cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ ZHPDiag v2015.11.28.175 By Nicolas Coolman (2015/11/25)
~ Run by pr (Administrator) (2015/11/29 12:16:53)
~ Web: http://www.nicolascoolman.fr
~ Facebook: https://www.facebook.com/nicolascoolman1
~ State version: Version OK
~ Mode: Scan
~ Report: C:\Users\pr\Desktop\ZHPDiag.txt
~ Report: C:\Users\pr\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Deactivate
~ System startup: Normal (Normal boot)
Windows 7 Ultimate, 32-bit (Build 7600)

---\\ Internet Browsers (3) - 0s
GCIE: Google Chrome v46.0.2490.86
MFIE: Mozilla Firefox 28.0 (x86 fr) v28.0
MSIE: Internet Explorer v9.0.8112.16421

---\\ Windows Product Information (4) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Génération : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software (3) - 17s
Avast Premier v11.1.2241
Malwarebytes Anti-Malware version 2.2.0.1024
Windows Defender W7 (Activate)

---\\ System protection software (Superfluous) (1) - 17s
Spybot - Search & Destroy v1.6.2

---\\ System optimization software (1) - 17s
CCleaner v5.10

---\\ Surveillance software (2) - 17s
Adobe Flash Player 19 ActiveX
Adobe Reader XI

---\\ Information on the system (6) - 0s
~ Operating System: x86 Family 6 Model 15 Stepping 2, GenuineIntel
~ Operating System: 32-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 3144.184 MB (24% free)
System Restore: Activé (Enable)
System drive C: has 121 GB () free of 205 GB

---\\ Connection to the system mode (3) - 0s
~ Computer Name: PR-PC
~ User Name: pr
~ Logged in as Administrator

---\\ Enumeration of the disk units (2) - 0s
~ Drive C: has 121 GB free of 205 GB (System)
~ Drive D: has 87 GB free of 99 GB

---\\ State of the Windows Security Center (13) - 0s
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

---\\ Search Generic System Files (24) - 1s
[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - 31/10/2009 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2614272] ©
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - 14/07/2009 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] ©
[MD5.B5C5DCAD3899512020D135600129D665] - 14/07/2009 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [96256] ©
[MD5.C36E38AD3C7FAFF0E30C4CBCB28CE7FB] - 21/11/2013 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [1129472] ©
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - 28/10/2009 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [285696] ©
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - 14/07/2009 - (.Microsoft Corporation - Software Licensing Library.) -- C:\Windows\System32\sppcomapi.dll [193024] ©
[MD5.62390F4ACE9E2B63E3CA26B7F7497897] - 03/03/2011 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [269824] ©
[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - 14/07/2009 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [338944] ©
[MD5.338C86357871C167A96AB976519BF59E] - 14/07/2009 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21584] ©
[MD5.77EA11B065E0A8AB902D78145CA51E10] - 14/07/2009 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70656] ©
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - 14/07/2009 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [108544] ©
[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - 14/07/2009 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\Windows\System32\drivers\DfsC.sys [78336] ©
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - 14/07/2009 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [108544] ©
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - 14/07/2009 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [80896] ©
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - 14/07/2009 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [101888] ©
[MD5.B4C76EF46322A9711C7B0F4E21EF6EA5] - 23/02/2011 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [123392] ©
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - 14/07/2009 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [187904] ©
[MD5.3795DCD21F740EE799FB7223234215AF] - 14/07/2009 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1210432] ©
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - 14/07/2009 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [79360] ©
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - 14/07/2009 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [78848] ©
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - 14/07/2009 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [133120] ©
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - 14/07/2009 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [71168] ©
[MD5.CB39E896A2A83702D1737BFD402B3542] - 14/07/2009 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [74240] ©
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - 14/07/2009 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [245328] ©

---\\ Software installed (83) - 34s
O42 - Logiciel: 7-Zip 9.20 - (...) [HKLM] -- 7-Zip
O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX ©
O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {15FEDA5F-141C-4127-8D7E-B962D1742728} ©
O42 - Logiciel: Adobe Reader XI (11.0.13) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001} ©
O42 - Logiciel: Adobe Refresh Manager - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-0804-1033-1959-001824161310} ©
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {7F644A4B-C9A7-E419-BFD9-75DFA0EE57DB} ©
O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408} ©
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {B448BC74-1CB7-7A57-3313-5E075AFB413E} ©
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {DBA18992-B9F3-950D-E973-6ED23422EA73} ©
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM] -- {3DF7D356-6225-8717-AFC2-91D5C1521036} ©
O42 - Logiciel: Any Video Converter Ultimate 5.8.0 - (.Any-Video-Converter.com.) [HKLM] -- Any Video Converter Ultimate_is1
O42 - Logiciel: Audacity 1.2.6 and lame_enc.dll 3.97 - (.--.) [HKLM] -- Audacity + Lame_is1
O42 - Logiciel: Avast Premier - (.AVAST Software.) [HKLM] -- avast ©
O42 - Logiciel: Boris Graffiti - (.Boris FX, Inc..) [HKLM] -- {262BF2CD-601D-4F43-919C-4B00B1D1F338}
O42 - Logiciel: Catalyst Control Center - (.Advanced Micro Devices, Inc..) [HKLM] -- {EBBD4FE6-91DA-C397-6D56-FE85DBF24FCF} ©
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM] -- {88B2ABCF-9C00-47C1-8FC4-369B98845DD7} ©
O42 - Logiciel: Catalyst Control Center Graphics Previews Common - (.Advanced Micro Devices, Inc..) [HKLM] -- {D4236B82-213F-679E-09A2-9AEB5EF4CADC} ©
O42 - Logiciel: Catalyst Control Center InstallProxy - (.Advanced Micro Devices, Inc..) [HKLM] -- {28164BD8-81EA-639A-85E9-E659E3EE6DA7} ©
O42 - Logiciel: Catalyst Control Center Localization All - (.Advanced Micro Devices, Inc..) [HKLM] -- {BD96ABD3-D1D4-5513-6C60-11476D6DCFC5} ©
O42 - Logiciel: CCC Help Chinese Standard - (.Advanced Micro Devices, Inc..) [HKLM] -- {4745F6F8-09DA-CC39-EC19-0E8D764CF2B7} ©
O42 - Logiciel: CCC Help Chinese Traditional - (.Advanced Micro Devices, Inc..) [HKLM] -- {25A7270E-1B63-DFD1-ACBC-88852A305398} ©
O42 - Logiciel: CCC Help Czech - (.Advanced Micro Devices, Inc..) [HKLM] -- {15A05AAA-37E7-D516-5BE9-C960C2170403} ©
O42 - Logiciel: CCC Help Danish - (.Advanced Micro Devices, Inc..) [HKLM] -- {2E69E784-F84A-9A18-7D8E-4EB8504EEE1E} ©
O42 - Logiciel: CCC Help Dutch - (.Advanced Micro Devices, Inc..) [HKLM] -- {58771CF6-F212-CC4D-61B1-45CC70B6375C} ©
O42 - Logiciel: CCC Help English - (.Advanced Micro Devices, Inc..) [HKLM] -- {00F14E5B-E07A-2A1E-6788-580773CE1486} ©
O42 - Logiciel: CCC Help Finnish - (.Advanced Micro Devices, Inc..) [HKLM] -- {B09567CC-E43F-10F1-752D-549AC7FB0C43} ©
O42 - Logiciel: CCC Help French - (.Advanced Micro Devices, Inc..) [HKLM] -- {C39C7876-4D21-8A38-0A42-B5C8858EC6C7} ©
O42 - Logiciel: CCC Help German - (.Advanced Micro Devices, Inc..) [HKLM] -- {9A7F1628-2126-34A5-852D-2B93328BCF3F} ©
O42 - Logiciel: CCC Help Greek - (.Advanced Micro Devices, Inc..) [HKLM] -- {911904DE-EBB6-BC8E-D5BD-762B7DB42C46} ©
O42 - Logiciel: CCC Help Hungarian - (.Advanced Micro Devices, Inc..) [HKLM] -- {4FA31DE2-B613-24BB-1738-B655C00B1C9D} ©
O42 - Logiciel: CCC Help Italian - (.Advanced Micro Devices, Inc..) [HKLM] -- {6D5CE5F1-CBB0-9ED4-1A1E-91DDCD6225FD} ©
O42 - Logiciel: CCC Help Japanese - (.Advanced Micro Devices, Inc..) [HKLM] -- {362614E4-9ABB-E7A7-CDDC-239AB168060A} ©
O42 - Logiciel: CCC Help Korean - (.Advanced Micro Devices, Inc..) [HKLM] -- {812B956B-37AB-24B9-4527-78A6D3ECE7F8} ©
O42 - Logiciel: CCC Help Norwegian - (.Advanced Micro Devices, Inc..) [HKLM] -- {B170B91D-E8E3-A6A3-D129-D8E36FEA8A0B} ©
O42 - Logiciel: CCC Help Polish - (.Advanced Micro Devices, Inc..) [HKLM] -- {83293709-B863-0EF6-00DA-B026D486E8B5} ©
O42 - Logiciel: CCC Help Portuguese - (.Advanced Micro Devices, Inc..) [HKLM] -- {9903011B-5F1D-A2A1-8078-EE62B3324CCE} ©
O42 - Logiciel: CCC Help Russian - (.Advanced Micro Devices, Inc..) [HKLM] -- {AE6C422B-DADB-D547-411C-E9E56DF03D16} ©
O42 - Logiciel: CCC Help Spanish - (.Advanced Micro Devices, Inc..) [HKLM] -- {707210B0-29F1-C550-BA96-6ECDA245CF24} ©
O42 - Logiciel: CCC Help Swedish - (.Advanced Micro Devices, Inc..) [HKLM] -- {FCEFDA6B-63CD-BB17-B845-478A42E24D39} ©
O42 - Logiciel: CCC Help Thai - (.Advanced Micro Devices, Inc..) [HKLM] -- {21E9850E-58C2-FA88-D5AD-B64D253B8F82} ©
O42 - Logiciel: CCC Help Turkish - (.Advanced Micro Devices, Inc..) [HKLM] -- {0A036215-0A8D-6FBE-7EA3-7AED4F9E162A} ©
O42 - Logiciel: ccc-utility - (.Advanced Micro Devices, Inc..) [HKLM] -- {8D5B19AA-3D3A-5870-C9A0-346EBC5DB21E} ©
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner ©
O42 - Logiciel: CDex - Open Source Digital Audio CD Extractor - (.Georgy Berdyshev.) [HKLM] -- CDex ©
O42 - Logiciel: dBpowerAMP Music Converter - (...) [HKLM] -- dBpowerAMP Music Converter
O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner ©
O42 - Logiciel: EPSON SX420W Series Printer Uninstall - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON SX420W Series ©
O42 - Logiciel: Funny Photo Maker 2.4.2 - (.Funny-Photo-Maker.com.) [HKLM] -- Funny Photo Maker_is1
O42 - Logiciel: GIMP 2.8.14 - (.The GIMP Team.) [HKLM] -- GIMP-2_is1 ©
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome ©
O42 - Logiciel: Google Input Tools - (.Google Inc..) [HKLM] -- GoogleInputFramework ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} ©
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} ©
O42 - Logiciel: InstantPhotoSketch 2.0 - (.CPSSoftware.) [HKLM] -- {5A76F86F-C0E5-4755-BD6C-4FC627F17033}_is1 ©
O42 - Logiciel: Keyman Package - Helabasa - (...) [HKLM] -- Keyman Package Helabasa
O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 ©
O42 - Logiciel: Mozilla Firefox 28.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 28.0 (x86 fr) ©
O42 - Logiciel: Nero Burning ROM 10 - (.Nero AG.) [HKLM] -- {FE83F463-7E61-4B18-9FA0-B94B90A0B6B9} ©
O42 - Logiciel: Nero BurningROM 10 Help (CHM) - (.Nero AG.) [HKLM] -- {9B6B24BE-80E7-46C4-9FA5-B167D5E0F345} ©
O42 - Logiciel: Nero BurnRights 10 - (.Nero AG.) [HKLM] -- {943CFD7D-5336-47AF-9418-E02473A5A517} ©
O42 - Logiciel: Nero BurnRights 10 Help (CHM) - (.Nero AG.) [HKLM] -- {555868C6-49FB-484F-BB43-8980651A1B00} ©
O42 - Logiciel: Nero Control Center 10 - (.Nero AG.) [HKLM] -- {6DFB899F-17A2-48F0-A533-ED8D6866CF38} ©
O42 - Logiciel: Nero ControlCenter 10 Help (CHM) - (.Nero AG.) [HKLM] -- {523B2B1B-D8DB-4B41-90FF-C4D799E2758A} ©
O42 - Logiciel: Nero Core Components 10 - (.Nero AG.) [HKLM] -- {2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F} ©
O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392} ©
O42 - Logiciel: Pinnacle Studio 12 - (.Pinnacle Systems.) [HKLM] -- {D041EB9E-890A-4098-8F94-51DA194AC72A} ©
O42 - Logiciel: Pinnacle Studio 12 Ultimate Plugins - (.Pinnacle Systems.) [HKLM] -- {D1860E6E-520E-4380-8433-E58E8F88B473} ©
O42 - Logiciel: Pinnacle Studio 15 - (.Pinnacle Systems.) [HKLM] -- {1362E602-9625-42D3-B57F-CDA9D26F9DA8} ©
O42 - Logiciel: Pinnacle Video Driver - (.Pinnacle Systems.) [HKLM] -- {6DE721A5-5E89-4D74-994C-652BB3C0672E} ©
O42 - Logiciel: proDAD Heroglyph 2.5 - (...) [HKLM] -- proDAD-Heroglyph-2.5
O42 - Logiciel: SafeZone Stable 1.46.1990.55 - (.Avast Software.) [HKLM] -- SafeZone 1.46.1990.55 ©
O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120} ©
O42 - Logiciel: Skype™ 7.12 - (.Skype Technologies S.A..) [HKLM] -- {6A0549A9-1B96-498C-ACBC-3943001FEB19} ©
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Studio 11 Bonus DVD - (.Pinnacle Systems.) [HKLM] -- {45A1BF92-700A-4408-B95E-79F462E3D67D} ©
O42 - Logiciel: Studio Premium Pack 2 - (...) [HKLM] -- {20CCB867-C95A-4604-A743-0DB5C88E792E}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} ©
O42 - Logiciel: Tavultesoft Keyman 6.0 - (...) [HKLM] -- Tavultesoft Keyman 6.0
O42 - Logiciel: Teller Of Future (Sinhala) (C:\Program Files\ - (...) [HKLM] -- ST5UNST #2
O42 - Logiciel: This PC - (.Aquaform Corporation.) [HKLM] -- This PC1.1
O42 - Logiciel: Vistaprint Livres photo - (.Vistaprint.) [HKCU] -- {70B0F1A3-D243-4FB9-B2C8-074350115F98}_is1 ©
O42 - Logiciel: VLC media player - (.VideoLAN.) [HKLM] -- VLC media player ©
O42 - Logiciel: WinRAR 5.21 beta 1 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver ©

---\\ HKCU & HKLM Software Keys (147) - 34s
HKLM\SOFTWARE\4Sync
HKLM\SOFTWARE\7-Zip
HKLM\SOFTWARE\ABBYY
HKLM\SOFTWARE\Adobe
HKLM\SOFTWARE\AdwCleaner
HKLM\SOFTWARE\AMD
HKLM\SOFTWARE\AppDataLow
HKLM\SOFTWARE\Apple Computer, Inc.
HKLM\SOFTWARE\Ashampoo
HKLM\SOFTWARE\Astralax
HKLM\SOFTWARE\ASUS
HKLM\SOFTWARE\ATI
HKLM\SOFTWARE\ATI Technologies
HKLM\SOFTWARE\Auslogics
HKLM\SOFTWARE\AVAST Software
HKLM\SOFTWARE\Avid
HKLM\SOFTWARE\AVS4YOU
HKLM\SOFTWARE\Boris FX, Inc.
HKLM\SOFTWARE\BrowserChoice
HKLM\SOFTWARE\CDDB
HKLM\SOFTWARE\DivX
HKLM\SOFTWARE\EPSON
HKLM\SOFTWARE\FAST Multimedia
HKLM\SOFTWARE\Foxit Software
HKLM\SOFTWARE\Freemake
HKLM\SOFTWARE\Gabest
HKLM\SOFTWARE\GEAR Software
HKLM\SOFTWARE\Google
HKLM\SOFTWARE\HaaliMkx
HKLM\SOFTWARE\HitmanPro
HKLM\SOFTWARE\IM Providers
HKLM\SOFTWARE\IncrediMail
HKLM\SOFTWARE\Intel
HKLM\SOFTWARE\JavaSoft
HKLM\SOFTWARE\JreMetrics
HKLM\SOFTWARE\Khronos
HKLM\SOFTWARE\KoshyJohn.com
HKLM\SOFTWARE\LAV
HKLM\SOFTWARE\Macromedia
HKLM\SOFTWARE\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Microimage
HKLM\SOFTWARE\Mozilla
HKLM\SOFTWARE\mozilla.org
HKLM\SOFTWARE\MozillaPlugins
HKLM\SOFTWARE\NCH Software
HKLM\SOFTWARE\Nero
HKLM\SOFTWARE\Norton
HKLM\SOFTWARE\ODBC
HKLM\SOFTWARE\Opera Software
HKLM\SOFTWARE\Pegasus Imaging
HKLM\SOFTWARE\PegasusImaging
HKLM\SOFTWARE\Pinnacle Systems
HKLM\SOFTWARE\Piriform
HKLM\SOFTWARE\proDAD
HKLM\SOFTWARE\RealNetworks
HKLM\SOFTWARE\RegisteredApplications
HKLM\SOFTWARE\Safer Networking Limited
HKLM\SOFTWARE\SAS Institute Inc.
HKLM\SOFTWARE\Skype
HKLM\SOFTWARE\Sonic
HKLM\SOFTWARE\SONIX
HKLM\SOFTWARE\Sony Corporation
HKLM\SOFTWARE\Symantec
HKLM\SOFTWARE\Tavultesoft
HKLM\SOFTWARE\VideoLAN
HKLM\SOFTWARE\Volatile
HKLM\SOFTWARE\WinRAR
HKLM\SOFTWARE\Wow6432Node
HKLM\SOFTWARE\Xing Technology Corp.
HKLM\SOFTWARE\Xpress Software
HKCU\SOFTWARE\553EB3D537C61AC0 =>PUP.Optional.Heuristic
HKCU\SOFTWARE\7-Zip
HKCU\SOFTWARE\ABBYY
HKCU\SOFTWARE\Adobe
HKCU\SOFTWARE\Aiseesoft Studio
HKCU\SOFTWARE\AMD
HKCU\SOFTWARE\AMS Software
HKCU\SOFTWARE\Anvsoft
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\Apple Computer, Inc.
HKCU\SOFTWARE\Apple Inc.
HKCU\SOFTWARE\ASProtect
HKCU\SOFTWARE\Astralax
HKCU\SOFTWARE\ATI
HKCU\SOFTWARE\Audacity
HKCU\SOFTWARE\AVAST Software
HKCU\SOFTWARE\AVS4YOU
HKCU\SOFTWARE\Brorsoft
HKCU\SOFTWARE\CDDB
HKCU\SOFTWARE\Clubic
HKCU\SOFTWARE\ContactKeeper
HKCU\SOFTWARE\Datastead
HKCU\SOFTWARE\DivXNetworks
HKCU\SOFTWARE\Efofex Software
HKCU\SOFTWARE\EPSON
HKCU\SOFTWARE\Foxit Software
HKCU\SOFTWARE\FreeDownloadManager.ORG
HKCU\SOFTWARE\Freemake
HKCU\SOFTWARE\Gabest
HKCU\SOFTWARE\Google
HKCU\SOFTWARE\Haali
HKCU\SOFTWARE\Illustrate
HKCU\SOFTWARE\IM Providers
HKCU\SOFTWARE\LAV
HKCU\SOFTWARE\Licenses
HKCU\SOFTWARE\Macromedia
HKCU\SOFTWARE\Malwarebytes' Anti-Malware
HKCU\SOFTWARE\Mediachance
HKCU\SOFTWARE\mozilla
HKCU\SOFTWARE\MozillaPlugins
HKCU\SOFTWARE\MPC-HC
HKCU\SOFTWARE\NCH Software
HKCU\SOFTWARE\Netscape
HKCU\SOFTWARE\Nitro PDF
HKCU\SOFTWARE\ODBC
HKCU\SOFTWARE\Ongkara software
HKCU\SOFTWARE\Opera Software
HKCU\SOFTWARE\Pinnacle Systems
HKCU\SOFTWARE\Piriform
HKCU\SOFTWARE\proDAD
HKCU\SOFTWARE\RealNetworks
HKCU\SOFTWARE\Regressi
HKCU\SOFTWARE\Safer Networking Limited
HKCU\SOFTWARE\Skype
HKCU\SOFTWARE\Softplicity
HKCU\SOFTWARE\Software
HKCU\SOFTWARE\SolidDocuments
HKCU\SOFTWARE\Sony Corporation
HKCU\SOFTWARE\Tavultesoft
HKCU\SOFTWARE\Trolltech
HKCU\SOFTWARE\UninstallHelper
HKCU\SOFTWARE\VB and VBA Program Settings
HKCU\SOFTWARE\VOB
HKCU\SOFTWARE\Wabbitemu
HKCU\SOFTWARE\WComVista64
HKCU\SOFTWARE\WinRAR
HKCU\SOFTWARE\WinRAR SFX
HKCU\SOFTWARE\Xpress Software
HKCU\SOFTWARE\Yahoo
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\zsys
HKCU\SOFTWARE\AppDataLow\RealNetworks
HKCU\SOFTWARE\AppDataLow\Software
HKCU\SOFTWARE\AppDataLow\Software\Adobe
HKCU\SOFTWARE\AppDataLow\Software\Buzz_it
HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
HKCU\SOFTWARE\AppDataLow\Software\RealNetworks

---\\ Non Microsoft non disabled Windows Services (9) - 2s
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe ©
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe ©
O23 - Service: Avast Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
O23 - Service: Avast Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
O23 - Service: GoogleInputService (GoogleInputService) . (.Google Inc - Google Input Tools..) - C:\Program Files\Google\Google Input Tools\GoogleInputService.exe ©
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
O23 - Service: (MBAMService) . (.Malwarebytes - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe ©
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe ©

---\\ Task Planned Automatically (44) - 11s
[MD5.B89A82FB10E98F2FDF51FA82C7366DD3] [APT] [Adobe Acrobat Update Task] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736] ©
[MD5.280A526E8111AC6A5BCC1A059E1E0340] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269000] ©
[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-pr-PC-pr] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208] ©
[MD5.8A6D1C082176864414E85ACF6696331D] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [1510320] ©
[MD5.1DC0CC580B6149CE24782B65384F34BD] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6495144] ©
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [144200] ©
[MD5.00000000000000000000000000000000] [APT] [Norton Security Scan for pr] (...) -- C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderDownloaderScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001] (...) -- C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001] (...) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealDownloaderRealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001] (...) -- C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealPlayerRealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001] (...) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealPlayerRealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001] (...) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001] (...) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001] (...) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (.not file.) [0]
[MD5.45ADCD37376140892745F157552A7051] [APT] [SafeZone scheduled Autoupdate 1447059829] (.Avast Software.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe [728568] ©
[MD5.B73F17DF5CA5A1C748C36CC63297C6E3] [APT] [{0649676D-11F5-4FFC-9F16-A297C21264B1}] (.SEIKO EPSON CORP..) -- C:\Windows\twain_32\escndv\escndv.exe [155648] ©
[MD5.B73F17DF5CA5A1C748C36CC63297C6E3] [APT] [{0A2D0847-13FC-4DEC-B3FF-74141A07A99A}] (.SEIKO EPSON CORP..) -- C:\Windows\twain_32\escndv\escndv.exe [155648] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] [APT] [{13C9A6FA-0C25-4A19-9EB2-0DDEB23E28C8}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [811848] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] [APT] [{1EAD07BB-F16F-4FF1-B7DB-3E536201DD0E}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [811848] ©
[MD5.7115853FF96289DF7F65FB6B68E095ED] [APT] [{2EF6BA87-1D80-4CF5-86C7-74002F2F5610}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [275568] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] [APT] [{5033D47E-1419-464C-9C08-6940334E952E}] (.Google Inc..) -- c:\program files\Google\Chrome\application\chrome.exe [811848] ©
[MD5.7115853FF96289DF7F65FB6B68E095ED] [APT] [{C9D785FD-59C3-429F-B2CF-A47BF74937E0}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [275568] ©
[MD5.01E5B25A973BEA364CA745C3B5658434] [APT] [{CDAE434D-8213-4B4A-AA5C-43DCE216AD15}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [57981568] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1052] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1056] ©
O39 - APT: Norton Security Scan for pr - (...) -- C:\Windows\Tasks\Norton Security Scan for pr.job [434]
O39 - APT: Adobe Acrobat Update Task - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Acrobat Update Task [3874] ©
O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3768] ©
O39 - APT: AdobeAAMUpdater-1.0-pr-PC-pr - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-pr-PC-pr [3478] ©
O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4182] ©
O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2778] ©
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3800] ©
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [4052] ©
O39 - APT: Norton Security Scan for pr - (...) -- C:\Windows\System32\Tasks\Norton Security Scan for pr [3580]
O39 - APT: RealDownloaderDownloaderScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 - (...) -- C:\Windows\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 [3358]
O39 - APT: RealDownloaderRealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001 [3198]
O39 - APT: RealDownloaderRealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 - (...) -- C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 [3338]
O39 - APT: RealPlayerRealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001 - (...) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001 [3176]
O39 - APT: RealPlayerRealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 - (...) -- C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 [3316]
O39 - APT: RealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001 - (...) -- C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-565781450-1203981865-1107377620-1001 [3176]
O39 - APT: RealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 - (...) -- C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-565781450-1203981865-1107377620-1001 [3316]
O39 - APT: SafeZone scheduled Autoupdate 1447059829 - (.Avast Software.) -- C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1447059829 [3026] ©

---\\ Process running (27) - 2s
[MD5.EB7C2F213A219CA9CF807B6888186070] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [217088] [PID.900] ©
[MD5.CC7A6B8B048BB08CB446C01597D11CC5] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [453632] [PID.1328] ©
[MD5.199D3FA1AF32FCE46A38E8EB64FFF520] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416] [PID.1572] ©
[MD5.945697058B2A6EBB3155FB6BB3399F57] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\AVAST Software\Avast\afwServ.exe [109520] [PID.1836] ©
[MD5.5DB2C6B908C50767E2EDAA294A7566B5] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [82128] [PID.2036] ©
[MD5.78AF384F14F01009EFB10A31AFEC51F4] - (.Google Inc - Google Input Tools..) -- C:\Program Files\Google\Google Input Tools\GoogleInputService.exe [164888] [PID.496] ©
[MD5.329D828599BE8859DDC81F866019B2F0] - (.Google Inc. - Google Input Tools.) -- C:\Program Files\Google\Google Input Tools\GoogleInputHandler.exe [2511384] [PID.1324] ©
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.2760] ©
[MD5.F7D68D8E70EA376713A39395664793CA] - (.Pinnacle Systems GmbH - Pinnacle USB Tip - for Multi Media eXtensio.) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752] [PID.2768] ©
[MD5.2F722690B624C9AD160EDC24DCA880DF] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376] [PID.2944] ©
[MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.3060] ©
[MD5.01E5B25A973BEA364CA745C3B5658434] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [57981568] [PID.3076] ©
[MD5.1DC0CC580B6149CE24782B65384F34BD] - (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe [6495144] [PID.3236] ©
[MD5.0EBCD3C26F9584864A9C8337DABB0185] - (.Avast Software - AvastVirtualBox Interface.) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4390776] [PID.3436] ©
[MD5.4B9949208944C50B1A16FD1F05ED0A04] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.3584] ©
[MD5.A9950F1C63BA70151803C6F24CEE23F3] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.3684] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [811848] [PID.2060] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [811848] [PID.4244] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [811848] [PID.4152] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [811848] [PID.4532] ©
[MD5.B89A82FB10E98F2FDF51FA82C7366DD3] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736] [PID.5124] ©
[MD5.BABBBDEF9DBB5E012EE5210FCB47C33B] - (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe [9832760] [PID.3416] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [811848] [PID.1396] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [811848] [PID.4704] ©
[MD5.3AEA467EB1A5F3AD8FA39894D519677D] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\pr\Downloads\ZHPDiag3.exe [1977856] [PID.5300] ©
[MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe [811848] [PID.4708] ©
[MD5.D5B783DACE1BBDD382A63C894BAB8E1E] - (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992] [PID.4544] ©

---\\ Google Chrome, Start,Search,Extensions (7) - 0s
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [gomekmidlodglbbmalcneegieacbdmki] Avast Online Security
G2 - GCE: Preference [User Data\Default] [lccekmodgklaepjeofjdjpbminllajkg] Chrome Hotword Shared Module
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc.

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (27) - 4s
M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\extensions\how_recover+bgc.html
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\extensions\how_recover+bgc.txt
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\extensions\how_recover+rxw.html
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\extensions\how_recover+rxw.txt
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\extensions\how_recover+ykn.html
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\extensions\how_recover+ykn.txt
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\google-avast.xml
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\how_recover+bgc.html
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\how_recover+bgc.txt
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\how_recover+rxw.html
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\how_recover+rxw.txt
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\how_recover+ykn.html
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\how_recover+ykn.txt
P2 - EXT FILE: (...) -- C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\Search Provided by Yahoo.xml =>PUP.Optional.BDYahoo
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\amazon-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\bing.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\cnrtl-tlfi-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\eBay-france.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\google.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\wikipedia-fr.xml
P2 - EXT: (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo-france.xml
P2 - EXT: (.Skype Technologies S.A. - Skype Click to Call.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} ©
P2 - EXT: (.Mozilla - Default.) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ©
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp] - (...) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
P2 - FPN: [HKLM] [@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf] - (...) -- C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

---\\ Internet Explorer Extensions, Start, Search (9) - 1s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer

---\\ Internet Explorer, Proxy Management (4) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) ©
F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe (.Microsoft Corporation.) ©

---\\ Hosts file redirection (3) - 0s
128.199
128.199

~ Nombre lignes détournées 128.199

15534 (Hosts file redirected)

---\\ Browser Helper Object (BHO) (6) - 0s
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} (Orphean)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll ©
O2 - BHO: (no name) - {970c55b4-c79e-4c62-9bfa-76439b68969f} (Orphean)
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} (Orphean)
O2 - BHO: (no name) - {da104fa1-3714-4056-8f42-d7fb74fd43dc} (Orphean)

---\\ Auto loading programs from Registry and folders (25) - 1s
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe ©
O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ©
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe ©
O4 - HKLM\..\Run: [USB2Check] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\RUNDLL32.EXE ©
O4 - HKLM\..\Run: [USBToolTip] . (.Pinnacle Systems GmbH - Pinnacle USB Tip - for Multi Media eXtensio.) -- C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe ©
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe ©
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ©
O4 - HKLM\..\Run: [AMD AVT] . (.Microsoft Corporation - Windows Command Processor.) -- C:\Windows\System32\Cmd.exe ©
O4 - HKLM\..\Run: [hgjuy78gfh] . (...) -- C:\Users\pr\AppData\Roaming\wyddf-a.exe
O4 - HKCU\..\Run: [AdobeBridge] (Orphean)
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ©
O4 - HKCU\..\Run: [EPSON SX420W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE ©
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ©
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O4 - HKCU\..\Run: [hgjuy78gfh] . (...) -- C:\Users\pr\AppData\Roaming\wyddf-a.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe ©
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files\Windows Sidebar\sidebar.exe ©
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ©
O4 - HKUS\S-1-5-21-565781450-1203981865-1107377620-1001\..\Run: [AdobeBridge] (Orphean)
O4 - HKUS\S-1-5-21-565781450-1203981865-1107377620-1001\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe ©
O4 - HKUS\S-1-5-21-565781450-1203981865-1107377620-1001\..\Run: [EPSON SX420W Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGCE.EXE ©
O4 - HKUS\S-1-5-21-565781450-1203981865-1107377620-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ©
O4 - HKUS\S-1-5-21-565781450-1203981865-1107377620-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe ©
O4 - HKUS\S-1-5-21-565781450-1203981865-1107377620-1001\..\Run: [hgjuy78gfh] . (...) -- C:\Users\pr\AppData\Roaming\wyddf-a.exe

---\\ Lop.com/Domain Hijackers (3) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254

---\\ Extra protocols (25) - 0s
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll ©
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll ©
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\Windows\System32\urlmon.dll ©
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll ©
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll ©
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll ©
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype4COM.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll ©
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\Windows\System32\MSVidCtl.dll ©
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\Windows\System32\mshtml.dll ©
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ©
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL ©

---\\ BootExecute (BEX) (1) - 0s
O34 - HKLM BootExecute: (bootdelete) (.SurfRight B.V. - Hitman Pro 3.5 BootDelete.) -- C:\Windows\System32\bootdelete.exe

---\\ Contents of the Common Files folders (299) - 18s
O43 - CFD: 11/11/2015 - [] D -- C:\Program Files\7-Zip
O43 - CFD: 06/04/2015 - [] D -- C:\Program Files\Adobe
O43 - CFD: 19/12/2014 - [] D -- C:\Program Files\AMD APP
O43 - CFD: 19/12/2014 - [] D -- C:\Program Files\AMD AVT
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\Anvsoft
O43 - CFD: 12/11/2014 - [] D -- C:\Program Files\Apple Software Update
O43 - CFD: 13/11/2015 - [] D -- C:\Program Files\Assassins Creed II Offline Server v0.41
O43 - CFD: 19/12/2014 - [] D -- C:\Program Files\ATI
O43 - CFD: 19/12/2014 - [] D -- C:\Program Files\ATI Technologies
O43 - CFD: 02/10/2015 - [] D -- C:\Program Files\Audacity
O43 - CFD: 20/11/2015 - [0] D -- C:\Program Files\Auslogics
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files\AVAST Software
O43 - CFD: 27/05/2011 - [] D -- C:\Program Files\Boris FX, Inc
O43 - CFD: 09/11/2015 - [] D -- C:\Program Files\CCleaner
O43 - CFD: 18/12/2011 - [] D -- C:\Program Files\CDex
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Common Files
O43 - CFD: 14/11/2015 - [] D -- C:\Program Files\ContactKeeper
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\DVD Maker
O43 - CFD: 29/11/2015 - [] D -- C:\Program Files\Efofex
O43 - CFD: 02/06/2015 - [] D -- C:\Program Files\epson
O43 - CFD: 28/03/2015 - [] D -- C:\Program Files\Epson Software
O43 - CFD: 24/10/2015 - [] D -- C:\Program Files\GIMP 2
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Google
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files\GUM2A99.tmp
O43 - CFD: 17/09/2011 - [] D -- C:\Program Files\Illustrate
O43 - CFD: 28/03/2015 - [] HD -- C:\Program Files\InstallShield Installation Information
O43 - CFD: 30/10/2015 - [] D -- C:\Program Files\InstantPhotoSketch
O43 - CFD: 04/10/2015 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\IObit
O43 - CFD: 17/05/2015 - [] D -- C:\Program Files\Java
O43 - CFD: 25/11/2015 - [0] D -- C:\Program Files\MAGIX
O43 - CFD: 29/11/2015 - [] D -- C:\Program Files\Malwarebytes Anti-Malware
O43 - CFD: 21/12/2014 - [0] D -- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 21/04/2011 - [] D -- C:\Program Files\Micro Application
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Microsoft Games
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\Microsoft Office
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files\Microsoft Visual Studio
O43 - CFD: 03/04/2015 - [] D -- C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files\Microsoft Works
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Microsoft.NET
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Mozilla Firefox
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 22/06/2013 - [] D -- C:\Program Files\MSECache
O43 - CFD: 25/11/2015 - [] D -- C:\Program Files\PC Speedup Pro =>.Superfluous.PCSpeedUpPro
O43 - CFD: 18/12/2011 - [] D -- C:\Program Files\Photo Notifier and Animation Creator
O43 - CFD: 15/12/2012 - [] D -- C:\Program Files\Pinnacle
O43 - CFD: 22/12/2011 - [] D -- C:\Program Files\proDAD
O43 - CFD: 13/04/2011 - [] D -- C:\Program Files\QuickTime
O43 - CFD: 06/11/2014 - [] D -- C:\Program Files\Real
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 12/11/2014 - [] D -- C:\Program Files\SAS
O43 - CFD: 27/11/2015 - [] RD -- C:\Program Files\Skype
O43 - CFD: 03/04/2011 - [] D -- C:\Program Files\SopCast
O43 - CFD: 17/11/2014 - [] D -- C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 30/03/2011 - [] D -- C:\Program Files\Tavultesoft
O43 - CFD: 29/11/2015 - [] D -- C:\Program Files\Teller Of Future (Sinhala)
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\This PC
O43 - CFD: 14/07/2009 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 14/05/2015 - [] D -- C:\Program Files\VideoLAN
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 31/03/2011 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 31/03/2011 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Photo Viewer
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Windows Sidebar
O43 - CFD: 22/11/2015 - [] D -- C:\Program Files\WinRAR
O43 - CFD: 17/11/2015 - [] D -- C:\Program Files\Xpress Software
O43 - CFD: 29/11/2015 - [] D -- C:\Program Files\ZHPFix
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
O43 - CFD: 29/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 29/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvsoft
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris Graffiti 5.2
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ContactKeeper
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\dBpowerAMP Music Converter
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Efofex Software
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
O43 - CFD: 29/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstantPhotoSketch
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KoshyJohn.com
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
O43 - CFD: 29/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Address Book
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Effects Studio
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SinhalaTamilIME
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
O43 - CFD: 29/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 10
O43 - CFD: 29/11/2015 - [] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tavultesoft Keyman
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Data Recovery
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Program Uninstaller
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\ABBYY
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Adobe
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\AMD
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Apple
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Ashampoo
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\ATI
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Auslogics
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\AVAST Software
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\AVS4YOU
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Documents
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Driver Tool
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\EPSON
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Favorites
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Freemake
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Google
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\HitmanPro
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\IM
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\IncrediMail
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\IObit
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\MAGIX
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Malwarebytes
O43 - CFD: 29/11/2015 - [] SD -- C:\ProgramData\Microsoft
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Microsoft Help
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Mozilla
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Nero
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Nitro PDF
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Norton
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\NortonInstaller
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Ocerlolomuw
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Oracle
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Particles
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\PCSpeedupPro.com =>.Superfluous.PCSpeedUpPro
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\PCValidator =>.Superfluous.PCSpeedUpPro
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Photo Notifier and Animation Creator
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Pinnacle
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Pinnacle Studio Plus
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Pinnacle Studio Ultimate
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Pinnacle Studio Ultimate Collection
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\proDAD
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\ProductData =>PUP.Optional.Generic
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Real
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\simplitec
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Skype
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Start Menu
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Studio 12
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Studio 15
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Sun
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Symantec
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Tavultesoft
O43 - CFD: 14/07/2009 - [0] SHD -- C:\ProgramData\Templates
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\UDL
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\Xpress Software
O43 - CFD: 29/11/2015 - [] D -- C:\ProgramData\{03B09F86-626A-4E82-B967-C3706B9A717B}
O43 - CFD: 06/04/2015 - [] D -- C:\Program Files\Common Files\Adobe
O43 - CFD: 06/11/2014 - [] D -- C:\Program Files\Common Files\Apple
O43 - CFD: 19/12/2014 - [] D -- C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Common Files\designer
O43 - CFD: 29/03/2015 - [] D -- C:\Program Files\Common Files\EPSON
O43 - CFD: 07/05/2011 - [] D -- C:\Program Files\Common Files\InstallShield
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Common Files\MAGIX Services
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 19/11/2015 - [] D -- C:\Program Files\Common Files\Nero
O43 - CFD: 13/04/2011 - [] D -- C:\Program Files\Common Files\Nitro PDF
O43 - CFD: 15/12/2012 - [] D -- C:\Program Files\Common Files\Pinnacle
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\Services
O43 - CFD: 27/11/2015 - [] D -- C:\Program Files\Common Files\Skype
O43 - CFD: 14/07/2009 - [] D -- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 04/04/2015 - [] D -- C:\Program Files\Common Files\System
O43 - CFD: 08/11/2015 - [] D -- C:\Program Files\Common Files\Yahoo!
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\53184e6ccd6da1ad5c005fdc
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Adobe
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Adobe Mini Bridge CS5
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\AMS Software
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Anvsoft
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Apple Computer
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Ashampoo
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\ATI
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\AVAST Software
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\AVS4YOU
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\BitTorrent
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Brorsoft
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\CLiPW
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\com.adobe.amp
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Dashlane
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Downloaded Installations
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\dvdcss
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Efofex
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Epson
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Foxit Software
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Google
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\HWM BlackBox
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Icones
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Identities
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\IObit
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\KastorVideoConverter
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\KoshyJohn.com
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Macromedia
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\MAGIX
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Malwarebytes
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Media Center Programs
O43 - CFD: 29/11/2015 - [] SD -- C:\Users\pr\AppData\Roaming\Microsoft
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Mozilla
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\MPC-HC
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Nero
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Nitro PDF
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Opera Software
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\pcspeeduppro.com =>.Superfluous.PCSpeedUpPro
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\PDManager
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\proDAD
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Real
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\RealNetworks
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Regressi
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\simplitec
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Skype
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Softplicity
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Sony Corporation
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Thunderbird
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\vlc
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Wabbitemu
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\WindowsFileOpener =>Adware.InstallCore
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\WinRAR
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\ZHP
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\ABBYY
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Adobe
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Aiseesoft Studio
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Albelli Livres Photos
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Apple
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Apple Computer
O43 - CFD: 30/03/2011 - [0] SHD -- C:\Users\pr\AppData\Local\Application Data
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\ApplicationHistory
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Apps
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\ashampoo
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\ATI
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Chromium
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Deployment
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Downloaded Installations
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Efofex
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Ezr8
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\fontconfig
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\FreemakeVideoConverter
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\GAS Softwares
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\gegl-0.2
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\GGEmpire
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Google
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\gtk-2.0
O43 - CFD: 30/03/2011 - [0] SHD -- C:\Users\pr\AppData\Local\History
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\IM
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\JMP7 Data
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Macromedia
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Magix
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Microsoft
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Microsoft Games
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Microsoft Help
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Mozilla
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Opera Software
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Packages
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Pinnacle
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Programs
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Real
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Skype
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Temp
O43 - CFD: 30/03/2011 - [0] SHD -- C:\Users\pr\AppData\Local\Temporary Internet Files
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Thunderbird
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\VirtualStore
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Vistaprint Livres photo
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\webkit
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Local\Xara
O43 - CFD: 29/11/2015 - [] RD -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 29/11/2015 - [] RD -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ashampoo
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\dBpowerAMP Music Converter
O43 - CFD: 29/11/2015 - [] RD -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 12
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
O43 - CFD: 29/11/2015 - [] RD -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\This PC
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vistaprint Livres photo
O43 - CFD: 29/11/2015 - [] D -- C:\Users\pr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

---\\ ShellIconOverlayIdentifiers (SIOI) (9) - 0s
O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\AVAST Software\Avast\ashShell.dll ©
O106 - SIOI: Enhanced Storage Icon Overlay Handler Class [EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}. (.Microsoft Corporation - Windows Enhanced Storage Shell Extension DL.) -- C:\Windows\System32\EhStorShell.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 1 (GFS Unread Stub) [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] - {99FD978C-D287-4F50-827F-B2C658EDA8E7}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2 (GFS Stub) [Groove Explorer Icon Overlay 2 (GFS Stub)] - {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] - {920E6DB1-9907-4370-B3A0-BAFC03D81399}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 3 (GFS Folder) [Groove Explorer Icon Overlay 3 (GFS Folder)] - {16F3DD56-1AF5-4347-846D-7C10C4192619}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: Groove Explorer Icon Overlay 4 (GFS Unread Mark) [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] - {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}. (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll ©
O106 - SIOI: [Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81}. (.Microsoft Corporation - Client Side Caching UI.) -- C:\Windows\System32\cscui.dll ©
O106 - SIOI: Sharing Overlay (Private) [SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235}. (.Microsoft Corporation - Shell extensions for sharing.) -- C:\Windows\System32\ntshrui.dll ©

---\\ System Drivers List (87) - 9s
O58 - SDL:2015/05/17 12:06:50 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\0C376171.sys [119512] ©
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [422976] ©
O58 - SDL:2009/07/14 02:26:17 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297552] ©
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [146512] ©
O58 - SDL:2009/07/14 02:26:15 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14400] ©
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [79952] ©
O58 - SDL:2009/07/14 02:26:15 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\Windows\System32\drivers\amdsbs.sys [159312] ©
O58 - SDL:2009/07/14 02:26:15 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [23616] ©
O58 - SDL:2011/11/28 13:51:44 A . (.AnvSoft Inc. - AnvSoft Virtual Audio Device.) -- C:\Windows\System32\drivers\anvsnddrv.sys [32896]
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [76368] ©
O58 - SDL:2009/07/14 02:26:15 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [86608] ©
O58 - SDL:2004/08/13 08:56:20 A . (. - ATK0110 ACPI Utility.) -- C:\Windows\System32\drivers\ASACPI.sys [5810]
O58 - SDL:2015/11/08 20:05:55 A . (.AVAST Software - avast! HWID.) -- C:\Windows\System32\drivers\aswHwid.sys [24016] ©
O58 - SDL:2015/11/08 20:05:45 A . (.AVAST Software - avast! Keyboard Filter Driver.) -- C:\Windows\System32\drivers\aswKbd.sys [26096] ©
O58 - SDL:2015/11/08 20:05:55 A . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [81168] ©
O58 - SDL:2015/11/08 20:05:32 A . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\System32\drivers\aswNdisFlt.sys [283072] ©
O58 - SDL:2011/09/06 22:36:38 A . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [34392] ©
O58 - SDL:2015/11/08 20:05:55 A . (.AVAST Software - avast! WFP Redirect Driver.) -- C:\Windows\System32\drivers\aswRdr2.sys [81728] ©
O58 - SDL:2015/11/08 20:05:55 A . (.AVAST Software - avast! Revert.) -- C:\Windows\System32\drivers\aswRvrt.sys [49776] ©
O58 - SDL:2015/11/08 20:05:45 A . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\System32\drivers\aswSnx.sys [794952] ©
O58 - SDL:2015/11/08 20:05:55 A . (.AVAST Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [435464] ©
O58 - SDL:2015/11/08 20:05:55 A . (.AVAST Software - Stream Filter.) -- C:\Windows\System32\drivers\aswStm.sys [117200] ©
O58 - SDL:2015/11/08 20:05:55 A . (.AVAST Software - avast! VM Monitor.) -- C:\Windows\System32\drivers\aswVmm.sys [209432] ©
O58 - SDL:2012/05/14 07:12:28 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\System32\drivers\AtihdW73.sys [86656] ©
O58 - SDL:2013/04/30 05:14:44 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\System32\drivers\atikmdag.sys [10070016] ©
O58 - SDL:2013/04/30 03:47:52 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\System32\drivers\atikmpag.sys [290304] ©
O58 - SDL:2009/07/13 23:02:49 A . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x.) -- C:\Windows\System32\drivers\b57nd60x.sys [229888] ©
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] ©
O58 - SDL:2009/07/13 23:53:28 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] ©
O58 - SDL:2009/07/14 01:57:25 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [272128] ©
O58 - SDL:2009/07/13 23:53:32 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] ©
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] ©
O58 - SDL:2009/07/13 23:53:33 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] ©
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\System32\drivers\bxvbdx.sys [430080] ©
O58 - SDL:2009/07/14 02:26:21 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [15952] ©
O58 - SDL:2009/07/14 02:20:28 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [70720] ©
O58 - SDL:2009/07/14 02:20:28 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [453712] ©
O58 - SDL:2009/07/13 23:02:48 A . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\System32\drivers\evbdx.sys [3100160] ©
O58 - SDL:2012/08/21 12:01:22 A . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\drivers\GEARAspiWDM.sys [26840] ©
O58 - SDL:2009/07/13 23:54:14 A . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for.) -- C:\Windows\System32\drivers\hcw85cir.sys [26624] ©
O58 - SDL:2009/07/14 02:20:28 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\Windows\System32\drivers\HpSAMD.sys [67152] ©
O58 - SDL:2009/02/08 21:42:42 A . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJP.) -- C:\Windows\System32\drivers\hxctlflt.sys [99968] ©
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332352] ©
O58 - SDL:2009/07/14 02:20:36 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41040] ©
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [95824] ©
O58 - SDL:2009/07/14 02:20:37 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [89168] ©
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas2.sys [54864] ©
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [96848] ©
O58 - SDL:2007/05/09 08:36:18 A . (.Pinnacle a division of Avid Technology, Inc. - Marvin Series USB AVStream Driver.) -- C:\Windows\System32\drivers\MarvinAVS.sys [434176]
O58 - SDL:2005/09/23 22:18:32 A . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\Windows\System32\drivers\MarvinBus.sys [171520] ©
O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] ©
O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] ©
O58 - SDL:2015/11/29 11:48:40 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [170200] ©
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [30800] ©
O58 - SDL:2009/07/14 02:20:36 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\drivers\MegaSR.sys [235584] ©
O58 - SDL:2015/10/05 09:50:16 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] ©
O58 - SDL:2009/07/14 02:20:44 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [44624] ©
O58 - SDL:2015/11/08 20:05:36 A . (.AVAST Software - avast! NG snapshot driver.) -- C:\Windows\System32\drivers\ngvss.sys [121368] ©
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117312] ©
O58 - SDL:2009/07/14 02:20:44 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [142416] ©
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [1383488] ©
O58 - SDL:2009/07/14 02:19:04 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106064] ©
O58 - SDL:2009/07/13 23:02:52 A . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Dr.) -- C:\Windows\System32\drivers\Rt86win7.sys [139776] ©
O58 - SDL:2009/07/13 21:50:20 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] ©
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [40016] ©
O58 - SDL:2009/07/14 02:19:04 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [77888] ©
O58 - SDL:2008/07/16 07:59:38 A . (.Copyright 2004-2007 - USBCAMD for Sonix UVC.) -- C:\Windows\System32\drivers\sncduvc.sys [27264]
O58 - SDL:2009/04/22 12:46:42 A . (.Copyright 2004-2007 - UVC Camera Streaming Driver.) -- C:\Windows\System32\drivers\snp2uvc.sys [3482112]
O58 - SDL:2009/07/14 02:19:04 A . (.Promise Technology - Promise SuperTrak EX Series Driver for Win.) -- C:\Windows\System32\drivers\stexstor.sys [21072] ©
O58 - SDL:2012/12/13 12:50:38 A . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\drivers\usbaapl.sys [45056] ©
O58 - SDL:2009/07/14 02:19:10 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [16976] ©
O58 - SDL:2009/07/14 02:19:11 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\drivers\vsmraid.sys [141904] ©
O58 - SDL:2009/07/13 22:40:41 A . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2009/07/13 22:40:44 A . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:2009/07/13 22:40:40 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2009/07/13 22:40:43 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2009/07/13 22:40:23 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2009/07/13 22:40:31 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2009/07/13 22:40:35 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2009/07/13 22:40:39 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2009/07/13 22:40:27 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2009/07/13 22:40:11 A . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2009/07/13 22:40:15 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2009/07/13 22:40:17 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2009/07/13 22:40:19 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2009/07/13 22:40:13 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672]

---\\ Last modified or created user files (7) - 8s
O61 - LFC: 2015/11/29 11:41:26 A . (.Enigma Software Group USA, LLC..) -- C:\Users\pr\Downloads\sh-remover.exe [3237248] =>.Superfluous.SpyHunter
O61 - LFC: 2034/03/09 08:49:32 A . (..) -- C:\Users\pr\Desktop\WinRAR 5.21 Beta 1 (32 & 64 bit)\Winrar 64bit 521b1.exe [1937328]
O61 - LFC: 2015/11/29 10:27:33 A . (..) -- C:\Users\pr\AppData\Roaming\wyddf-a.exe [403456]
O61 - LFC: 2015/11/25 15:22:52 A . (..) -- C:\Users\pr\AppData\Roaming\pcspeeduppro.com\PC Speedup Pro\exlist.bin [258033] =>.Superfluous.PCSpeedUpPro
O61 - LFC: 2015/11/29 11:39:37 A . (..) -- C:\Users\pr\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082]
O61 - LFC: 2015/11/29 11:32:13 A . (..) -- C:\Users\pr\AppData\Local\ATI\ACE\Manifest.Bin [30466]
O61 - LFC: 2015/11/28 14:55:35 A . (..) -- C:\Users\pr\AppData\Local\Adobe\Acrobat\11.0\UserCache.bin [150112]

---\\ File Associations Shell Spawning (9) - 1s
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe ©
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\Windows\System32\eventvwr.exe ©
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\wscript.exe ©
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\Windows\regedit.exe ©
O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S

---\\ Start Menu Internet (16) - 0s
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\Launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe ©
O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Avast Software - Avast SafeZone Browser.) -- C:\Program Files\AVAST Software\SZBrowser\launcher.exe ©

---\\ Search Browser Infection (2) - 0s
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com/
O69 - SBI: SearchScopes [HKCU] {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} [DefaultScope] - (Google) - http://www.google.com/

---\\ Search Svchost Services (33) - 2s
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\Windows\System32\aelupsvc.dll [62464] ©
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] ©
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [67584] ©
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\Windows\System32\srvsvc.dll [168448] ©
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\Windows\System32\gpsvc.dll [591360] ©
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\Windows\System32\IKEEXT.DLL [667136] ©
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\Windows\System32\audiosrv.dll [473088] ©
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\Windows\System32\rasauto.dll [90624] ©
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\Windows\System32\rasmans.dll [285184] ©
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\Windows\System32\mprdim.dll [75264] ©
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\Windows\System32\Sens.dll [49664] ©
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\Windows\System32\ipnathlp.dll [300544] ©
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\Windows\System32\tapisrv.dll [241664] ©
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Remote Desktop Session Host Server Remote C.) -- C:\Windows\System32\termsrv.dll [543232] ©
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1912832] ©
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\Windows\System32\qmgr.dll [589312] ©
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\Windows\System32\shsvcs.dll [328192] ©
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\Windows\System32\iphlpsvc.dll [497152] ©
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\Windows\System32\seclogon.dll [21504] ©
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\Windows\System32\appinfo.dll [46592] ©
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\Windows\System32\iscsiexe.dll [114688] ©
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\Windows\System32\mmcss.dll [49664] ©
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\Windows\System32\wercplsupport.dll [61440] ©
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\Windows\System32\eapsvc.dll [98304] ©
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [162816] ©
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\Windows\System32\schedsvc.dll [749056] ©
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\Windows\System32\KMSVC.DLL [71168] ©
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Remote Desktop Configuration service.) -- C:\Windows\System32\SessEnv.dll [99328] ©
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] ©
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\Windows\System32\browser.dll [102400] ©
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Theme Service Dll.) -- C:\Windows\System32\themeservice.dll [37376] ©
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE Service.) -- C:\Windows\System32\bdesvc.dll [76800] ©
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Software installation Service.) -- C:\Windows\System32\appmgmts.dll [149504] ©

---\\ Services not Microsoft (SR=Run, SS=Stop) (14) - 38s

SR - Auto [28/10/2015] [ 82128] Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe ©
SS - Demand [11/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe ©
SR - Auto [30/04/2013] [ 217088] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe ©
SR - Auto [08/11/2015] [ 174416] Avast Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe ©
SR - Auto [08/11/2015] [ 109520] Avast Firewall (avast! Firewall) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\afwServ.exe ©
SR - Demand [08/11/2015] [ 4390776] AvastVBox COM Service (AvastVBoxSvc) . (.Avast Software.) - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe ©
SR - Auto [30/04/2015] [ 164888] GoogleInputService (GoogleInputService) . (.Google Inc.) - C:\Program Files\Google\Google Input Tools\GoogleInputService.exe ©
SS - Auto [12/09/2015] [ 144200] Service Google Update (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
SS - Demand [12/09/2015] [ 144200] Service Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe ©
SS - Auto [05/10/2015] [ 1135416] (MBAMService) . (.Malwarebytes.) - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe ©
SR - Auto [26/01/2009] [ 1153368] SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe ©
SS - Auto [09/07/2015] [ 327296] Skype Updater (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe ©
SS - Demand [19/02/2010] [ 517096] (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ©

---\\ Additional Scan (O88) (9) - 0s
HKCU\SOFTWARE\553EB3D537C61AC0 =>PUP.Optional.Heuristic
C:\Users\pr\AppData\Roaming\Mozilla\Firefox\Profiles\x6nr21ee.default\searchplugins\Search Provided by Yahoo.xml =>PUP.Optional.BDYahoo
C:\Program Files\PC Speedup Pro =>.Superfluous.PCSpeedUpPro
C:\ProgramData\PCSpeedupPro.com =>.Superfluous.PCSpeedUpPro
C:\ProgramData\PCValidator =>.Superfluous.PCSpeedUpPro
C:\ProgramData\ProductData =>PUP.Optional.Generic
C:\Users\pr\AppData\Roaming\pcspeeduppro.com =>.Superfluous.PCSpeedUpPro
C:\Users\pr\AppData\Roaming\WindowsFileOpener =>Adware.InstallCore
C:\Users\pr\AppData\Roaming\pcspeeduppro.com\PC Speedup Pro\exlist.bin =>.Superfluous.PCSpeedUpPro

---\\ Summary of the elements found (5) - 0s
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Heuristic
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.BDYahoo
http://www.nicolascoolman.fr/?p=5020 =>.Superfluous.PCSpeedUpPro
http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic
http://www.nicolascoolman.fr/?p=279 =>Adware.InstallCore

~ End of the scan, 21026 items in 188 seconds (1013)(0)

Publicité


Signaler le contenu de ce document

Publicité