cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Commentaire : ~ ZHPDiag v2015.10.19.153 By Nicolas Coolman (2015/10/19) ~ Run by ahmed (Administrator) (2015/10/21 22:09:13) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Documents and Settings\ahmed\Desktop\ZHPDiag.txt ~ Report: C:\Documents and Settings\ahmed\Application Data\ZHP\ZHPDiag.txt ~ UAC: Deactivate ~ System startup: Normal (Normal boot) Windows XP, 32-bit Service Pack 3 (Build 2600) ---\\ Internet Browsers (3) - 0s MFIE: Mozilla Firefox 40.0.3 (x86 en-US) v40.0.3 OPIE: Opera 31.0.1889.174 v31.0.1889.174 MSIE: Internet Explorer v8.0.6001.18702 ---\\ Windows Product Information (3) - 0s Windows Automatic Updates : OK Windows Activation Technologies : KO Windows Genuine Advantage : KO ---\\ System protection software (2) - 2s ESET Smart Security v8.0.319.0 Malwarebytes Anti-Malware version 2.1.8.1057 ---\\ System optimization software (1) - 3s CCleaner v3.19 ---\\ Surveillance software (2) - 3s Adobe Flash Player 19 NPAPI Adobe Reader X ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 14 Stepping 8, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 1038.384 MB (12% free) ~ System Restore: Activé (Enable) ~ System drive C: has 14 GB free of 24 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: GENIUS-PC ~ User Name: ahmed ~ Logged in as Administrator ---\\ Enumeration of the disk units (3) - 0s ~ Drive C: has 14 GB free of 24 GB (System) ~ Drive D: has 1 GB free of 31 GB ~ Drive E: has 0 GB free of 19 GB ---\\ State of the Windows Security Center (9) - 0s [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (23) - 1s [MD5.2BB75B7F548D82A099125D0C5971DE7D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [1033728] © [MD5.037B1E7798960E0420003D05BB577EE6] - (.Microsoft Corporation - Run a DLL as an App.) () -- C:\WINDOWS\System32\rundll32.exe [33280] © [MD5.9357C4249F4810FB0E49C13387A8A77C] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [919552] © [MD5.53A8857723277B1D6D5EE60A9F85B117] - (.Microsoft Corporation - Windows NT Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [509440] © [MD5.64AA11D53A4A84CDF43370D7036517C3] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [149504] © [MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496] © [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512] © [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] © [MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] © [MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44544] © [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384] [MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [52480] © [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] © [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] © [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] © [MD5.0AF15A971F120246C9EEF2C46E290539] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [457216] © [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816] © [MD5.AE8CAD8F28DB13B515A68510A539B0B8] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [576512] © [MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80128] © [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] © [MD5.47EA20320E3D6FDC7B7BB22B2B881CA6] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [195712] © [MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) () -- C:\WINDOWS\System32\drivers\redbook.sys [57600] © [MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [52352] © ---\\ Process running (15) - 1s [MD5.61E71BC3CD3530444000A9B68F7EE931] - (...) -- C:\WINDOWS\system32\WLTRYSVC.EXE [18944] [PID.772] [MD5.9A0CE1DB25F1CDD3ED11236884800538] - (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\BCMWLTRY.EXE [1093632] [PID.800] © [MD5.0F32048BF3EA2A85FE3AC48E8E7B7C85] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720] [PID.1024] © [MD5.388144E78383D57744398C07A5C007F1] - (.HP - HP Smart-Install Service.) -- C:\WINDOWS\system32\HPSIsvc.exe [99896] [PID.1052] © [MD5.54F1F98C4AD8F99BBBE8FBB62B38733F] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [94208] [PID.2088] © [MD5.32FB9368F485A7FE944EB6678B61734B] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784] [PID.2096] © [MD5.F11C343318DA14137669AE14ADE27DF1] - (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\WLTRAY.EXE [1236992] [PID.2108] © [MD5.C15D502F788763303CA9EDE20271DF9C] - (.مركز طيبة بإشراف أحمد سليلو - برنامج الحماية من فيروسات الفلاشات والأوتور.) -- C:\Program Files\USB Disk Security\USBGuard.exe [1085440] [PID.2132] [MD5.4EE76D4CB055E8EC281177771345E8B3] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE [312376] [PID.2152] © [MD5.8FDABAC05324CD63B8A33AB1F410A473] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480] [PID.2188] © [MD5.35EB9CEEEB0FEB77CA061B8869A42B92] - (.WASEL Pro VPN Service - WASEL Pro.) -- C:\Program Files\WASEL Pro VPN Service\WASEL Pro\wasel_pro.exe [1916856] [PID.2196] [MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [377000] [PID.1940] © [MD5.A3E33718D1090A1587AC069597EC4FA6] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3907152] [PID.3456] © [MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3556] © [MD5.D0066FBB3BA6C522B6185D0A1E3AF0E8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\ahmed\My Documents\Downloads\Programs\ZHPDiag3.exe [1958400] [PID.3716] © ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (22) - 3s M0 - MFSP: prefs.js [ahmed - ftweeuuw.default] http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQeV9dAwlARxgTJQsITA1AEQAOeF0KVhQTQAdAIQ9dBwlCEg0FIk0FA18DB0VXfWFoKB8fHHNKLE1dE2sUUkBPNEo= =>PUP.Optional.Browser P2 - EXT: (.Coupons, Inc. - Coupons, Inc. Coupon Printer DLL.) -- C:\Program Files\Mozilla Firefox\Plugins\npCouponPrinter.dll P2 - EXT: (.Coupons, Inc. - Coupons, Inc. Coupon Printer Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npMozCouponPrinter.dll P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\adblockpopups@jessehakanen.net.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\client@anonymox.net.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\firefox@mega.co.nz.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\firefox@zenmate.com.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-rs90nxQtPi3Asg@jetpack.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\killjasmin@pierros14.com.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\popuplogout@iniqua.com.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a2}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\searchplugins\default.xml P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\searchplugins\google-avast.xml P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} © P2 - EXT: (.Zapyo - Zapyo.) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-AlAaAeISf3xDHw@jetpack P2 - EXT: (.V@no - Cookies Manager+.) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll © ---\\ Opera, Plugins,Start,Search (1) - 0s B2 - EXT: [{background:{scripts:[background.js]}content_scrip] C:\Documents and Settings\ahmed\Application Data\Opera Software\Opera Stable\Extensions\hcpmfcmlnoogcdfecehmddfjkpgkacah ---\\ Internet Explorer Extensions, Start, Search (9) - 0s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer ---\\ Internet Explorer, Proxy Management (4) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (19) ---\\ Browser Helper Object (BHO) (4) - 0s O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll © O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll © O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll © O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll © ---\\ Auto loading programs from Registry and folders (18) - 0s O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe © O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe © O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\WLTRAY.EXE © O4 - HKLM\..\Run: [USB Security] . (.مركز طيبة بإشراف أحمد سليلو - برنامج الحماية من فيروسات الفلاشات والأوتور.) -- C:\Program Files\USB Disk Security\USBGuard.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKCU\..\Run: [Memory Cleaner] . (.KoshyJohn.com - MemoryCleaner.) -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com\MemClean\MemClean.exe O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe © O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe © O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [Memory Cleaner] . (.KoshyJohn.com - MemoryCleaner.) -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com\MemClean\MemClean.exe O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe © ---\\ Lop.com/Domain Hijackers (3) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2 ---\\ Extra protocols (25) - 0s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll © O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll © O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll © O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll © O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll © O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll © O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll © O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll © O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll © O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll © O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll © O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll © ---\\ Non Microsoft non disabled Windows Services (4) - 1s O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe © O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\WINDOWS\system32\HPSIsvc.exe © O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe © O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) . (...) - C:\WINDOWS\system32\WLTRYSVC.EXE ---\\ Software installed (115) - 11s O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI © O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11b Network Adapter © O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner © O42 - Logiciel: Folder Marker Free - (.ArcticLine Software.) [HKLM] -- Folder Marker Free_is1 O42 - Logiciel: Folder Marker Pro - (.ArcticLine Software.) [HKLM] -- Folder Marker Pro_is1 O42 - Logiciel: HP LaserJet Professional P1100-P1560-P1600 Series - (...) [HKLM] -- HP LaserJet Professional P1100-P1560-P1600 Series O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM] -- HP Photo Creations © O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} © O42 - Logiciel: Internet Download Manager - (...) [HKLM] -- Internet Download Manager O42 - Logiciel: Security Update for Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802 © O42 - Logiciel: Security Update for Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632 © O42 - Logiciel: Security Update for Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960 © O42 - Logiciel: Security Update for Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971 © O42 - Logiciel: Security Update for Windows XP (KB2479943) - (.Microsoft Corporation.) [HKLM] -- KB2479943 © O42 - Logiciel: Security Update for Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185 © O42 - Logiciel: Security Update for Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663 © O42 - Logiciel: Security Update for Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212 © O42 - Logiciel: Security Update for Windows XP (KB2507938) - (.Microsoft Corporation.) [HKLM] -- KB2507938 © O42 - Logiciel: Security Update for Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429 © O42 - Logiciel: Security Update for Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553 © O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2510531) - (.Microsoft Corporation.) [HKLM] -- KB2510531-IE8 © O42 - Logiciel: Security Update for Windows XP (KB2535512) - (.Microsoft Corporation.) [HKLM] -- KB2535512 © O42 - Logiciel: Security Update for Windows XP (KB2544893-v2) - (.Microsoft Corporation.) [HKLM] -- KB2544893-v2 © O42 - Logiciel: Security Update for Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454 © O42 - Logiciel: Security Update for Windows XP (KB2570947) - (.Microsoft Corporation.) [HKLM] -- KB2570947 © O42 - Logiciel: Security Update for Windows XP (KB2584146) - (.Microsoft Corporation.) [HKLM] -- KB2584146 © O42 - Logiciel: Security Update for Windows XP (KB2585542) - (.Microsoft Corporation.) [HKLM] -- KB2585542 © O42 - Logiciel: Security Update for Windows XP (KB2592799) - (.Microsoft Corporation.) [HKLM] -- KB2592799 © O42 - Logiciel: Security Update for Windows XP (KB2598479) - (.Microsoft Corporation.) [HKLM] -- KB2598479 © O42 - Logiciel: Security Update for Windows XP (KB2603381) - (.Microsoft Corporation.) [HKLM] -- KB2603381 © O42 - Logiciel: Security Update for Windows XP (KB2631813) - (.Microsoft Corporation.) [HKLM] -- KB2631813 © O42 - Logiciel: Security Update for Windows XP (KB2653956) - (.Microsoft Corporation.) [HKLM] -- KB2653956 © O42 - Logiciel: Security Update for Windows XP (KB2655992) - (.Microsoft Corporation.) [HKLM] -- KB2655992 © O42 - Logiciel: Security Update for Windows XP (KB2659262) - (.Microsoft Corporation.) [HKLM] -- KB2659262 © O42 - Logiciel: Security Update for Windows XP (KB2661637) - (.Microsoft Corporation.) [HKLM] -- KB2661637 © O42 - Logiciel: Security Update for Windows XP (KB2676562) - (.Microsoft Corporation.) [HKLM] -- KB2676562 © O42 - Logiciel: Security Update for Windows XP (KB2686509) - (.Microsoft Corporation.) [HKLM] -- KB2686509 © O42 - Logiciel: Security Update for Windows XP (KB2698365) - (.Microsoft Corporation.) [HKLM] -- KB2698365 © O42 - Logiciel: Security Update for Windows XP (KB2712808) - (.Microsoft Corporation.) [HKLM] -- KB2712808 © O42 - Logiciel: Security Update for Windows XP (KB2719985) - (.Microsoft Corporation.) [HKLM] -- KB2719985 © O42 - Logiciel: Security Update for Windows XP (KB2723135-v2) - (.Microsoft Corporation.) [HKLM] -- KB2723135-v2 © O42 - Logiciel: Update for Windows XP (KB2749655) - (.Microsoft Corporation.) [HKLM] -- KB2749655 © O42 - Logiciel: Security Update for Windows XP (KB2770660) - (.Microsoft Corporation.) [HKLM] -- KB2770660 © O42 - Logiciel: Security Update for Windows XP (KB2780091) - (.Microsoft Corporation.) [HKLM] -- KB2780091 © O42 - Logiciel: Security Update for Windows XP (KB2802968) - (.Microsoft Corporation.) [HKLM] -- KB2802968 © O42 - Logiciel: Security Update for Windows XP (KB2807986) - (.Microsoft Corporation.) [HKLM] -- KB2807986 © O42 - Logiciel: Update for Windows XP (KB2813347-v2) - (.Microsoft Corporation.) [HKLM] -- KB2813347-v2 © O42 - Logiciel: Security Update for Windows XP (KB2820917) - (.Microsoft Corporation.) [HKLM] -- KB2820917 © O42 - Logiciel: Security Update for Windows XP (KB2834886) - (.Microsoft Corporation.) [HKLM] -- KB2834886 © O42 - Logiciel: Security Update for Windows Media Player (KB2834904-v2) - (.Microsoft Corporation.) [HKLM] -- KB2834904-v2_WM11 © O42 - Logiciel: Security Update for Windows XP (KB2847311) - (.Microsoft Corporation.) [HKLM] -- KB2847311 © O42 - Logiciel: Security Update for Windows XP (KB2859537) - (.Microsoft Corporation.) [HKLM] -- KB2859537 © O42 - Logiciel: Security Update for Windows XP (KB2862152) - (.Microsoft Corporation.) [HKLM] -- KB2862152 © O42 - Logiciel: Security Update for Windows XP (KB2862330) - (.Microsoft Corporation.) [HKLM] -- KB2862330 © O42 - Logiciel: Security Update for Windows XP (KB2862335) - (.Microsoft Corporation.) [HKLM] -- KB2862335 © O42 - Logiciel: Security Update for Windows XP (KB2864063) - (.Microsoft Corporation.) [HKLM] -- KB2864063 © O42 - Logiciel: Security Update for Windows XP (KB2868626) - (.Microsoft Corporation.) [HKLM] -- KB2868626 © O42 - Logiciel: Security Update for Windows XP (KB2876217) - (.Microsoft Corporation.) [HKLM] -- KB2876217 © O42 - Logiciel: Security Update for Windows XP (KB2876331) - (.Microsoft Corporation.) [HKLM] -- KB2876331 © O42 - Logiciel: Security Update for Windows XP (KB2892075) - (.Microsoft Corporation.) [HKLM] -- KB2892075 © O42 - Logiciel: Security Update for Windows XP (KB2893294) - (.Microsoft Corporation.) [HKLM] -- KB2893294 © O42 - Logiciel: Security Update for Windows XP (KB2898715) - (.Microsoft Corporation.) [HKLM] -- KB2898715 © O42 - Logiciel: Security Update for Windows XP (KB2900986) - (.Microsoft Corporation.) [HKLM] -- KB2900986 © O42 - Logiciel: Update for Windows XP (KB2904266) - (.Microsoft Corporation.) [HKLM] -- KB2904266 © O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2909210) - (.Microsoft Corporation.) [HKLM] -- KB2909210-IE8 © O42 - Logiciel: Security Update for Windows XP (KB2914368) - (.Microsoft Corporation.) [HKLM] -- KB2914368 © O42 - Logiciel: Security Update for Windows XP (KB2916036) - (.Microsoft Corporation.) [HKLM] -- KB2916036 © O42 - Logiciel: Security Update for Windows XP (KB2922229) - (.Microsoft Corporation.) [HKLM] -- KB2922229 © O42 - Logiciel: Security Update for Windows XP (KB2929961) - (.Microsoft Corporation.) [HKLM] -- KB2929961 © O42 - Logiciel: Security Update for Windows XP (KB2930275) - (.Microsoft Corporation.) [HKLM] -- KB2930275 © O42 - Logiciel: Update for Windows XP (KB2934207) - (.Microsoft Corporation.) [HKLM] -- KB2934207 © O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011 © O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1 © O42 - Logiciel: Memory Cleaner 2.00 - (.KoshyJohn.com.) [HKLM] -- MemClean O42 - Logiciel: Microsoft Report Viewer Redistributable 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft Report Viewer Redistributable 2005 © O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 40.0.3 (x86 en-US) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService © O42 - Logiciel: Opera Stable 31.0.1889.174 - (.Opera Software.) [HKLM] -- Opera 31.0.1889.174 © O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO © O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller © O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- ShockwaveFlash © O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1 O42 - Logiciel: VC RamCleaner 1.10 Build 039 - (.VC Computer Services.) [HKLM] -- VC RamCleaner_is1 O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player © O42 - Logiciel: WASEL Pro - (.WASEL Pro VPN Service.) [HKLM] -- WASEL Pro O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007 © O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 © O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst © O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver © O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100 © O42 - Logiciel: Wondershare Video Editor(Build 5.1.0) - (.Wondershare Software.) [HKLM] -- Wondershare Video Editor_is1 © O42 - Logiciel: Who Is On My Wifi version 2.1.1 - (.IO3O LLC.) [HKLM] -- {010D45A1-093D-4534-8147-4E10E80F81CC}_is1 O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2} © O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} © O42 - Logiciel: HP Deskjet 1050 J410 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM] -- {226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD} © O42 - Logiciel: HP Deskjet 1050 J410 series Help - (.Hewlett Packard.) [HKLM] -- {5C90D8CF-F12A-41C6-9007-3B651A1F0D78} © O42 - Logiciel: Bing Rewards Client Installer - (.Microsoft Corporation.) [HKLM] -- {61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17} © O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM] -- {623B8278-8CAD-45C1-B844-58B687C07805} © O42 - Logiciel: Windows Rights Management Client with Service Pack 2 - (.Microsoft.) [HKLM] -- {62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0} © O42 - Logiciel: HP Deskjet 1050 J410 series Product Improvement Study - (.Hewlett-Packard Co..) [HKLM] -- {7414C891-720D-4E86-85E5-C3AA898DA9EC} © O42 - Logiciel: SketchUp 8 - (.Trimble Navigation Limited.) [HKLM] -- {779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE} O42 - Logiciel: Tadween 1.0.0 beta - (.Mohammad Hejazi.) [HKLM] -- {7C17B5E1-C81C-4668-AD90-50CCCDBA0BBE}_is1 O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} © O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {88547073-C566-4895-9005-EBE98EA3F7C7} © O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {928B06E4-DDAA-476A-926A-641620326327} © O42 - Logiciel: Folder Colorizer version 1.1.0 - (.Softorino.) [HKLM] -- {A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1 © O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824147215} © O42 - Logiciel: Adobe Reader X (10.1.2) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001} © O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE} © O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} © O42 - Logiciel: Atheros Wireless LAN - (...) [HKLM] -- {D70DE630-0D13-4394-A15B-5ACE6CF2A18D} O42 - Logiciel: Windows Rights Management Client Backwards Compatibility SP2 - (.Microsoft.) [HKLM] -- {EC905264-BCFE-423B-9C42-C3A106266790} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © ---\\ HKCU & HKLM Software Keys (85) - 11s HKLM\SOFTWARE\acer HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\AdwCleaner HKLM\SOFTWARE\Ahead HKLM\SOFTWARE\ArcticLine HKLM\SOFTWARE\Atheros HKLM\SOFTWARE\Broadcom HKLM\SOFTWARE\C07ft5Y HKLM\SOFTWARE\Cygnus Solutions HKLM\SOFTWARE\ESET HKLM\SOFTWARE\Gemplus HKLM\SOFTWARE\Google HKLM\SOFTWARE\Hewlett-Packard HKLM\SOFTWARE\HewlettPackard HKLM\SOFTWARE\HP HKLM\SOFTWARE\Intel HKLM\SOFTWARE\Internet Download Manager HKLM\SOFTWARE\KoshyJohn.com HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\Malwarebytes Anti-Rootkit HKLM\SOFTWARE\Marvell HKLM\SOFTWARE\McAfee.com HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\Nero HKLM\SOFTWARE\NVIDIA Corporation HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Opera Software HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\PowerISO HKLM\SOFTWARE\Program Groups HKLM\SOFTWARE\Realtek HKLM\SOFTWARE\Realtek Semiconductor Corp. HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\RocketLife HKLM\SOFTWARE\SAMSUNG HKLM\SOFTWARE\Schlumberger HKLM\SOFTWARE\Secure HKLM\SOFTWARE\VideoLAN HKLM\SOFTWARE\Visan HKLM\SOFTWARE\Windows 3.1 Migration Status HKLM\SOFTWARE\WinPcap HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\Wondershare HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Ahead HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\ArcticLine HKCU\SOFTWARE\ASProtect HKCU\SOFTWARE\Broadcom HKCU\SOFTWARE\Bugsplat HKCU\SOFTWARE\Chromium HKCU\SOFTWARE\Cygnus Solutions HKCU\SOFTWARE\DownloadAstro HKCU\SOFTWARE\DownloadManager HKCU\SOFTWARE\ESET HKCU\SOFTWARE\Google HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\HP HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JEDI-VCL HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\Marvell HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\PowerISO HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Samsung HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\techPowerUp HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\Visan HKCU\SOFTWARE\VSRevoGroup HKCU\SOFTWARE\WASEL Pro VPN Service HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\Wondershare HKCU\SOFTWARE\Xenocode HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\AppDataLow\Software ---\\ Contents of the Common Files folders (150) - 12s O43 - CFD: 2015/06/02 13:24:57 - [] D -- C:\Program Files\25_escape O43 - CFD: 2015/06/02 13:28:35 - [] D -- C:\Program Files\Adobe O43 - CFD: 2015/07/12 00:14:58 - [0] D -- C:\Program Files\Ahead O43 - CFD: 2015/06/02 13:01:29 - [] D -- C:\Program Files\Atheros O43 - CFD: 2015/06/02 13:00:16 - [] D -- C:\Program Files\Broadcom O43 - CFD: 2015/07/12 00:12:21 - [] D -- C:\Program Files\CCleaner O43 - CFD: 2015/07/25 00:09:49 - [] D -- C:\Program Files\Common Files O43 - CFD: 2015/06/02 12:40:50 - [0] D -- C:\Program Files\ComPlus Applications O43 - CFD: 2015/09/18 01:39:14 - [] D -- C:\Program Files\ESET O43 - CFD: 2015/07/13 02:47:20 - [] D -- C:\Program Files\Folder Colorizer O43 - CFD: 2015/07/18 23:37:58 - [] D -- C:\Program Files\Folder Marker O43 - CFD: 2015/08/08 17:58:26 - [] D -- C:\Program Files\Google O43 - CFD: 2015/06/04 00:09:00 - [] D -- C:\Program Files\HP O43 - CFD: 2015/06/03 23:45:51 - [] D -- C:\Program Files\HP Photo Creations O43 - CFD: 2015/10/08 20:48:37 - [] HD -- C:\Program Files\InstallShield Installation Information O43 - CFD: 2015/06/02 12:52:28 - [] D -- C:\Program Files\Intel O43 - CFD: 2015/06/02 13:13:02 - [] D -- C:\Program Files\Internet Download Manager O43 - CFD: 2006/10/08 15:38:54 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 2015/09/23 22:04:05 - [] D -- C:\Program Files\IO3O LLC O43 - CFD: 2015/10/13 23:34:27 - [] D -- C:\Program Files\Malwarebytes Anti-Malware O43 - CFD: 2015/06/03 23:46:55 - [] D -- C:\Program Files\Microsoft O43 - CFD: 2015/06/09 22:53:01 - [] D -- C:\Program Files\Microsoft Silverlight O43 - CFD: 2015/06/06 20:58:31 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 2006/10/08 15:39:34 - [] D -- C:\Program Files\Movie Maker O43 - CFD: 2015/09/02 21:58:34 - [] D -- C:\Program Files\Mozilla Firefox O43 - CFD: 2015/09/02 21:58:34 - [] D -- C:\Program Files\Mozilla Maintenance Service O43 - CFD: 2015/06/03 23:46:35 - [] D -- C:\Program Files\MSN Toolbar O43 - CFD: 2015/06/02 12:35:40 - [] D -- C:\Program Files\MSXML 4.0 O43 - CFD: 2015/06/02 12:44:24 - [] D -- C:\Program Files\NetMeeting O43 - CFD: 2015/07/18 19:34:33 - [0] D -- C:\Program Files\Ninja Download Manager O43 - CFD: 2015/06/02 12:44:53 - [] D -- C:\Program Files\Online Services O43 - CFD: 2015/10/21 21:56:28 - [] D -- C:\Program Files\Opera O43 - CFD: 2015/06/02 12:44:21 - [] D -- C:\Program Files\Outlook Express O43 - CFD: 2015/07/18 23:02:35 - [] D -- C:\Program Files\PowerISO O43 - CFD: 2015/06/02 12:57:46 - [] D -- C:\Program Files\Realtek O43 - CFD: 2015/10/08 20:47:53 - [] D -- C:\Program Files\SAMSUNG O43 - CFD: 2015/06/02 12:38:47 - [] D -- C:\Program Files\System O43 - CFD: 2015/06/02 13:08:34 - [] D -- C:\Program Files\Tadween O43 - CFD: 2015/06/02 12:49:45 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 2015/06/02 23:12:02 - [] D -- C:\Program Files\USB Disk Security O43 - CFD: 2015/07/12 00:35:24 - [] D -- C:\Program Files\VC RamCleaner O43 - CFD: 2015/07/12 00:13:30 - [] D -- C:\Program Files\VS Revo Group O43 - CFD: 2015/10/02 23:21:45 - [] D -- C:\Program Files\WASEL Pro VPN Service O43 - CFD: 2015/06/02 12:44:39 - [] D -- C:\Program Files\Windows Media Connect 2 O43 - CFD: 2006/10/08 15:40:41 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 2015/06/02 12:34:19 - [] D -- C:\Program Files\Windows NT O43 - CFD: 2015/06/02 12:44:58 - [0] HD -- C:\Program Files\WindowsUpdate O43 - CFD: 2015/10/07 20:39:04 - [] D -- C:\Program Files\WinPcap O43 - CFD: 2015/09/04 23:33:33 - [] D -- C:\Program Files\WinRAR O43 - CFD: 2015/06/02 13:07:09 - [] D -- C:\Program Files\Wondershare O43 - CFD: 2015/06/03 23:43:14 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories O43 - CFD: 2015/06/02 12:46:44 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools O43 - CFD: 2015/06/02 13:00:39 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Broadcom Wireless O43 - CFD: 2015/07/12 00:02:46 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner O43 - CFD: 2015/09/18 01:39:15 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET O43 - CFD: 2015/07/13 02:47:19 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Folder Colorizer O43 - CFD: 2015/07/18 23:37:58 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Folder Marker O43 - CFD: 2015/06/02 12:39:35 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Games O43 - CFD: 2015/06/04 00:10:04 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\HP O43 - CFD: 2015/07/12 00:26:37 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\KoshyJohn.com O43 - CFD: 2015/10/13 23:34:30 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware O43 - CFD: 2015/06/06 22:05:47 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 2015/07/18 23:02:37 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PowerISO O43 - CFD: 2015/10/08 20:48:48 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung O43 - CFD: 2015/08/08 17:58:50 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\SketchUp 8 O43 - CFD: 2015/10/20 22:33:36 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup O43 - CFD: 2015/06/02 13:08:34 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Tadween O43 - CFD: 2015/06/02 13:21:00 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\USB Disk Security O43 - CFD: 2015/07/12 00:35:24 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\VC Soft O43 - CFD: 2015/06/02 13:30:42 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN O43 - CFD: 2015/10/02 23:22:24 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WASEL Pro VPN Service O43 - CFD: 2015/09/23 22:04:07 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Who Is On My Wifi O43 - CFD: 2015/10/07 20:39:03 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap O43 - CFD: 2015/09/04 23:33:42 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR O43 - CFD: 2015/06/02 13:07:35 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Wondershare O43 - CFD: 2015/06/05 23:25:41 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe O43 - CFD: 2015/09/21 21:42:44 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software O43 - CFD: 2015/09/18 01:39:14 - [] D -- C:\Documents and Settings\All Users\Application Data\ESET O43 - CFD: 2015/08/08 17:59:44 - [] D -- C:\Documents and Settings\All Users\Application Data\Google O43 - CFD: 2015/07/11 23:59:14 - [] D -- C:\Documents and Settings\All Users\Application Data\HP O43 - CFD: 2015/06/03 23:52:57 - [] D -- C:\Documents and Settings\All Users\Application Data\HP Photo Creations O43 - CFD: 2015/06/02 13:13:11 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM O43 - CFD: 2015/06/23 14:45:17 - [] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes O43 - CFD: 2015/06/03 23:13:01 - [0] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) O43 - CFD: 2015/06/03 22:52:11 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee O43 - CFD: 2015/07/12 00:21:45 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan O43 - CFD: 2015/06/03 23:46:58 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft O43 - CFD: 2015/06/02 13:11:21 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla O43 - CFD: 2015/10/08 20:53:10 - [] D -- C:\Documents and Settings\All Users\Application Data\Samsung O43 - CFD: 2015/06/02 12:43:26 - [] D -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage O43 - CFD: 2015/06/03 20:37:35 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare O43 - CFD: 2015/06/02 13:07:59 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare Video Editor O43 - CFD: 2015/06/02 23:11:42 - [0] D -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab O43 - CFD: 2015/06/02 13:28:44 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 2015/06/11 23:35:14 - [] D -- C:\Program Files\Common Files\Ahead O43 - CFD: 2015/06/02 12:59:59 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 2015/07/12 00:43:34 - [] D -- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 2015/06/02 12:44:21 - [] D -- C:\Program Files\Common Files\MSSoap O43 - CFD: 2015/06/11 23:38:27 - [] D -- C:\Program Files\Common Files\Nero O43 - CFD: 2015/06/02 15:29:16 - [] D -- C:\Program Files\Common Files\ODBC O43 - CFD: 2015/06/02 12:44:23 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 2006/10/08 15:38:00 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 2015/06/02 13:08:43 - [] D -- C:\Program Files\Common Files\Wondershare O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Application Data\Adobe O43 - CFD: 2015/07/18 23:14:11 - [] D -- C:\Documents and Settings\ahmed\Application Data\ArcticLine O43 - CFD: 2015/10/13 00:14:27 - [] D -- C:\Documents and Settings\ahmed\Application Data\DMCache O43 - CFD: 2015/07/17 22:11:35 - [] D -- C:\Documents and Settings\ahmed\Application Data\DownloadNinja O43 - CFD: 2015/09/18 01:47:00 - [] D -- C:\Documents and Settings\ahmed\Application Data\ESET O43 - CFD: 2015/08/08 17:59:39 - [] D -- C:\Documents and Settings\ahmed\Application Data\Google O43 - CFD: 2015/06/11 21:57:47 - [0] D -- C:\Documents and Settings\ahmed\Application Data\Help O43 - CFD: 2015/06/03 23:44:35 - [0] D -- C:\Documents and Settings\ahmed\Application Data\HpUpdate O43 - CFD: 2015/06/02 12:49:48 - [] D -- C:\Documents and Settings\ahmed\Application Data\Identities O43 - CFD: 2015/09/02 23:14:00 - [] D -- C:\Documents and Settings\ahmed\Application Data\IDM O43 - CFD: 2015/07/12 00:26:34 - [] D -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com O43 - CFD: 2015/06/04 00:10:43 - [] D -- C:\Documents and Settings\ahmed\Application Data\Macromedia O43 - CFD: 2015/09/23 22:06:14 - [] SD -- C:\Documents and Settings\ahmed\Application Data\Microsoft O43 - CFD: 2015/06/02 13:13:22 - [] D -- C:\Documents and Settings\ahmed\Application Data\Mozilla O43 - CFD: 2015/07/25 01:12:44 - [] D -- C:\Documents and Settings\ahmed\Application Data\Opera Software O43 - CFD: 2015/10/08 20:48:59 - [] D -- C:\Documents and Settings\ahmed\Application Data\Samsung O43 - CFD: 2015/06/28 20:00:05 - [] D -- C:\Documents and Settings\ahmed\Application Data\Thinstall O43 - CFD: 2015/10/21 14:25:35 - [] D -- C:\Documents and Settings\ahmed\Application Data\vlc O43 - CFD: 2015/06/02 13:05:39 - [] D -- C:\Documents and Settings\ahmed\Application Data\WinRAR O43 - CFD: 2015/06/02 23:11:42 - [] D -- C:\Documents and Settings\ahmed\Application Data\Zbshareware Lab O43 - CFD: 2015/10/21 22:09:26 - [] D -- C:\Documents and Settings\ahmed\Application Data\ZHP O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Adobe O43 - CFD: 2015/06/11 23:45:02 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Ahead O43 - CFD: 2015/06/11 22:00:47 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\ApplicationHistory O43 - CFD: 2015/06/02 13:09:00 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Arabix O43 - CFD: 2015/06/11 22:56:42 - [0] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\cdrtfe O43 - CFD: 2015/10/08 20:47:29 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Downloaded Installations O43 - CFD: 2015/09/18 01:47:00 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\ESET O43 - CFD: 2015/06/06 21:19:25 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Geckofx O43 - CFD: 2015/06/11 21:57:47 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Help O43 - CFD: 2015/06/03 23:53:16 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\HP O43 - CFD: 2015/06/28 20:00:19 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Microsoft O43 - CFD: 2015/07/26 13:05:02 - [0] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Microsoft Help O43 - CFD: 2015/06/02 13:13:13 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Mozilla O43 - CFD: 2015/07/28 21:50:45 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Opera Software O43 - CFD: 2015/07/13 01:47:23 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\PCHealth O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Temp O43 - CFD: 2015/06/28 20:00:05 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Thinstall O43 - CFD: 2015/06/02 13:08:49 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Wondershare O43 - CFD: 2015/06/11 22:50:35 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Xenocode O43 - CFD: 2015/06/02 12:49:56 - [] RD -- C:\Documents and Settings\ahmed\Start Menu\Programs\Accessories O43 - CFD: 2015/06/02 13:13:10 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\Internet Download Manager O43 - CFD: 2015/07/12 00:13:31 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\Revo Uninstaller O43 - CFD: 2015/06/02 15:28:33 - [] RD -- C:\Documents and Settings\ahmed\Start Menu\Programs\Startup O43 - CFD: 2015/09/04 23:33:41 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\WinRAR O43 - CFD: 2015/06/02 12:46:44 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories O43 - CFD: 2015/06/02 15:28:33 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup ---\\ Latest files created in Prefetcher (1) - 5s O45 - LFCP:[MD5.A6D04D3B04C561A12E87320D5A1CCF47] 2015/10/19 22:00:30 A -- C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-0B007004.pf =>.Superfluous.SpyHunter ---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll © O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\system32\cscui.dll © ---\\ ShareTools MSconfig StartupReg (13) - 2s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe © O53 - SMSR:HKLM\...\startupreg\Alcmtr [Key] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- ALCMTR.EXE (.not file.) © O53 - SMSR:HKLM\...\startupreg\AzMixerSel [Key] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe © O53 - SMSR:HKLM\...\startupreg\DWPersistentQueuedReporting [Key] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE © O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe © O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe © O53 - SMSR:HKLM\...\startupreg\igfxhkcmd [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe © O53 - SMSR:HKLM\...\startupreg\Microsoft Default Manager [Key] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe © O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE © O53 - SMSR:HKLM\...\startupreg\RTHDCPL [Key] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- RTHDCPL.EXE (.not file.) © O53 - SMSR:HKLM\...\startupreg\SkyTel [Key] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- SkyTel.EXE (.not file.) © O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe © ---\\ System Drivers List (52) - 3s O58 - SDL:2006/01/25 09:44:52 A . (.Atheros Communications, Inc. - Driver for Atheros AR5001 Wireless Network.) -- C:\WINDOWS\System32\drivers\ar5211.sys [488448] © O58 - SDL:2005/11/02 07:24:24 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS [424320] © O58 - SDL:2005/11/11 14:40:48 RA . (.CACE Technologies - npf.) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS [33664] © O58 - SDL:2005/06/21 12:32:50 A . (.Inprocomm, Inc. - Inprocomm 802.1x Supplicant.) -- C:\WINDOWS\System32\drivers\callistx.sys [28544] O58 - SDL:2010/12/20 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] © O58 - SDL:2010/12/20 14:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] © O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [799744] © O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153344] © O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [202704] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [144536] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [185176] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\System32\drivers\epfwndis.sys [48192] © O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [71888] © O58 - SDL:2010/12/20 14:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384] O58 - SDL:2006/03/23 06:47:06 RA . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\ialmnt5.sys [1166972] © O58 - SDL:2014/10/01 08:19:10 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [122848] © O58 - SDL:2015/06/18 08:41:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] © O58 - SDL:2015/06/18 08:41:46 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] © O58 - SDL:2015/10/19 22:15:56 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [98520] © O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv61xxmm.sys [5632] © O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv64xxmm.sys [5632] © O58 - SDL:2010/10/14 03:55:06 A . (.Marvell Semiconductor, Inc. - USB EWS Device Driver.) -- C:\WINDOWS\System32\drivers\mvusbews.sys [17408] © O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mvxxmm.sys [5632] © O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] © O58 - SDL:2010/06/25 19:07:14 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35088] © O58 - SDL:2010/12/20 14:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] © O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] © O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] © O58 - SDL:2006/06/28 10:25:24 R . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys [4304384] © O58 - SDL:2011/11/15 05:50:16 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\WINDOWS\System32\drivers\scdemu.sys [112096] © O58 - SDL:2010/12/20 14:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] © O58 - SDL:2013/08/21 06:31:38 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [84248] © O58 - SDL:2013/08/21 06:31:38 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [182680] © O58 - SDL:2012/06/28 09:49:48 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [26624] © O58 - SDL:2010/12/20 14:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] © O58 - SDL:2010/12/20 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] © O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9029] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4768] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27866] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33840] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424] O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560] ---\\ Last modified or created user files (1) - 6s O61 - LFC: 2015/10/19 22:00:02 A . (.Enigma Software Group USA, LLC..) -- C:\Documents and Settings\ahmed\My Documents\Downloads\Programs\SpyHunter-Installer.exe [3237248] =>.Superfluous.SpyHunter ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll © O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <OperaStable>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe © O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe © O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe © ---\\ Start Menu Internet (13) - 0s O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe © O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: <launcher.exe> <>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe © O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe © O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe © O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe © O68 - StartMenuInternet: <OperaStable> <Opera Stable>[HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe © ---\\ Search Browser Inf

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.10.19.153 By Nicolas Coolman (2015/10/19)
~ Run by ahmed (Administrator) (2015/10/21 22:09:13)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Documents and Settings\ahmed\Desktop\ZHPDiag.txt
~ Report: C:\Documents and Settings\ahmed\Application Data\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows XP, 32-bit Service Pack 3 (Build 2600)

---\\ Internet Browsers (3) - 0s
MFIE: Mozilla Firefox 40.0.3 (x86 en-US) v40.0.3
OPIE: Opera 31.0.1889.174 v31.0.1889.174
MSIE: Internet Explorer v8.0.6001.18702

---\\ Windows Product Information (3) - 0s
Windows Automatic Updates : OK
Windows Activation Technologies : KO
Windows Genuine Advantage : KO

---\\ System protection software (2) - 2s
ESET Smart Security v8.0.319.0
Malwarebytes Anti-Malware version 2.1.8.1057

---\\ System optimization software (1) - 3s
CCleaner v3.19

---\\ Surveillance software (2) - 3s
Adobe Flash Player 19 NPAPI
Adobe Reader X

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 14 Stepping 8, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 1038.384 MB (12% free)
~ System Restore: Activé (Enable)
~ System drive C: has 14 GB free of 24 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: GENIUS-PC
~ User Name: ahmed
~ Logged in as Administrator

---\\ Enumeration of the disk units (3) - 0s
~ Drive C: has 14 GB free of 24 GB (System)
~ Drive D: has 1 GB free of 31 GB
~ Drive E: has 0 GB free of 19 GB

---\\ State of the Windows Security Center (9) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (23) - 1s
[MD5.2BB75B7F548D82A099125D0C5971DE7D] - (.Microsoft Corporation - Windows Explorer.) () -- C:\WINDOWS\Explorer.exe [1033728] ©
[MD5.037B1E7798960E0420003D05BB577EE6] - (.Microsoft Corporation - Run a DLL as an App.) () -- C:\WINDOWS\System32\rundll32.exe [33280] ©
[MD5.9357C4249F4810FB0E49C13387A8A77C] - (.Microsoft Corporation - Internet Extensions for Win32.) () -- C:\WINDOWS\System32\wininet.dll [919552] ©
[MD5.53A8857723277B1D6D5EE60A9F85B117] - (.Microsoft Corporation - Windows NT Logon Application.) () -- C:\WINDOWS\System32\Winlogon.exe [509440] ©
[MD5.64AA11D53A4A84CDF43370D7036517C3] - (.Microsoft Corporation - DNS Client API DLL.) () -- C:\WINDOWS\System32\dnsapi.dll [149504] ©
[MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) () -- C:\WINDOWS\System32\drivers\AFD.sys [138496] ©
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) () -- C:\WINDOWS\System32\drivers\atapi.sys [96512] ©
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) () -- C:\WINDOWS\System32\drivers\Cdfs.sys [63744] ©
[MD5.4B0A100EAF5C49EF3CCA8C641431EACC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) () -- C:\WINDOWS\System32\drivers\Cdrom.sys [62976] ©
[MD5.D45926117EB9FA946A6AF572FBE1CAA3] - (.Microsoft Corporation - FIPS Crypto Driver.) () -- C:\WINDOWS\System32\drivers\Fips.sys [44544] ©
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) () -- C:\WINDOWS\System32\drivers\HDAudBus.sys [144384]
[MD5.4A0B06AA8943C1E332520F7440C0AA30] - (.Microsoft Corporation - i8042 Port Driver.) () -- C:\WINDOWS\System32\drivers\i8042prt.sys [52480] ©
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) () -- C:\WINDOWS\System32\drivers\Imapi.sys [42112] ©
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) () -- C:\WINDOWS\System32\drivers\IpNat.sys [152832] ©
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) () -- C:\WINDOWS\System32\drivers\IPSec.sys [75264] ©
[MD5.0AF15A971F120246C9EEF2C46E290539] - (.Microsoft Corporation - Windows NT SMB Minirdr.) () -- C:\WINDOWS\System32\drivers\MRxSmb.sys [457216] ©
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) () -- C:\WINDOWS\System32\drivers\netBT.sys [162816] ©
[MD5.AE8CAD8F28DB13B515A68510A539B0B8] - (.Microsoft Corporation - NT File System Driver.) () -- C:\WINDOWS\System32\drivers\ntfs.sys [576512] ©
[MD5.5575FAF8F97CE5E713D108C2A58D7C7C] - (.Microsoft Corporation - Parallel Port Driver.) () -- C:\WINDOWS\System32\drivers\Parport.sys [80128] ©
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) () -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [51328] ©
[MD5.47EA20320E3D6FDC7B7BB22B2B881CA6] - (.Microsoft Corporation - Microsoft RDP Device redirector.) () -- C:\WINDOWS\System32\drivers\rdpdr.sys [195712] ©
[MD5.F828DD7E1419B6653894A8F97A0094C5] - (.Microsoft Corporation - Redbook Audio Filter Driver.) () -- C:\WINDOWS\System32\drivers\redbook.sys [57600] ©
[MD5.4C8FCB5CC53AAB716D810740FE59D025] - (.Microsoft Corporation - Volume Shadow Copy Driver.) () -- C:\WINDOWS\System32\drivers\volsnap.sys [52352] ©

---\\ Process running (15) - 1s
[MD5.61E71BC3CD3530444000A9B68F7EE931] - (...) -- C:\WINDOWS\system32\WLTRYSVC.EXE [18944] [PID.772]
[MD5.9A0CE1DB25F1CDD3ED11236884800538] - (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\BCMWLTRY.EXE [1093632] [PID.800] ©
[MD5.0F32048BF3EA2A85FE3AC48E8E7B7C85] - (.ESET - ESET Service.) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1353720] [PID.1024] ©
[MD5.388144E78383D57744398C07A5C007F1] - (.HP - HP Smart-Install Service.) -- C:\WINDOWS\system32\HPSIsvc.exe [99896] [PID.1052] ©
[MD5.54F1F98C4AD8F99BBBE8FBB62B38733F] - (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe [94208] [PID.2088] ©
[MD5.32FB9368F485A7FE944EB6678B61734B] - (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe [118784] [PID.2096] ©
[MD5.F11C343318DA14137669AE14ADE27DF1] - (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\WLTRAY.EXE [1236992] [PID.2108] ©
[MD5.C15D502F788763303CA9EDE20271DF9C] - (.مركز طيبة بإشراف أحمد سليلو - برنامج الحماية من فيروسات الفلاشات والأوتور.) -- C:\Program Files\USB Disk Security\USBGuard.exe [1085440] [PID.2132]
[MD5.4EE76D4CB055E8EC281177771345E8B3] - (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE [312376] [PID.2152] ©
[MD5.8FDABAC05324CD63B8A33AB1F410A473] - (.ESET - ESET Main GUI.) -- C:\Program Files\ESET\ESET Smart Security\egui.exe [5089480] [PID.2188] ©
[MD5.35EB9CEEEB0FEB77CA061B8869A42B92] - (.WASEL Pro VPN Service - WASEL Pro.) -- C:\Program Files\WASEL Pro VPN Service\WASEL Pro\wasel_pro.exe [1916856] [PID.2196]
[MD5.05299546F243159CB8A42906ACB219A8] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [377000] [PID.1940] ©
[MD5.A3E33718D1090A1587AC069597EC4FA6] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3907152] [PID.3456] ©
[MD5.BD95E822E7A958BBCA842D078426A151] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [269848] [PID.3556] ©
[MD5.D0066FBB3BA6C522B6185D0A1E3AF0E8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\ahmed\My Documents\Downloads\Programs\ZHPDiag3.exe [1958400] [PID.3716] ©

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (22) - 3s
M0 - MFSP: prefs.js [ahmed - ftweeuuw.default] http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQeV9dAwlARxgTJQsITA1AEQAOeF0KVhQTQAdAIQ9dBwlCEg0FIk0FA18DB0VXfWFoKB8fHHNKLE1dE2sUUkBPNEo= =>PUP.Optional.Browser
P2 - EXT: (.Coupons, Inc. - Coupons, Inc. Coupon Printer DLL.) -- C:\Program Files\Mozilla Firefox\Plugins\npCouponPrinter.dll
P2 - EXT: (.Coupons, Inc. - Coupons, Inc. Coupon Printer Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npMozCouponPrinter.dll
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\adblockpopups@jessehakanen.net.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\client@anonymox.net.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\firefox@mega.co.nz.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\firefox@zenmate.com.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-rs90nxQtPi3Asg@jetpack.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\killjasmin@pierros14.com.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\popuplogout@iniqua.com.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a2}.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\searchplugins\default.xml
P2 - EXT FILE: (...) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\searchplugins\google-avast.xml
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - EXT: (.Zapyo - Zapyo.) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\jid1-AlAaAeISf3xDHw@jetpack
P2 - EXT: (.V@no - Cookies Manager+.) -- C:\Documents and Settings\ahmed\Application Data\Mozilla\Firefox\Profiles\ftweeuuw.default\extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_185.dll ©

---\\ Opera, Plugins,Start,Search (1) - 0s
B2 - EXT: [{background:{scripts:[background.js]}content_scrip] C:\Documents and Settings\ahmed\Application Data\Opera Software\Opera Stable\Extensions\hcpmfcmlnoogcdfecehmddfjkpgkacah

---\\ Internet Explorer Extensions, Start, Search (9) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 1s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

---\\ Hosts file redirection (1) - 0s
~ Le fichier hôte est sain (The hosts file is clean) (19)

---\\ Browser Helper Object (BHO) (4) - 0s
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll ©
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll ©
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll ©
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll ©

---\\ Auto loading programs from Registry and folders (18) - 0s
O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe ©
O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe ©
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Wireless Ne.) -- C:\WINDOWS\system32\WLTRAY.EXE ©
O4 - HKLM\..\Run: [USB Security] . (.مركز طيبة بإشراف أحمد سليلو - برنامج الحماية من فيروسات الفلاشات والأوتور.) -- C:\Program Files\USB Disk Security\USBGuard.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKCU\..\Run: [Memory Cleaner] . (.KoshyJohn.com - MemoryCleaner.) -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com\MemClean\MemClean.exe
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ©
O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [Memory Cleaner] . (.KoshyJohn.com - MemoryCleaner.) -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com\MemClean\MemClean.exe
O4 - HKUS\S-1-5-21-1801674531-2025429265-1177238915-1002\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©

---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 62.240.32.5 62.68.42.2

---\\ Extra protocols (25) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll ©
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll ©
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll ©
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll ©
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\system32\msvidctl.dll ©
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll ©
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll ©
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll ©
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll ©
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll ©
O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll ©
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll ©

---\\ Non Microsoft non disabled Windows Services (4) - 1s
O23 - Service: ESET Service (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe ©
O23 - Service: HP SI Service (HPSIService) . (.HP - HP Smart-Install Service.) - C:\WINDOWS\system32\HPSIsvc.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) . (...) - C:\WINDOWS\system32\WLTRYSVC.EXE

---\\ Software installed (115) - 11s
O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI ©
O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11b Network Adapter ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner ©
O42 - Logiciel: Folder Marker Free - (.ArcticLine Software.) [HKLM] -- Folder Marker Free_is1
O42 - Logiciel: Folder Marker Pro - (.ArcticLine Software.) [HKLM] -- Folder Marker Pro_is1
O42 - Logiciel: HP LaserJet Professional P1100-P1560-P1600 Series - (...) [HKLM] -- HP LaserJet Professional P1100-P1560-P1600 Series
O42 - Logiciel: HP Photo Creations - (.HP Photo Creations Powered by RocketLife.) [HKLM] -- HP Photo Creations ©
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7} ©
O42 - Logiciel: Internet Download Manager - (...) [HKLM] -- Internet Download Manager
O42 - Logiciel: Security Update for Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802 ©
O42 - Logiciel: Security Update for Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632 ©
O42 - Logiciel: Security Update for Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960 ©
O42 - Logiciel: Security Update for Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971 ©
O42 - Logiciel: Security Update for Windows XP (KB2479943) - (.Microsoft Corporation.) [HKLM] -- KB2479943 ©
O42 - Logiciel: Security Update for Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185 ©
O42 - Logiciel: Security Update for Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663 ©
O42 - Logiciel: Security Update for Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212 ©
O42 - Logiciel: Security Update for Windows XP (KB2507938) - (.Microsoft Corporation.) [HKLM] -- KB2507938 ©
O42 - Logiciel: Security Update for Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429 ©
O42 - Logiciel: Security Update for Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553 ©
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2510531) - (.Microsoft Corporation.) [HKLM] -- KB2510531-IE8 ©
O42 - Logiciel: Security Update for Windows XP (KB2535512) - (.Microsoft Corporation.) [HKLM] -- KB2535512 ©
O42 - Logiciel: Security Update for Windows XP (KB2544893-v2) - (.Microsoft Corporation.) [HKLM] -- KB2544893-v2 ©
O42 - Logiciel: Security Update for Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454 ©
O42 - Logiciel: Security Update for Windows XP (KB2570947) - (.Microsoft Corporation.) [HKLM] -- KB2570947 ©
O42 - Logiciel: Security Update for Windows XP (KB2584146) - (.Microsoft Corporation.) [HKLM] -- KB2584146 ©
O42 - Logiciel: Security Update for Windows XP (KB2585542) - (.Microsoft Corporation.) [HKLM] -- KB2585542 ©
O42 - Logiciel: Security Update for Windows XP (KB2592799) - (.Microsoft Corporation.) [HKLM] -- KB2592799 ©
O42 - Logiciel: Security Update for Windows XP (KB2598479) - (.Microsoft Corporation.) [HKLM] -- KB2598479 ©
O42 - Logiciel: Security Update for Windows XP (KB2603381) - (.Microsoft Corporation.) [HKLM] -- KB2603381 ©
O42 - Logiciel: Security Update for Windows XP (KB2631813) - (.Microsoft Corporation.) [HKLM] -- KB2631813 ©
O42 - Logiciel: Security Update for Windows XP (KB2653956) - (.Microsoft Corporation.) [HKLM] -- KB2653956 ©
O42 - Logiciel: Security Update for Windows XP (KB2655992) - (.Microsoft Corporation.) [HKLM] -- KB2655992 ©
O42 - Logiciel: Security Update for Windows XP (KB2659262) - (.Microsoft Corporation.) [HKLM] -- KB2659262 ©
O42 - Logiciel: Security Update for Windows XP (KB2661637) - (.Microsoft Corporation.) [HKLM] -- KB2661637 ©
O42 - Logiciel: Security Update for Windows XP (KB2676562) - (.Microsoft Corporation.) [HKLM] -- KB2676562 ©
O42 - Logiciel: Security Update for Windows XP (KB2686509) - (.Microsoft Corporation.) [HKLM] -- KB2686509 ©
O42 - Logiciel: Security Update for Windows XP (KB2698365) - (.Microsoft Corporation.) [HKLM] -- KB2698365 ©
O42 - Logiciel: Security Update for Windows XP (KB2712808) - (.Microsoft Corporation.) [HKLM] -- KB2712808 ©
O42 - Logiciel: Security Update for Windows XP (KB2719985) - (.Microsoft Corporation.) [HKLM] -- KB2719985 ©
O42 - Logiciel: Security Update for Windows XP (KB2723135-v2) - (.Microsoft Corporation.) [HKLM] -- KB2723135-v2 ©
O42 - Logiciel: Update for Windows XP (KB2749655) - (.Microsoft Corporation.) [HKLM] -- KB2749655 ©
O42 - Logiciel: Security Update for Windows XP (KB2770660) - (.Microsoft Corporation.) [HKLM] -- KB2770660 ©
O42 - Logiciel: Security Update for Windows XP (KB2780091) - (.Microsoft Corporation.) [HKLM] -- KB2780091 ©
O42 - Logiciel: Security Update for Windows XP (KB2802968) - (.Microsoft Corporation.) [HKLM] -- KB2802968 ©
O42 - Logiciel: Security Update for Windows XP (KB2807986) - (.Microsoft Corporation.) [HKLM] -- KB2807986 ©
O42 - Logiciel: Update for Windows XP (KB2813347-v2) - (.Microsoft Corporation.) [HKLM] -- KB2813347-v2 ©
O42 - Logiciel: Security Update for Windows XP (KB2820917) - (.Microsoft Corporation.) [HKLM] -- KB2820917 ©
O42 - Logiciel: Security Update for Windows XP (KB2834886) - (.Microsoft Corporation.) [HKLM] -- KB2834886 ©
O42 - Logiciel: Security Update for Windows Media Player (KB2834904-v2) - (.Microsoft Corporation.) [HKLM] -- KB2834904-v2_WM11 ©
O42 - Logiciel: Security Update for Windows XP (KB2847311) - (.Microsoft Corporation.) [HKLM] -- KB2847311 ©
O42 - Logiciel: Security Update for Windows XP (KB2859537) - (.Microsoft Corporation.) [HKLM] -- KB2859537 ©
O42 - Logiciel: Security Update for Windows XP (KB2862152) - (.Microsoft Corporation.) [HKLM] -- KB2862152 ©
O42 - Logiciel: Security Update for Windows XP (KB2862330) - (.Microsoft Corporation.) [HKLM] -- KB2862330 ©
O42 - Logiciel: Security Update for Windows XP (KB2862335) - (.Microsoft Corporation.) [HKLM] -- KB2862335 ©
O42 - Logiciel: Security Update for Windows XP (KB2864063) - (.Microsoft Corporation.) [HKLM] -- KB2864063 ©
O42 - Logiciel: Security Update for Windows XP (KB2868626) - (.Microsoft Corporation.) [HKLM] -- KB2868626 ©
O42 - Logiciel: Security Update for Windows XP (KB2876217) - (.Microsoft Corporation.) [HKLM] -- KB2876217 ©
O42 - Logiciel: Security Update for Windows XP (KB2876331) - (.Microsoft Corporation.) [HKLM] -- KB2876331 ©
O42 - Logiciel: Security Update for Windows XP (KB2892075) - (.Microsoft Corporation.) [HKLM] -- KB2892075 ©
O42 - Logiciel: Security Update for Windows XP (KB2893294) - (.Microsoft Corporation.) [HKLM] -- KB2893294 ©
O42 - Logiciel: Security Update for Windows XP (KB2898715) - (.Microsoft Corporation.) [HKLM] -- KB2898715 ©
O42 - Logiciel: Security Update for Windows XP (KB2900986) - (.Microsoft Corporation.) [HKLM] -- KB2900986 ©
O42 - Logiciel: Update for Windows XP (KB2904266) - (.Microsoft Corporation.) [HKLM] -- KB2904266 ©
O42 - Logiciel: Security Update for Windows Internet Explorer 8 (KB2909210) - (.Microsoft Corporation.) [HKLM] -- KB2909210-IE8 ©
O42 - Logiciel: Security Update for Windows XP (KB2914368) - (.Microsoft Corporation.) [HKLM] -- KB2914368 ©
O42 - Logiciel: Security Update for Windows XP (KB2916036) - (.Microsoft Corporation.) [HKLM] -- KB2916036 ©
O42 - Logiciel: Security Update for Windows XP (KB2922229) - (.Microsoft Corporation.) [HKLM] -- KB2922229 ©
O42 - Logiciel: Security Update for Windows XP (KB2929961) - (.Microsoft Corporation.) [HKLM] -- KB2929961 ©
O42 - Logiciel: Security Update for Windows XP (KB2930275) - (.Microsoft Corporation.) [HKLM] -- KB2930275 ©
O42 - Logiciel: Update for Windows XP (KB2934207) - (.Microsoft Corporation.) [HKLM] -- KB2934207 ©
O42 - Logiciel: Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray - (.Microsoft Corporation.) [HKLM] -- KB952011 ©
O42 - Logiciel: Malwarebytes Anti-Malware version 2.1.8.1057 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Memory Cleaner 2.00 - (.KoshyJohn.com.) [HKLM] -- MemClean
O42 - Logiciel: Microsoft Report Viewer Redistributable 2005 - (.Microsoft Corporation.) [HKLM] -- Microsoft Report Viewer Redistributable 2005 ©
O42 - Logiciel: Mozilla Firefox 40.0.3 (x86 en-US) - (.Mozilla.) [HKLM] -- Mozilla Firefox 40.0.3 (x86 en-US) ©
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService ©
O42 - Logiciel: Opera Stable 31.0.1889.174 - (.Opera Software.) [HKLM] -- Opera 31.0.1889.174 ©
O42 - Logiciel: PowerISO - (.Power Software Ltd.) [HKLM] -- PowerISO ©
O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller ©
O42 - Logiciel: Macromedia Flash Player 8 - (.Macromedia.) [HKLM] -- ShockwaveFlash ©
O42 - Logiciel: USB Disk Security - (.Zbshareware Lab.) [HKLM] -- USB Disk Security_is1
O42 - Logiciel: VC RamCleaner 1.10 Build 039 - (.VC Computer Services.) [HKLM] -- VC RamCleaner_is1
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player ©
O42 - Logiciel: WASEL Pro - (.WASEL Pro VPN Service.) [HKLM] -- WASEL Pro
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 - (.Microsoft Corporation.) [HKLM] -- Wdf01007 ©
O42 - Logiciel: Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 - (.Microsoft Corporation.) [HKLM] -- Wdf01009 ©
O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM] -- WinPcapInst ©
O42 - Logiciel: WinRAR 5.21 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver ©
O42 - Logiciel: Microsoft WinUsb 1.0 - (.Microsoft Corporation.) [HKLM] -- winusb0100 ©
O42 - Logiciel: Wondershare Video Editor(Build 5.1.0) - (.Wondershare Software.) [HKLM] -- Wondershare Video Editor_is1 ©
O42 - Logiciel: Who Is On My Wifi version 2.1.1 - (.IO3O LLC.) [HKLM] -- {010D45A1-093D-4534-8147-4E10E80F81CC}_is1
O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2} ©
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB2758694) - (.Microsoft Corporation.) [HKLM] -- {1D95BA90-F4F8-47EC-A882-441C99D30C1E} ©
O42 - Logiciel: HP Deskjet 1050 J410 series Basic Device Software - (.Hewlett-Packard Co..) [HKLM] -- {226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD} ©
O42 - Logiciel: HP Deskjet 1050 J410 series Help - (.Hewlett Packard.) [HKLM] -- {5C90D8CF-F12A-41C6-9007-3B651A1F0D78} ©
O42 - Logiciel: Bing Rewards Client Installer - (.Microsoft Corporation.) [HKLM] -- {61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17} ©
O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM] -- {623B8278-8CAD-45C1-B844-58B687C07805} ©
O42 - Logiciel: Windows Rights Management Client with Service Pack 2 - (.Microsoft.) [HKLM] -- {62BFB4C2-8C4E-4D91-BD7D-81C06EAAC3C0} ©
O42 - Logiciel: HP Deskjet 1050 J410 series Product Improvement Study - (.Hewlett-Packard Co..) [HKLM] -- {7414C891-720D-4E86-85E5-C3AA898DA9EC} ©
O42 - Logiciel: SketchUp 8 - (.Trimble Navigation Limited.) [HKLM] -- {779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}
O42 - Logiciel: Tadween 1.0.0 beta - (.Mohammad Hejazi.) [HKLM] -- {7C17B5E1-C81C-4668-AD90-50CCCDBA0BBE}_is1
O42 - Logiciel: MSXML 4.0 SP3 Parser (KB973685) - (.Microsoft Corporation.) [HKLM] -- {859DFA95-E4A6-48CD-B88E-A3E483E89B44} ©
O42 - Logiciel: Samsung Kies3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {88547073-C566-4895-9005-EBE98EA3F7C7} ©
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} ©
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (...) [HKLM] -- {8A708DD8-A5E6-11D4-A706-000629E95E20}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {928B06E4-DDAA-476A-926A-641620326327} ©
O42 - Logiciel: Folder Colorizer version 1.1.0 - (.Softorino.) [HKLM] -- {A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1 ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824147215} ©
O42 - Logiciel: Adobe Reader X (10.1.2) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001} ©
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE} ©
O42 - Logiciel: SAMSUNG USB Driver for Mobile Phones - (.SAMSUNG Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} ©
O42 - Logiciel: Atheros Wireless LAN - (...) [HKLM] -- {D70DE630-0D13-4394-A15B-5ACE6CF2A18D}
O42 - Logiciel: Windows Rights Management Client Backwards Compatibility SP2 - (.Microsoft.) [HKLM] -- {EC905264-BCFE-423B-9C42-C3A106266790} ©
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} ©

---\\ HKCU & HKLM Software Keys (85) - 11s
HKLM\SOFTWARE\acer
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\Ahead
HKLM\SOFTWARE\ArcticLine
HKLM\SOFTWARE\Atheros
HKLM\SOFTWARE\Broadcom
HKLM\SOFTWARE\C07ft5Y
HKLM\SOFTWARE\Cygnus Solutions
HKLM\SOFTWARE\ESET
HKLM\SOFTWARE\Gemplus
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\Hewlett-Packard
HKLM\SOFTWARE\HewlettPackard
HKLM\SOFTWARE\HP
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\Internet Download Manager
HKLM\SOFTWARE\KoshyJohn.com
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes Anti-Rootkit
HKLM\SOFTWARE\Marvell
HKLM\SOFTWARE\McAfee.com
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\NVIDIA Corporation
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\PowerISO
HKLM\SOFTWARE\Program Groups
HKLM\SOFTWARE\Realtek
HKLM\SOFTWARE\Realtek Semiconductor Corp.
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\RocketLife
HKLM\SOFTWARE\SAMSUNG
HKLM\SOFTWARE\Schlumberger
HKLM\SOFTWARE\Secure
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Visan
HKLM\SOFTWARE\Windows 3.1 Migration Status
HKLM\SOFTWARE\WinPcap
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wondershare
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Ahead
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ArcticLine
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Broadcom
HKCU\SOFTWARE\Bugsplat
HKCU\SOFTWARE\Chromium
HKCU\SOFTWARE\Cygnus Solutions
HKCU\SOFTWARE\DownloadAstro
HKCU\SOFTWARE\DownloadManager
HKCU\SOFTWARE\ESET
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Hewlett-Packard
HKCU\SOFTWARE\HP
HKCU\SOFTWARE\Intel
HKCU\SOFTWARE\JEDI-VCL
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Marvell
HKCU\SOFTWARE\Mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\PowerISO
HKCU\SOFTWARE\Realtek
HKCU\SOFTWARE\Samsung
HKCU\SOFTWARE\Sysinternals
HKCU\SOFTWARE\techPowerUp
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\Visan
HKCU\SOFTWARE\VSRevoGroup
HKCU\SOFTWARE\WASEL Pro VPN Service
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Wondershare
HKCU\SOFTWARE\Xenocode
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Contents of the Common Files folders (150) - 12s
O43 - CFD: 2015/06/02 13:24:57 - [] D -- C:\Program Files\25_escape
O43 - CFD: 2015/06/02 13:28:35 - [] D -- C:\Program Files\Adobe
O43 - CFD: 2015/07/12 00:14:58 - [0] D -- C:\Program Files\Ahead
O43 - CFD: 2015/06/02 13:01:29 - [] D -- C:\Program Files\Atheros
O43 - CFD: 2015/06/02 13:00:16 - [] D -- C:\Program Files\Broadcom
O43 - CFD: 2015/07/12 00:12:21 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 2015/07/25 00:09:49 - [] D -- C:\Program Files\Common Files
O43 - CFD: 2015/06/02 12:40:50 - [0] D -- C:\Program Files\ComPlus Applications
O43 - CFD: 2015/09/18 01:39:14 - [] D -- C:\Program Files\ESET
O43 - CFD: 2015/07/13 02:47:20 - [] D -- C:\Program Files\Folder Colorizer
O43 - CFD: 2015/07/18 23:37:58 - [] D -- C:\Program Files\Folder Marker
O43 - CFD: 2015/08/08 17:58:26 - [] D -- C:\Program Files\Google
O43 - CFD: 2015/06/04 00:09:00 - [] D -- C:\Program Files\HP
O43 - CFD: 2015/06/03 23:45:51 - [] D -- C:\Program Files\HP Photo Creations
O43 - CFD: 2015/10/08 20:48:37 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 2015/06/02 12:52:28 - [] D -- C:\Program Files\Intel
O43 - CFD: 2015/06/02 13:13:02 - [] D -- C:\Program Files\Internet Download Manager
O43 - CFD: 2006/10/08 15:38:54 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 2015/09/23 22:04:05 - [] D -- C:\Program Files\IO3O LLC
O43 - CFD: 2015/10/13 23:34:27 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/03 23:46:55 - [] D -- C:\Program Files\Microsoft
O43 - CFD: 2015/06/09 22:53:01 - [] D -- C:\Program Files\Microsoft Silverlight
O43 - CFD: 2015/06/06 20:58:31 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 2006/10/08 15:39:34 - [] D -- C:\Program Files\Movie Maker
O43 - CFD: 2015/09/02 21:58:34 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 2015/09/02 21:58:34 - [] D -- C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 2015/06/03 23:46:35 - [] D -- C:\Program Files\MSN Toolbar
O43 - CFD: 2015/06/02 12:35:40 - [] D -- C:\Program Files\MSXML 4.0
O43 - CFD: 2015/06/02 12:44:24 - [] D -- C:\Program Files\NetMeeting
O43 - CFD: 2015/07/18 19:34:33 - [0] D -- C:\Program Files\Ninja Download Manager
O43 - CFD: 2015/06/02 12:44:53 - [] D -- C:\Program Files\Online Services
O43 - CFD: 2015/10/21 21:56:28 - [] D -- C:\Program Files\Opera
O43 - CFD: 2015/06/02 12:44:21 - [] D -- C:\Program Files\Outlook Express
O43 - CFD: 2015/07/18 23:02:35 - [] D -- C:\Program Files\PowerISO
O43 - CFD: 2015/06/02 12:57:46 - [] D -- C:\Program Files\Realtek
O43 - CFD: 2015/10/08 20:47:53 - [] D -- C:\Program Files\SAMSUNG
O43 - CFD: 2015/06/02 12:38:47 - [] D -- C:\Program Files\System
O43 - CFD: 2015/06/02 13:08:34 - [] D -- C:\Program Files\Tadween
O43 - CFD: 2015/06/02 12:49:45 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 2015/06/02 23:12:02 - [] D -- C:\Program Files\USB Disk Security
O43 - CFD: 2015/07/12 00:35:24 - [] D -- C:\Program Files\VC RamCleaner
O43 - CFD: 2015/07/12 00:13:30 - [] D -- C:\Program Files\VS Revo Group
O43 - CFD: 2015/10/02 23:21:45 - [] D -- C:\Program Files\WASEL Pro VPN Service
O43 - CFD: 2015/06/02 12:44:39 - [] D -- C:\Program Files\Windows Media Connect 2
O43 - CFD: 2006/10/08 15:40:41 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 2015/06/02 12:34:19 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 2015/06/02 12:44:58 - [0] HD -- C:\Program Files\WindowsUpdate
O43 - CFD: 2015/10/07 20:39:04 - [] D -- C:\Program Files\WinPcap
O43 - CFD: 2015/09/04 23:33:33 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 2015/06/02 13:07:09 - [] D -- C:\Program Files\Wondershare
O43 - CFD: 2015/06/03 23:43:14 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/02 12:46:44 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Administrative Tools
O43 - CFD: 2015/06/02 13:00:39 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Broadcom Wireless
O43 - CFD: 2015/07/12 00:02:46 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
O43 - CFD: 2015/09/18 01:39:15 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\ESET
O43 - CFD: 2015/07/13 02:47:19 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Folder Colorizer
O43 - CFD: 2015/07/18 23:37:58 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Folder Marker
O43 - CFD: 2015/06/02 12:39:35 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Games
O43 - CFD: 2015/06/04 00:10:04 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\HP
O43 - CFD: 2015/07/12 00:26:37 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\KoshyJohn.com
O43 - CFD: 2015/10/13 23:34:30 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 2015/06/06 22:05:47 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Silverlight
O43 - CFD: 2015/07/18 23:02:37 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\PowerISO
O43 - CFD: 2015/10/08 20:48:48 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Samsung
O43 - CFD: 2015/08/08 17:58:50 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\SketchUp 8
O43 - CFD: 2015/10/20 22:33:36 - [] RD -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup
O43 - CFD: 2015/06/02 13:08:34 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Tadween
O43 - CFD: 2015/06/02 13:21:00 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\USB Disk Security
O43 - CFD: 2015/07/12 00:35:24 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\VC Soft
O43 - CFD: 2015/06/02 13:30:42 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
O43 - CFD: 2015/10/02 23:22:24 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WASEL Pro VPN Service
O43 - CFD: 2015/09/23 22:04:07 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Who Is On My Wifi
O43 - CFD: 2015/10/07 20:39:03 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinPcap
O43 - CFD: 2015/09/04 23:33:42 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\WinRAR
O43 - CFD: 2015/06/02 13:07:35 - [] D -- C:\Documents and Settings\All Users\Start Menu\Programs\Wondershare
O43 - CFD: 2015/06/05 23:25:41 - [] D -- C:\Documents and Settings\All Users\Application Data\Adobe
O43 - CFD: 2015/09/21 21:42:44 - [] D -- C:\Documents and Settings\All Users\Application Data\AVAST Software
O43 - CFD: 2015/09/18 01:39:14 - [] D -- C:\Documents and Settings\All Users\Application Data\ESET
O43 - CFD: 2015/08/08 17:59:44 - [] D -- C:\Documents and Settings\All Users\Application Data\Google
O43 - CFD: 2015/07/11 23:59:14 - [] D -- C:\Documents and Settings\All Users\Application Data\HP
O43 - CFD: 2015/06/03 23:52:57 - [] D -- C:\Documents and Settings\All Users\Application Data\HP Photo Creations
O43 - CFD: 2015/06/02 13:13:11 - [0] D -- C:\Documents and Settings\All Users\Application Data\IDM
O43 - CFD: 2015/06/23 14:45:17 - [] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
O43 - CFD: 2015/06/03 23:13:01 - [0] D -- C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)
O43 - CFD: 2015/06/03 22:52:11 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee
O43 - CFD: 2015/07/12 00:21:45 - [] D -- C:\Documents and Settings\All Users\Application Data\McAfee Security Scan
O43 - CFD: 2015/06/03 23:46:58 - [] SD -- C:\Documents and Settings\All Users\Application Data\Microsoft
O43 - CFD: 2015/06/02 13:11:21 - [] D -- C:\Documents and Settings\All Users\Application Data\Mozilla
O43 - CFD: 2015/10/08 20:53:10 - [] D -- C:\Documents and Settings\All Users\Application Data\Samsung
O43 - CFD: 2015/06/02 12:43:26 - [] D -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
O43 - CFD: 2015/06/03 20:37:35 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare
O43 - CFD: 2015/06/02 13:07:59 - [] D -- C:\Documents and Settings\All Users\Application Data\Wondershare Video Editor
O43 - CFD: 2015/06/02 23:11:42 - [0] D -- C:\Documents and Settings\All Users\Application Data\Zbshareware Lab
O43 - CFD: 2015/06/02 13:28:44 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 2015/06/11 23:35:14 - [] D -- C:\Program Files\Common Files\Ahead
O43 - CFD: 2015/06/02 12:59:59 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2015/07/12 00:43:34 - [] D -- C:\Program Files\Common Files\Microsoft Shared
O43 - CFD: 2015/06/02 12:44:21 - [] D -- C:\Program Files\Common Files\MSSoap
O43 - CFD: 2015/06/11 23:38:27 - [] D -- C:\Program Files\Common Files\Nero
O43 - CFD: 2015/06/02 15:29:16 - [] D -- C:\Program Files\Common Files\ODBC
O43 - CFD: 2015/06/02 12:44:23 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 2006/10/08 15:38:00 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 2015/06/02 13:08:43 - [] D -- C:\Program Files\Common Files\Wondershare
O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Application Data\Adobe
O43 - CFD: 2015/07/18 23:14:11 - [] D -- C:\Documents and Settings\ahmed\Application Data\ArcticLine
O43 - CFD: 2015/10/13 00:14:27 - [] D -- C:\Documents and Settings\ahmed\Application Data\DMCache
O43 - CFD: 2015/07/17 22:11:35 - [] D -- C:\Documents and Settings\ahmed\Application Data\DownloadNinja
O43 - CFD: 2015/09/18 01:47:00 - [] D -- C:\Documents and Settings\ahmed\Application Data\ESET
O43 - CFD: 2015/08/08 17:59:39 - [] D -- C:\Documents and Settings\ahmed\Application Data\Google
O43 - CFD: 2015/06/11 21:57:47 - [0] D -- C:\Documents and Settings\ahmed\Application Data\Help
O43 - CFD: 2015/06/03 23:44:35 - [0] D -- C:\Documents and Settings\ahmed\Application Data\HpUpdate
O43 - CFD: 2015/06/02 12:49:48 - [] D -- C:\Documents and Settings\ahmed\Application Data\Identities
O43 - CFD: 2015/09/02 23:14:00 - [] D -- C:\Documents and Settings\ahmed\Application Data\IDM
O43 - CFD: 2015/07/12 00:26:34 - [] D -- C:\Documents and Settings\ahmed\Application Data\KoshyJohn.com
O43 - CFD: 2015/06/04 00:10:43 - [] D -- C:\Documents and Settings\ahmed\Application Data\Macromedia
O43 - CFD: 2015/09/23 22:06:14 - [] SD -- C:\Documents and Settings\ahmed\Application Data\Microsoft
O43 - CFD: 2015/06/02 13:13:22 - [] D -- C:\Documents and Settings\ahmed\Application Data\Mozilla
O43 - CFD: 2015/07/25 01:12:44 - [] D -- C:\Documents and Settings\ahmed\Application Data\Opera Software
O43 - CFD: 2015/10/08 20:48:59 - [] D -- C:\Documents and Settings\ahmed\Application Data\Samsung
O43 - CFD: 2015/06/28 20:00:05 - [] D -- C:\Documents and Settings\ahmed\Application Data\Thinstall
O43 - CFD: 2015/10/21 14:25:35 - [] D -- C:\Documents and Settings\ahmed\Application Data\vlc
O43 - CFD: 2015/06/02 13:05:39 - [] D -- C:\Documents and Settings\ahmed\Application Data\WinRAR
O43 - CFD: 2015/06/02 23:11:42 - [] D -- C:\Documents and Settings\ahmed\Application Data\Zbshareware Lab
O43 - CFD: 2015/10/21 22:09:26 - [] D -- C:\Documents and Settings\ahmed\Application Data\ZHP
O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Adobe
O43 - CFD: 2015/06/11 23:45:02 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Ahead
O43 - CFD: 2015/06/11 22:00:47 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\ApplicationHistory
O43 - CFD: 2015/06/02 13:09:00 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Arabix
O43 - CFD: 2015/06/11 22:56:42 - [0] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\cdrtfe
O43 - CFD: 2015/10/08 20:47:29 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Downloaded Installations
O43 - CFD: 2015/09/18 01:47:00 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\ESET
O43 - CFD: 2015/06/06 21:19:25 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Geckofx
O43 - CFD: 2015/06/11 21:57:47 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Help
O43 - CFD: 2015/06/03 23:53:16 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\HP
O43 - CFD: 2015/06/28 20:00:19 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Microsoft
O43 - CFD: 2015/07/26 13:05:02 - [0] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Microsoft Help
O43 - CFD: 2015/06/02 13:13:13 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Mozilla
O43 - CFD: 2015/07/28 21:50:45 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Opera Software
O43 - CFD: 2015/07/13 01:47:23 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\PCHealth
O43 - CFD: 2015/06/03 23:54:51 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Temp
O43 - CFD: 2015/06/28 20:00:05 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Thinstall
O43 - CFD: 2015/06/02 13:08:49 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Wondershare
O43 - CFD: 2015/06/11 22:50:35 - [] D -- C:\Documents and Settings\ahmed\Local Settings\Application Data\Xenocode
O43 - CFD: 2015/06/02 12:49:56 - [] RD -- C:\Documents and Settings\ahmed\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/02 13:13:10 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\Internet Download Manager
O43 - CFD: 2015/07/12 00:13:31 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 2015/06/02 15:28:33 - [] RD -- C:\Documents and Settings\ahmed\Start Menu\Programs\Startup
O43 - CFD: 2015/09/04 23:33:41 - [] D -- C:\Documents and Settings\ahmed\Start Menu\Programs\WinRAR
O43 - CFD: 2015/06/02 12:46:44 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Accessories
O43 - CFD: 2015/06/02 15:28:33 - [] RD -- C:\WINDOWS\System32\Config\systemprofile\Start Menu\Programs\Startup

---\\ Latest files created in Prefetcher (1) - 5s
O45 - LFCP:[MD5.A6D04D3B04C561A12E87320D5A1CCF47] 2015/10/19 22:00:30 A -- C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-0B007004.pf =>.Superfluous.SpyHunter

---\\ ShellIconOverlayIdentifiers (SIOI) (2) - 0s
O106 - SIOI: IDM Shell Extension [IDM Shell Extension] - {CDC95B92-E27C-4745-A8C5-64A52A78855D}. (.Tonec Inc. - Internet Download Manager module.) -- C:\Program Files\Internet Download Manager\IDMShellExt.dll ©
O106 - SIOI: Offline Files Menu [Offline Files] - {750fdf0e-2a26-11d1-a3ea-080036587f03}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\WINDOWS\system32\cscui.dll ©

---\\ ShareTools MSconfig StartupReg (13) - 2s
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ©
O53 - SMSR:HKLM\...\startupreg\Alcmtr [Key] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- ALCMTR.EXE (.not file.) ©
O53 - SMSR:HKLM\...\startupreg\AzMixerSel [Key] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe ©
O53 - SMSR:HKLM\...\startupreg\DWPersistentQueuedReporting [Key] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE ©
O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe ©
O53 - SMSR:HKLM\...\startupreg\IDMan [Key] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe ©
O53 - SMSR:HKLM\...\startupreg\igfxhkcmd [Key] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe ©
O53 - SMSR:HKLM\...\startupreg\Microsoft Default Manager [Key] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe ©
O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe
O53 - SMSR:HKLM\...\startupreg\PWRISOVM.EXE [Key] . (.Power Software Ltd - PowerISO Virtual Drive Manager.) -- C:\Program Files\PowerISO\PWRISOVM.EXE ©
O53 - SMSR:HKLM\...\startupreg\RTHDCPL [Key] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- RTHDCPL.EXE (.not file.) ©
O53 - SMSR:HKLM\...\startupreg\SkyTel [Key] . (.Realtek Semiconductor Corp. - Realtek Voice Manager.) -- SkyTel.EXE (.not file.) ©
O53 - SMSR:HKLM\...\startupreg\Wondershare Helper Compact.exe [Key] . (.Wondershare - Wondershare Studio.) -- C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ©

---\\ System Drivers List (52) - 3s
O58 - SDL:2006/01/25 09:44:52 A . (.Atheros Communications, Inc. - Driver for Atheros AR5001 Wireless Network.) -- C:\WINDOWS\System32\drivers\ar5211.sys [488448] ©
O58 - SDL:2005/11/02 07:24:24 A . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless dr.) -- C:\WINDOWS\System32\drivers\BCMWL5.SYS [424320] ©
O58 - SDL:2005/11/11 14:40:48 RA . (.CACE Technologies - npf.) -- C:\WINDOWS\System32\drivers\BCMWLNPF.SYS [33664] ©
O58 - SDL:2005/06/21 12:32:50 A . (.Inprocomm, Inc. - Inprocomm 802.1x Supplicant.) -- C:\WINDOWS\System32\drivers\callistx.sys [28544]
O58 - SDL:2010/12/20 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\System32\drivers\cinemst2.sys [262528] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\System32\drivers\cpqdap01.sys [11776] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmboot.sys [799744] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\System32\drivers\dmio.sys [153344] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\drivers\dmload.sys [5888] ©
O58 - SDL:2015/07/13 07:14:14 A . (.ESET - Amon monitor.) -- C:\WINDOWS\System32\drivers\eamonm.sys [202704] ©
O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Helper driver.) -- C:\WINDOWS\System32\drivers\ehdrv.sys [144536] ©
O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall driver.) -- C:\WINDOWS\System32\drivers\epfw.sys [185176] ©
O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall NDIS filter.) -- C:\WINDOWS\System32\drivers\epfwndis.sys [48192] ©
O58 - SDL:2015/07/13 07:14:14 A . (.ESET - ESET Personal Firewall TDI filter.) -- C:\WINDOWS\System32\drivers\epfwtdi.sys [71888] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [144384]
O58 - SDL:2006/03/23 06:47:06 RA . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\System32\drivers\ialmnt5.sys [1166972] ©
O58 - SDL:2014/10/01 08:19:10 A . (.Tonec Inc. - Internet Download Manager TDI Driver.) -- C:\WINDOWS\System32\drivers\idmtdi.sys [122848] ©
O58 - SDL:2015/06/18 08:41:36 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [23256] ©
O58 - SDL:2015/06/18 08:41:46 A . (.Malwarebytes Corporation - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [121560] ©
O58 - SDL:2015/10/19 22:15:56 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [98520] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv61xxmm.sys [5632] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mv64xxmm.sys [5632] ©
O58 - SDL:2010/10/14 03:55:06 A . (.Marvell Semiconductor, Inc. - USB EWS Device Driver.) -- C:\WINDOWS\System32\drivers\mvusbews.sys [17408] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Marvell Semiconductor Inc. - Marvell Aux NV Bridge DLL.) -- C:\WINDOWS\System32\drivers\mvxxmm.sys [5632] ©
O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\nikedrv.sys [12032] ©
O58 - SDL:2010/06/25 19:07:14 A . (.CACE Technologies, Inc. - npf.sys (NT5/6 x86) Kernel Driver.) -- C:\WINDOWS\System32\drivers\npf.sys [35088] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Lib.) -- C:\WINDOWS\System32\drivers\ptilink.sys [17792] ©
O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\System32\drivers\rio8drv.sys [12032] ©
O58 - SDL:2010/12/20 14:00:00 A . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\System32\drivers\riodrv.sys [12032] ©
O58 - SDL:2006/06/28 10:25:24 R . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RtkHDAud.Sys [4304384] ©
O58 - SDL:2011/11/15 05:50:16 A . (.Power Software Ltd - PowerISO Virtual Drive.) -- C:\WINDOWS\System32\drivers\scdemu.sys [112096] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\WINDOWS\System32\drivers\secdrv.sys [20480] ©
O58 - SDL:2013/08/21 06:31:38 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [84248] ©
O58 - SDL:2013/08/21 06:31:38 A . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ve.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [182680] ©
O58 - SDL:2012/06/28 09:49:48 A . (.The OpenVPN Project - TAP-Win32 Virtual Network Driver.) -- C:\WINDOWS\System32\drivers\tap0901.sys [26624] ©
O58 - SDL:2010/12/20 14:00:00 A . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\System32\drivers\tsbvcap.sys [21376] ©
O58 - SDL:2010/12/20 14:00:00 A . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys [58112] ©
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ansi.sys [9029]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\country.sys [27097]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\himem.sys [4768]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\key01.sys [42809]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\keyboard.sys [42537]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos.sys [27866]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos404.sys [29146]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos411.sys [29370]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos412.sys [29274]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntdos804.sys [29146]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio.sys [33840]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio404.sys [34560]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio411.sys [35648]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio412.sys [35424]
O58 - SDL:2010/12/20 14:00:00 A . (...) -- C:\WINDOWS\System32\ntio804.sys [34560]

---\\ Last modified or created user files (1) - 6s
O61 - LFC: 2015/10/19 22:00:02 A . (.Enigma Software Group USA, LLC..) -- C:\Documents and Settings\ahmed\My Documents\Downloads\Programs\SpyHunter-Installer.exe [3237248] =>.Superfluous.SpyHunter

---\\ File Associations Shell Spawning (10) - 0s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\WINDOWS\system32\shell32.dll ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\system32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe ©

---\\ Start Menu Internet (13) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ©
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\system32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\launcher.exe ©

---\\ Search Browser Infection (9) - 9s
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.newtab.url", "http://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAYaJlxaUQgXDAVGcgkVVQhBFBgbJAsPTFsQE1ZCdl[...] =>PUP.Optional.Browser
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.alias", "sweet-page"); =>PUP.Optional.SweetPage
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.name", "sweet-page"); =>PUP.Optional.SweetPage
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.ptid", "cor"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.search.searchengine.uid", "ST980811AS_5LY1JQRXXXXX5LY1JQRX"); =>PUP.Optional.SearchEngine
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("browser.startup.homepage", "http://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQeV9dAwlARxgTJQsITA1AEQAOeF0KVhQT[...] =>PUP.Optional.Browser
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("extensions.defsearchp@gmail.com.install-event-fired", true); =>PUP.Optional.PriceFountain
O69 - SBI: prefs.js [ahmed - ftweeuuw.default] user_pref("extensions.deskCutv2@gmail.com.install-event-fired", true); =>PUP.Optional.DeskCut

---\\ Search Svchost Services (37) - 1s
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\WINDOWS\system32\appmgmts.dll [167936] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] ©
O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [78336] ©
O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] ©
O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Logical Disk Manager service dll.) -- C:\WINDOWS\system32\dmserver.dll [23552] ©
O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - DHCP Client Service.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976] ©
O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - .) -- C:\WINDOWS\system32\es.dll [253952] ©
O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: HidServ (HidServ) . (...) -- C:\WINDOWS\System32\hidserv.dll [0]
O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] ©
O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [134144] ©
O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] ©
O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Network Connections Manager.) -- C:\WINDOWS\system32\netman.dll [198144] ©
O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provi.) -- C:\WINDOWS\system32\mswsock.dll [245248] ©
O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Removable Storage Manager.) -- C:\WINDOWS\system32\ntmssvc.dll [435200] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] ©
O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Task Scheduler Engine.) -- C:\WINDOWS\system32\schedsvc.dll [192512] ©
O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\system32\seclogon.dll [18944] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\system32\ipnathlp.dll [330752] ©
O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - System Restore Service.) -- C:\WINDOWS\system32\srsvc.dll [171008] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\WINDOWS\system32\tapisrv.dll [249856] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] ©
O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [175616] ©
O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Wireless Zero Configuration Service.) -- C:\WINDOWS\system32\wzcsvc.dll [483328] ©
O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - Advanced Windows 32 Base API.) -- C:\WINDOWS\system32\advapi32.dll [617472] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\wmisvc.dll [144896] ©
O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] ©
O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Quarantine Agent Service Run-Time.) -- C:\WINDOWS\system32\qagentrt.dll [291328] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\WINDOWS\system32\kmsvc.dll [61440] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\system32\qmgr.dll [408576] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [22520] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\system32\shsvcs.dll [135168] ©
O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\mspmsnsv.dll [27136] ©

---\\ Services not Microsoft (SR=Run, SS=Stop) (8) - 18s

SS - Demand [2015/10/06 22:37:14] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [2015/07/08 15:22:32] [ 1353720] ESET Service (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET Smart Security\ekrn.exe ©
SR - Auto [2010/11/24 11:01:18] [ 99896] HP SI Service (HPSIService) . (.HP.) - C:\WINDOWS\system32\HPSIsvc.exe ©
SS - Auto [2015/06/18 08:39:50] [ 1133880] (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
SS - Demand [2015/08/30 21:39:50] [ 149160] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe ©
SS - Demand [2010/06/25 19:07:20] [ 117264] Remote Packet Capture Protocol v.0 (experimental) (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe ©
SR - Auto [2005/11/11 14:40:52] [ 18944] Broadcom Wireless LAN Tray Service (wltrysvc) . (...) - C:\WINDOWS\system32\WLTRYSVC.EXE

---\\ Additional Scan (O88) (1) - 0s
C:\WINDOWS\Prefetch\SPYHUNTER-INSTALLER.EXE-0B007004.pf =>.Superfluous.SpyHunter

---\\ Summary of the elements found (5) - 1s
http://www.nicolascoolman.fr/hijacker-browsers/ =>PUP.Optional.Browser
http://www.nicolascoolman.fr/pup-sweetpage/ =>PUP.Optional.SweetPage
http://www.nicolascoolman.fr/blog =>PUP.Optional.SearchEngine
http://www.nicolascoolman.fr/blog =>PUP.Optional.PriceFountain
http://www.nicolascoolman.fr/blog =>PUP.Optional.DeskCut

~ End of the scan, 38090 items in 88 seconds (703)(0)()

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !