:14:00 - [] D -- C:\Documents and Settings\ahmed\Application Data\IDM O43 - CFD: 2015/07/12 00:26:34 - [] D -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com O43 - CFD: 2015/06/04 00:10:43 - [] D -- C:\Documents and Settings\ahmed\Application Data\Macromedia O43 - CFD: 2015/09/23 22:06:14 - [] SD -- C:\Documents and Settings\ahmed\Application Data\Microsoft O43 - CFD: 2015/06/02 13:13:22 - [] D -- C:\Documents and Settings\ahmed\Application Data\Mozilla O43 - CFD: 2015/07/25 01:12:44 - [] D -- C:\Documents and Settings\ahmed\Application Data\Opera Software O43 - CFD: 2015/10/08 20:48:59 - [] D -- C:\Documents and Settings\ahmed\Application Data\Samsung O43 - CFD: 2015/06/28 20:00:05 - [] D -- C:\Documents and Settings\ahmed\Application Data\Thinstall O43 - CFD: 2015/10/21 14:25:35 - [] D -- C:\Documents and Settings\ahmed\Application Data\vlc O43 - CFD: 2015/06/02 13:05:39 - [] D -- C:\Documents and Settings\ahmed\Application Data\WinRAR O43 - CFD: 2015/06/02 23:11:42 - [] D -- C:\Documents and Settings\ahmed\Application Data\Zbshareware Lab O43 - CFD: 2015/10/21 22:09:26 - [] D -- C:\Documents and Settings\ahmed\Application Data\ZHP O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Adobe O43 - CFD: 2015/06/11 23:45:02 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Ahead O43 - CFD: 2015/06/11 22:00:47 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\ApplicationHistory O43 - CFD: 2015/06/02 13:09:00 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Arabix O43 - CFD: 2015/06/11 22:56:42 - [0] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\cdrtfe O43 - CFD: 2015/10/08 20:47:29 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Downloaded Installations O43 - CFD: 2015/09/18 01:47:00 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\ESET O43 - CFD: 2015/06/06 21:19:25 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Geckofx O43 - CFD: 2015/06/11 21:57:47 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Help O43 - CFD: 2015/06/03 23:53:16 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\HP O43 - CFD: 2015/06/28 20:00:19 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Microsoft O43 - CFD: 2015/07/26 13:05:02 - [0] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Microsoft Help O43 - CFD: 2015/06/02 13:13:13 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Mozilla O43 - CFD: 2015/07/28 21:50:45 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Opera Software O43 - CFD: 2015/07/13 01:47:23 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\PCHealth O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Temp O43 - CFD: 2015/06/28 20:00:05 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Thinstall O43 - CFD: 2015/06/02 13:08:49 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Wondershare O43 - CFD: 2015/06/11 22:50:35 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Xenocode O43 - CFD: 2015/06/02 12:49:56 - [] RD -- C:\Documents and Settings\ahmed\Start Menu\Programs\Accessories O43 - CFD: 2015/06/02 13:13:10 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\Internet Download Manager O43 - CFD: 2015/07/12 00:13:31 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\Revo Uninstaller O43 - CFD: 2015/06/02 15:28:33 - [] RD -- C:\Documents and Settings\ahmed\Start Menu\Programs\Startup O43 - CFD: 2015/09/04 23:33:41 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\WinRAR O43 - CFD: 2015/06/02 12:46:44 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories O43 - CFD: 2015/06/02 15:28:33 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup ---\\ Latest files created in Prefetcher (1) - 5s O45 - LFCP:[MD5.A6D04D3B04C561A12E87320D5A1CCF47] 2015/10/19 22:00:30 A -- C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-0B007004.pf =>.Superfluous.SpyHunter ---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll © O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\system32\cscui.dll © ---\\ ShareTools MSconfig StartupReg (13) - 2s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe © O53 - SMSR:HKLM\...\startupreg\Alcmtr [Key] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- ALCMTR.EXE (.not file.) © O53 - SMSR:HKLM\...\startupreg\AzMixerSel [Key] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe © O53 - SMSR:HKLM\...\startupreg\DWPersistentQueuedReporting [Key] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE © O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe © O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe © O53 - SMSR:HKLM\...\startupreg\igfxhkcmd [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe © O53 - SMSR:HKLM\...\startupreg\Microsoft Default Manager [Key] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe © O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE © O53 - SMSR:HKLM\...\startupreg\RTHDCPL [Key] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- RTHDCPL.EXE (.not file.) © O53 - SMSR:HKLM\...\startupreg\SkyTel [Key] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- SkyTel.EXE (.not file.) © O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe © ---\\ System Drivers List (52) - 3s O58 - SDL:2006/01/25 09:44:52 A . (.Atheros Communications, Inc. - Driver for Atheros AR5001 Wireless Network.) -- C:\WINDOWS\System32\drivers\ar5211.sys [488448] © O58 - SDL:2005/11/02 07:24:24 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS [424320] © O58 - SDL:2005/11/11 14:40:48 RA . (.CACE Technologies - npf.) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS [33664] © O58 - SDL:2005/06/21 12:32:50 A . (.Inprocomm, Inc. - Inprocomm 802.1x Supplicant.) -- C:\WINDOWS\System32\drivers\callistx.sys [28544] O58 - SDL:2010/12/20 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] © O58 - SDL:2010/12/20 14:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] © O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [799744] © O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153344] © O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [202704] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [144536] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [185176] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\System32\drivers\epfwndis.sys [48192] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [71888] © O58 - SDL:2010/12/20 14:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384] O58 - SDL:2006/03/23 06:47:06 RA . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\ialmnt5.sys [1166972] © O58 - SDL:2014/10/01 08:19:10 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [122848] © O58 - SDL:2015/06/18 08:41:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] © O58 - SDL:2015/06/18 08:41:46 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] © O58 - SDL:2015/10/19 22:15:56 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [98520] © O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv61xxmm.sys [5632] © O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv64xxmm.sys [5632] © O58 - SDL:2010/10/14 03:55:06 A . (.Marvell Semiconductor, Inc. - USB EWS Device Driver.) -- C:\WINDOWS\System32\drivers\mvusbews.sys [17408] © O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mvxxmm.sys [5632] © O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] © O58 - SDL:2010/06/25 19:07:14 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35088] © O58 - SDL:2010/12/20 14:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] © O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] © O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] © O58 - SDL:2006/06/28 10:25:24 R . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys [4304384] © O58 - SDL:2011/11/15 05:50:16 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\WINDOWS\System32\drivers\scdemu.sys [112096] © O58 - SDL:2010/12/20 14:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] © O58 - SDL:2013/08/21 06:31:38 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [84248] © O58 - SDL:2013/08/21 06:31:38 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [182680] © O58 - SDL:2012/06/28 09:49:48 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [26624] © O58 - SDL:2010/12/20 14:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] © O58 - SDL:2010/12/20 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] © O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9029] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4768] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27866] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33840] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560] ---\\ Last modified or created user files (1) - 6s O61 - LFC: 2015/10/19 22:00:02 A . (.Enigma Software Group USA, LLC..) -- C:\Documents and Settings\ahmed\My Documents\Downloads\Programs\SpyHunter-Installer.exe [3237248] =>.Superfluous.SpyHunter ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe © ---\\ Start Menu Internet (13) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © ---\\ Search Browser Infection (9) - 9s O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.newtab.url", "http://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAYaJlxaUQgXDAVGcgkVVQhBFBgbJAsPTFsQE1ZCdl[...] =>PUP.Optional.Browser O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.alias", "sweet-page"); =>PUP.Optional.SweetPage O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.name", "sweet-page"); =>PUP.Optional.SweetPage O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.ptid", "cor"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.uid", "ST980811AS_5LY1JQRXXXXX5LY1JQRX"); =>PUP.Optional.SearchEngine O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.startup.homepage", "http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQeV9dAwlARxgTJQsITA1AEQAOeF0KVhQT[...] =>PUP.Optional.Browser O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("extensions.defsearchp@gmail.com.install-event-fired", true); =>PUP.Optional.PriceFountain O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("extensions.deskCutv2@gmail.com.install-event-fired", true); =>PUP.Optional.DeskCut ---\\ Search Svchost Services (37) - 1s O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\WINDOWS\system32\appmgmts.dll [167936] © O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] © O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336] © O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] © O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- C:\WINDOWS\system32\dmserver.dll [23552] © O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976] © O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952] © O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] © O83 - Search Svchost Services: HidServ (HidServ) . (...) -- C:\WINDOWS\System32\hidserv.dll [0] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] © O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [134144] © O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] © O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- C:\WINDOWS\system32\netman.dll [198144] © O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\WINDOWS\system32\mswsock.dll [245248] © O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- C:\WINDOWS\system32\ntmssvc.dll [435200] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] © O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- C:\WINDOWS\system32\schedsvc.dll [192512] © O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [18944] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\system32\ipnathlp.dll [330752] © O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- C:\WINDOWS\system32\srsvc.dll [171008] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\WINDOWS\system32\tapisrv.dll [249856] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] © O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] © O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [175616] © O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- C:\WINDOWS\system32\wzcsvc.dll [483328] © O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\WINDOWS\system32\advapi32.dll [617472] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [144896] © O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] © O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- C:\WINDOWS\system32\qagentrt.dll [291328] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\WINDOWS\system32\kmsvc.dll [61440] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\system32\qmgr.dll [408576] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [22520] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] © O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\mspmsnsv.dll [27136] © ---\\ Services not Microsoft (SR=Run, SS=Stop) (8) - 18s SS - Demand [2015/10/06 22:37:14] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe © SR - Auto [2015/07/08 15:22:32] [ 1353720] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe © SR - Auto [2010/11/24 11:01:18] [ 99896] HP SI Service (HPSIService) . (.HP.) - C:\WINDOWS\system32\HPSIsvc.exe © SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe © SS - Demand [2015/08/30 21:39:50] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe © SS - Demand [2010/06/25 19:07:20] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe © SR - Auto [2005/11/11 14:40:52] [ 18944] Broadcom Wireless LAN Tray Service (wltrysvc) . (...) - C:\WINDOWS\system32\WLTRYSVC.EXE ---\\ Additional Scan (O88) (1) - 0s C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-0B007004.pf =>.Superfluous.SpyHunter ---\\ Summary of the elements found (5) - 1s http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine http://www.nicolascoolman.fr/blog =>PUP.Optional.PriceFountain http://www.nicolascoolman.fr/blog =>PUP.Optional.DeskCut ~ End of the scan, 38090 items in 88 seconds (703)(0)()