~ ZHPDiag v2015.11.23.173 By Nicolas Coolman (2015/11/23) ~ Run by Mocro (Administrator) (2015/11/24 21:56:17) ~ Web: http://www.nicolascoolman.fr ~ Facebook: https://www.facebook.com/nicolascoolman1 ~ State version: Version OK ~ Mode: Scan ~ Report: C:\Users\Mocro\Desktop\ZHPDiag.txt ~ Report: C:\Users\Mocro\AppData\Roaming\ZHP\ZHPDiag.txt ~ UAC: Activate ~ System startup: Normal (Normal boot) Windows VISTA, 32-bit (Build 6000) ---\\ Internet Browsers (2) - 0s MFIE: Mozilla Firefox 5.0.1 (x86 fr) v5.0.1 MSIE: Internet Explorer v7.0.6000.16757 ---\\ Windows Product Information (4) - 0s ~ Windows Server License Manager Script : OK ~ Licence Script File Génération : OK Windows Automatic Updates : OK Windows Activation Technologies : KO ---\\ System protection software (3) - 12s avast! Free Antivirus v5.0.594.0 Malwarebytes Anti-Malware version 2.2.0.1024 Windows Defender VISTA (Activate) ---\\ System optimization software (1) - 12s CCleaner v5.06 ---\\ Surveillance software (2) - 12s Adobe Flash Player 19 NPAPI Adobe Reader 8.3.1 - Français ---\\ Information on the system (6) - 0s ~ Operating System: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32-bit ~ Boot mode: Normal (Normal boot) Total RAM: 2086.72 MB (31% free) System Restore: Activé (Enable) System drive C: has 42 GB () free of 108 GB ---\\ Connection to the system mode (3) - 0s ~ Computer Name: MOCRO-PC ~ User Name: Mocro ~ Logged in as Administrator ---\\ Enumeration of the disk units (2) - 0s ~ Drive C: has 42 GB free of 108 GB (System) ~ Drive D: has 1 GB free of 5 GB ---\\ State of the Windows Security Center (12) - 0s [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: Modified [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ---\\ Search Generic System Files (23) - 3s [MD5.37440D09DEAE0B672A04DCCF7ABF06BE] - 29/10/2008 - (.Microsoft Corporation - Windows Explorer.) -- C:\Windows\Explorer.exe [2923520] © [MD5.4B555106290BD117334E9A08761C035A] - 02/11/2006 - (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe [44544] © [MD5.D4385B03E8CCCEE6F0EE249F827C1F3E] - 02/11/2006 - (.Microsoft Corporation - Windows Start-Up Application.) -- C:\Windows\System32\Wininit.exe [95744] © [MD5.8BF7D225505A4ADA25D9444E91811CEA] - 02/10/2008 - (.Microsoft Corporation - Internet Extensions for Win32.) -- C:\Windows\System32\wininet.dll [826368] © [MD5.9F75392B9128A91ABAFB044EA350BAAD] - 02/11/2006 - (.Microsoft Corporation - Windows Logon Application.) -- C:\Windows\System32\Winlogon.exe [308224] © [MD5.1CF533790D3D883A7AB671040FB18A93] - 23/06/2008 - (.Microsoft Corporation - DNS Client API DLL.) -- C:\Windows\System32\dnsapi.dll [162816] © [MD5.5D24CAF8EFD924A875698FF28384DB8B] - 02/11/2006 - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\drivers\AFD.sys [270336] © [MD5.B35CFCEF838382AB6490B321C87EDF17] - 23/06/2008 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\Windows\System32\drivers\atapi.sys [21560] © [MD5.6C3A437FC873C6F6A4FC620B6888CB86] - 02/11/2006 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\Windows\System32\drivers\Cdfs.sys [70144] © [MD5.8D1866E61AF096AE8B582454F5E4D303] - 02/11/2006 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\Windows\System32\drivers\Cdrom.sys [67072] © [MD5.A7179DE59AE269AB70345527894CCD7C] - 02/11/2006 - (.Microsoft Corporation - DFS Client MUP Surrogate Driver.) -- C:\Windows\System32\drivers\DfsC.sys [74752] © [MD5.0DB613A7E427B5663563677796FD5258] - 18/05/2007 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\Windows\System32\drivers\HDAudBus.sys [53760] © [MD5.1C9EE072BAA3ABB460B91D7EE9152660] - 23/06/2008 - (.Microsoft Corporation - i8042 Port Driver.) -- C:\Windows\System32\drivers\i8042prt.sys [54784] © [MD5.10077C35845101548037DF04FD1A420B] - 02/11/2006 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\drivers\IpNat.sys [99840] © [MD5.8AF705CE1BB907932157FAB821170F27] - 23/02/2010 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\Windows\System32\drivers\MRxSmb.sys [102400] © [MD5.E3A168912E7EEFC3BD3B814720D68B41] - 02/11/2006 - (.Microsoft Corporation - MBT Transport driver.) -- C:\Windows\System32\drivers\netBT.sys [184320] © [MD5.37430AA7A66D7A63407ADC2C0D05E9F6] - 23/06/2008 - (.Microsoft Corporation - NT File System Driver.) -- C:\Windows\System32\drivers\ntfs.sys [1060920] © [MD5.0FA9B5055484649D63C303FE404E5F4D] - 02/11/2006 - (.Microsoft Corporation - Parallel Port Driver.) -- C:\Windows\System32\drivers\Parport.sys [79360] © [MD5.68B0019FEE429EC49D29017AF937E482] - 18/05/2007 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\Windows\System32\drivers\Rasl2tp.sys [74752] © [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - 02/11/2006 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\Windows\System32\drivers\rdpdr.sys [242688] © [MD5.AC0D90738ADB51A6FD12FF00874A2162] - 02/11/2006 - (.Microsoft Corporation - SMB Transport driver.) -- C:\Windows\System32\drivers\smb.sys [66048] © [MD5.AB4FDE8AF4A0270A46A001C08CBCE1C2] - 02/11/2006 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\Windows\System32\drivers\tdx.sys [68096] © [MD5.80DC0C9BCB579ED9815001A4D37CBFD5] - 23/06/2008 - (.Microsoft Corporation - Volume Shadow Copy Driver.) -- C:\Windows\System32\drivers\volsnap.sys [211000] © ---\\ Non Microsoft non disabled Windows Services (18) - 2s O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe © O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) . (.Copyright 2004 - CLCapSvc Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) . (.Copyright 2004 - CLSched Module.) - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\WINDOWS\System32\FsUsbExService.Exe © O23 - Service: خدمة تحديث Google (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe © O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe © O23 - Service: hpqwmiex (hpqwmiex) . (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe © O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe © O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) . (.UASSOFT.COM - Keyboard And Mouse Communication Service.) - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe © O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - .) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe © O23 - Service: LiveUpdate (LiveUpdateSvc) . (.IObit - Product Updater.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe © O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\My Downloads\Malwarebytes Anti-Malware\mbamscheduler.exe © O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\My Downloads\Malwarebytes Anti-Malware\mbamservice.exe © O23 - Service: Meditel Monaco Modem Device Helper (Meditel Monaco Modem Device Helper) . (...) - C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe O23 - Service: Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor - Realtek Audio Service.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe © O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe © O23 - Service: UI Assistant Service (UI Assistant Service) . (...) - C:\Program Files\Internet Mobile+\AssistantServices.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc. - ULCDRSvr.) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe © ---\\ Task Planned Automatically (26) - 7s [MD5.280A526E8111AC6A5BCC1A059E1E0340] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe [269000] © [MD5.C00CEC99D4331668E7EF05CB8E9D1F8D] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [252296] © [MD5.EE526B0428581B57FFC571FF57309E28] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [6369048] © [MD5.84770B3DD90C26C7818EBE33A019D361] [APT] [Driver Booster Scheduler] (.IObit.) -- C:\Program Files\IObit\Driver Booster\Scheduler.exe [1001792] © [MD5.765D831C472A2E281A11FD34EE119CD9] [APT] [Driver Booster SkipUAC (Mocro)] (.IObit.) -- C:\Program Files\IObit\Driver Booster\DriverBooster.exe [4527424] © [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core] (.Facebook Inc..) -- C:\Users\Mocro\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] © [MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000UA] (.Facebook Inc..) -- C:\Users\Mocro\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] © [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848] © [MD5.E1B44A75947137F4143308D566889837] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848] © [MD5.DD7423ABBE2913E70D50E9318AD57EE4] [APT] [GoogleUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core] (.Google Inc..) -- C:\Users\Mocro\AppData\Local\Google\Update\GoogleUpdate.exe [144200] © O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\Tasks\Adobe Flash Player Updater.job [830] © O39 - APT: FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core.job [906] © O39 - APT: FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000UA - (.Facebook Inc..) -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000UA.job [928] © O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [826] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [830] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core - (.Google Inc..) -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core.job [800] © O39 - APT: Adobe Flash Player Updater - (.Adobe Systems Incorporated.) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [3684] © O39 - APT: avast! Emergency Update - (.AVAST Software.) -- C:\Windows\System32\Tasks\avast! Emergency Update [4184] © O39 - APT: CCleanerSkipUAC - (.Piriform Ltd.) -- C:\Windows\System32\Tasks\CCleanerSkipUAC [2790] © O39 - APT: Driver Booster Scheduler - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster Scheduler [3230] © O39 - APT: Driver Booster SkipUAC (Mocro) - (.IObit.) -- C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mocro) [2862] © O39 - APT: FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core [3538] © O39 - APT: FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000UA - (.Facebook Inc..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000UA [3906] © O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [3574] © O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [3826] © O39 - APT: GoogleUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core - (.Google Inc..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2979961998-2712055377-544331632-1000Core [3340] © ---\\ Process running (32) - 11s [MD5.379C10E53757C1C0EB649DCF9155292D] - (.Realtek Semiconductor - Realtek Audio Service.) -- C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [255192] [PID.1544] © [MD5.193EAC8FA4E4FC40B45FB66643EFECEF] - (.Realtek Semiconductor - HD Audio Background Process.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1015512] [PID.1656] © [MD5.B2386A8E66891F7CFEC9F5A03F0F1210] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [40384] [PID.1996] © [MD5.E1B44A75947137F4143308D566889837] - (.Google Inc. - Google Installer.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107848] [PID.1092] © [MD5.DBAFC6734C054FEEF9087754BD80F847] - (.Copyright 2004 - CLCapSvc Module.) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [262243] [PID.2192] [MD5.96633419F4A1E37ACB89B45EBCCFE001] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\System32\FsUsbExService.Exe [238952] [PID.2280] © [MD5.582F2D900A3AC34C98FBDC2C0ABEF6B9] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe [355096] [PID.2408] © [MD5.A4A9ADB8E7005785D2C1F4FF8C7B70BB] - (.UASSOFT.COM - Keyboard And Mouse Communication Service.) -- C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe [208896] [PID.2472] © [MD5.559C9B7800FAC92FC515CD0003D7C631] - (.Hewlett-Packard Company - .) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.2512] © [MD5.86701B8E4C53280AA8642AC85F8500F4] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\My Downloads\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160] [PID.2612] © [MD5.E27891A49DF92004041FEC5C3A2D4230] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\My Downloads\Malwarebytes Anti-Malware\mbamservice.exe [1080120] [PID.2708] © [MD5.D0A518D233620D59A3D2D79511FBB736] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\My Downloads\Malwarebytes Anti-Malware\mbam.exe [6212408] [PID.2716] © [MD5.AEF17A4841407D7071D002E3EB6199EA] - (...) -- C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe [45056] [PID.2792] [MD5.D358E077A0A05D9B12DA22D137EE8464] - (.Microsoft Corp. - Microsoft SeaPort Search Enhancement Broker.) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [226656] [PID.2908] © [MD5.9DA3B55B17B54789AFB8C657D4ACE4D7] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) -- C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688] [PID.3044] © [MD5.E864E8036BB50136BBBD2522C9389218] - (...) -- C:\Program Files\Internet Mobile+\AssistantServices.exe [261456] [PID.3128] [MD5.332D341D92B933600D41953B08360DFB] - (.Ulead Systems, Inc. - ULCDRSvr.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152] [PID.3204] © [MD5.04C1DCBB226C6AE647B794833CE3CEB6] - (.Hewlett-Packard Development Company, L.P. - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [135168] [PID.3344] © [MD5.C5C241A18788EED88E6C276D04B7D6AB] - (.Intel Corporation - igfxsrvc Module.) -- C:\WINDOWS\System32\igfxsrvc.exe [252952] [PID.1480] © [MD5.38AE7A942FC3FAB1C6A27EB65DE8F827] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2837864] [PID.1664] © [MD5.2CEEB349216FEBD91A907013D4ABCFF7] - (.Hewlett-Packard - HP Health Check Service.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [62984] [PID.3628] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.4920] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.5036] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.4172] © [MD5.DD7423ABBE2913E70D50E9318AD57EE4] - (.Google Inc. - Google Installer.) -- C:\Users\Mocro\AppData\Local\Google\Update\GoogleUpdate.exe [144200] [PID.5160] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.4276] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.2228] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.4568] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.3900] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.4292] © [MD5.7A2870C2A8283B3630BF7670D0362B94] - (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe [811848] [PID.4712] © [MD5.6A47DAC7CE1D527F3004DCB97FC4EBED] - (.Copyright (C) 2015 Nicolas Coolman - ZHPDiag.) -- C:\Users\Mocro\Desktop\ZHPDiag3.exe [1970176] [PID.4184] © ---\\ Google Chrome, Start,Search,Extensions (7) - 1s G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [chfdnecihphmhljaaejmgoiahnihplgn] AVG Web TuneUp =>Toolbar.AVGSafeGuard G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [ghbmnnjooekpmoecnnnilnnbdlolhkhi] __MSG_extName__ G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc. G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Google Chrome manifest =>.Google Inc. ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (5) - 1s M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{231D7D17-4F1B-4933-AB61-E502DB82FD11} M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Adobe Systems Incorporated.) -- C:\WINDOWS\System32\Macromed\Flash\NPSWF32_19_0_0_245.dll © ---\\ Opera, Plugins,Start,Search (1) - 0s B0 - SPO: C:\Users\Mocro\AppData\Roaming\Opera\Opera\operaprefs.ini [Mocro] ---\\ Internet Explorer Extensions, Start, Search (11) - 1s R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.wana.ma R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://securityresponse.symantec.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://securityresponse.symantec.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://securityresponse.symantec.com/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphean =>.Microsoft Internet Explorer R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ---\\ Internet Explorer, Proxy Management (5) - 0s R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ---\\ Line Analysis, IniFiles, Auto loading programs (3) - 0s F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe (.Microsoft Corporation.) © F2 - REG:system.ini: Shell=C:\Windows\explorer.exe (.Microsoft Corporation.) © F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ---\\ Hosts file redirection (1) - 0s ~ Le fichier hôte est sain (The hosts file is clean) (20) ---\\ Browser Helper Object (BHO) (7) - 0s O2 - BHO: IGMONObj Class - {02464DDC-3187-11D8-8004-0020ED227566} . (.Presenta Ltd. - iGetter Browser Module.) -- C:\Program Files\iGetter\Integration\IGMON.dll O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll © O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corp. - Microsoft Search Helper Extention.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll © O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll © O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} (Orphean) O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll © O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll © ---\\ Internet Explorer Toolbars (1) - 0s O3 - Toolbar: 0xB1C218236549D4119B18009027A5CD4F - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} . (...) -- (.not file.) ---\\ Auto loading programs from Registry and folders (11) - 1s O4 - HKLM\..\Run: [NPSStartup] (Orphean) O4 - HKLM\..\Run: [avast5] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe © O4 - HKLM\..\Run: [WAWifiMessage] . (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe © O4 - HKLM\..\Run: [MSConfig] . (.Microsoft Corporation - System Configuration Utility.) -- C:\WINDOWS\System32\msconfig.exe © O4 - HKLM\..\RunOnce: [Launcher] . (.soft thinks - Launcher.) -- C:\WINDOWS\SMINST\Launcher.exe O4 - HKCU\..\Run: [EleFunAnimatedWallpaper] (Orphean) O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe © O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe © O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe © O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] . (.Microsoft Corporation - Windows host process (Rundll32).) -- C:\Windows\System32\rundll32.exe © O4 - HKUS\S-1-5-21-2979961998-2712055377-544331632-1000\..\Run: [EleFunAnimatedWallpaper] (Orphean) ---\\ Lop.com/Domain Hijackers (12) - 0s O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 41.214.140.5 8.8.8.8 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.217.0.1 212.217.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 41.214.140.5 8.8.8.8 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 212.217.0.1 212.217.1.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 41.214.140.5 8.8.8.8 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 192.168.60.58 192.168.50.55 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 212.217.0.1 212.217.1.1 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ---\\ Extra protocols (27) - 1s O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\System32\mshtml.dll © O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\System32\MSVidCtl.dll © O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\System32\itss.dll © O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\System32\mshtml.dll © O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler.) -- C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll © O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\System32\mshtml.dll © O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\WINDOWS\System32\inetcomm.dll © O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll © O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\System32\itss.dll © O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll © O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler.) -- C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1235.0517.dll © O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\System32\mshtml.dll © O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX control for streaming video.) -- C:\WINDOWS\System32\MSVidCtl.dll © O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML Viewer.) -- C:\WINDOWS\System32\mshtml.dll © O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll © O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll © O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll © O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\System32\urlmon.dll © O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL © ---\\ Software installed (84) - 26s O42 - Logiciel: Adobe Flash Player 19 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX © O42 - Logiciel: Adobe Flash Player 19 NPAPI - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player NPAPI © O42 - Logiciel: Adobe Reader 8.3.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A83000000003} © O42 - Logiciel: avast! Free Antivirus v5.0.594.0 - (.Alwil Software.) [HKLM] -- avast5 © O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner © O42 - Logiciel: Conjugaison - (.homework.) [HKLM] -- {057AA4D8-559F-42B1-98A0-508303834B2E} © O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite © O42 - Logiciel: DigiNET - (...) [HKLM] -- ST5UNST #1 O42 - Logiciel: Driver Booster 3.0 - (.IObit.) [HKLM] -- Driver Booster_is1 © O42 - Logiciel: ESU for Microsoft Vista - (.Hewlett-Packard.) [HKLM] -- {1517A7CB-5F00-4A88-8F06-E89B6DB63784} © O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3} © O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} © O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} © O42 - Logiciel: Hard Disk Low Level Format Tool 2.36 build 1181 - (.HDDGURU.) [HKLM] -- Hard Disk Low Level Format Tool_is1 © O42 - Logiciel: Hewlett-Packard Active Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E} © O42 - Logiciel: Hewlett-Packard Asset Agent - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367} © O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {290B83AA-093A-45BF-A917-D1C4A1E8D917} © O42 - Logiciel: HP Active Support Library 32 bit components - (.Hewlett-Packard.) [HKLM] -- {FAB0C302-CB18-4A7A-BA03-C3DC23101A68} © O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {AB5E289E-76BF-4251-9F3F-9B763F681AE0} © O42 - Logiciel: HP Doc Viewer - (.Hewlett-Packard.) [HKLM] -- {082702D5-5DD8-4600-BCE5-48B15174687F} © O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {40F7AED3-0C7D-4582-99F6-484A515C73F2} © O42 - Logiciel: HP Help and Support - (.Hewlett-Packard.) [HKLM] -- {9061CEF2-51F5-42C9-8A70-9ED351C6597A} © O42 - Logiciel: HP Photosmart Essential 2.0 - (.HP.) [HKLM] -- HP Photosmart Essential © O42 - Logiciel: HP Quick Launch Buttons 6.20 B1 - (.Hewlett-Packard.) [HKLM] -- {34D2AB40-150D-475D-AE32-BD23FB5EE355} © O42 - Logiciel: HP QuickPlay 3.2 - (...) [HKLM] -- {45D707E9-F3C4-11D9-A373-0050BAE317E1} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB} © O42 - Logiciel: HP User Guides 0057 - (.Hewlett-Packard.) [HKLM] -- {DDFD9BA2-8E26-4E49-92AE-882424DAB1BC} © O42 - Logiciel: HP Wireless Assistant - (.Hewlett-Packard.) [HKLM] -- {D32067CD-7409-4792-BFA0-1469BCD8F0C8} © O42 - Logiciel: Indeo® software - (...) [HKLM] -- Indeo® software O42 - Logiciel: Inpaint - (.Teorex.) [HKLM] -- {B6BCCB80-B3FC-4E97-8513-A7BEE73A5C5A} © O42 - Logiciel: Intel Matrix Storage Manager - (...) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI © O42 - Logiciel: Intel(R) TV Wizard - (.Intel Corporation.) [HKLM] -- TVWiz © O42 - Logiciel: Internet Mobile+ - (.ZTE Corporation.) [HKLM] -- {A9E5EDA7-2E6C-49E7-924B-A32B89C24A04} © O42 - Logiciel: Java(TM) 6 Update 45 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216045FF} © O42 - Logiciel: Java(TM) SE Runtime Environment 6 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160000} © O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5} © O42 - Logiciel: K-Lite Codec Pack 3.4.5 Full - (...) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: MagdSoft News - (.MagdSoft.) [HKLM] -- MagdSoft News2.0.0 O42 - Logiciel: Malwarebytes Anti-Malware version 2.2.0.1024 - (.Malwarebytes.) [HKLM] -- Malwarebytes Anti-Malware_is1 © O42 - Logiciel: Meditel Monaco HSPA USB MODEM - (.Meditel.) [HKLM] -- Meditel Monaco HSPA USB MODEM_is1 © O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {9C9CEB9D-53FD-49A7-85D2-FE674F72F24E} © O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} © O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5} © O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB} © O42 - Logiciel: Microsoft VM for Java - (...) [HKLM] -- MsJavaVM O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6D52C408-B09A-4520-9B18-475B81D393F1} © O42 - Logiciel: Modem USB LG Electronics - (.LG Electronics.) [HKLM] -- {3DC6E06A-F0F7-47F7-8479-FFCAF60F538F} © O42 - Logiciel: Morph Man v.4 Trial - (...) [HKLM] -- {D5C5D70E-33DC-4A04-92F9-63964ECC30E1} O42 - Logiciel: Mozilla Firefox 5.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0.1 (x86 fr) © O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService © O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} © O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} © O42 - Logiciel: MyFreeCodec - (...) [HKCU] -- MyFreeCodec O42 - Logiciel: Nero OEM - (...) [HKLM] -- Nero - Burning Rom!UninstallKey O42 - Logiciel: PhotoInstrument 2.0 - (.Fatykhov Timur.) [HKLM] -- {5A7A2AED-781B-45DC-AAF6-EAA3A9370C83}_is1 © O42 - Logiciel: RealPlayer - (...) [HKLM] -- RealPlayer 6.0 O42 - Logiciel: Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Wind - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476} © O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} © O42 - Logiciel: Rosetta Stone Version 3 - (.Rosetta Stone Ltd..) [HKLM] -- {148E08FF-D7C4-46ED-8D4D-601C67FE0AFD} O42 - Logiciel: Roxio Activation Module - (.Roxio.) [HKLM] -- {35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0} © O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {83FFCFC7-88C6-41c6-8752-958A45325C82} © O42 - Logiciel: Roxio Creator Basic v9 - (.Roxio.) [HKLM] -- {C8B0680B-CDAE-4809-9F91-387B6DE00F7C} © O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} © O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {0D397393-9B50-4c52-84D5-77E344289F87} © O42 - Logiciel: Roxio Creator EasyArchive - (.Roxio.) [HKLM] -- {11F93B4B-48F0-4A4E-AE77-DFA96A99664B} © O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {0394CDC8-FABD-4ed8-B104-03393876DFDF} © O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} © O42 - Logiciel: Roxio MyDVD Basic v9 - (.Roxio.) [HKLM] -- {33C65B6A-5D73-4E3E-A1F9-127C27BD3F72} © O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A} © O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} © O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A} © O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} © O42 - Logiciel: Samsung USB Driver for Mobile Phones - (.Samsung Electronics Co., Ltd..) [HKLM] -- {D0795B21-0CDA-4a92-AB9E-6E92D8111E44} © O42 - Logiciel: Skype 2.5 - (.Skype Technologies S.A..) [HKLM] -- Skype_is1 © O42 - Logiciel: SmartSound Quicktracks Plugin - (.SmartSound Software Inc.) [HKLM] -- InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E} © O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey © O42 - Logiciel: Trust R-Series Mouse - (.Driver Builder.) [HKLM] -- InstallShield_{718666FC-C0A7-4DE7-9120-8F1746A90588} O42 - Logiciel: Ulead VideoStudio 9.0 - (.Ulead System.) [HKLM] -- {88F92798-59AB-474F-B40D-1EC5F782F7EE} O42 - Logiciel: Ulead VideoStudio 9.0 (all Languages) - (.Ulead Systems.) [HKLM] -- Ulead VideoStudio 9.0_is1 © O42 - Logiciel: Visual Studio 2012 x86 Redistributables - (.AVG Technologies CZ, s.r.o..) [HKLM] -- {98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} © O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4} © O42 - Logiciel: WinRAR archiver - (...) [HKLM] -- WinRAR archiver ---\\ HKCU & HKLM Software Keys (193) - 26s HKLM\SOFTWARE\Adobe HKLM\SOFTWARE\Ahead HKLM\SOFTWARE\ALWIL Software HKLM\SOFTWARE\AppDataLow HKLM\SOFTWARE\Apple Computer, Inc. HKLM\SOFTWARE\AVAST Software HKLM\SOFTWARE\Avira HKLM\SOFTWARE\Babylon =>PUP.Optional.Babylon HKLM\SOFTWARE\Bio-Health HKLM\SOFTWARE\Borland HKLM\SOFTWARE\BSProductManage HKLM\SOFTWARE\Canopus HKLM\SOFTWARE\CDDB HKLM\SOFTWARE\Codec tweak Tool HKLM\SOFTWARE\Compelson HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit HKLM\SOFTWARE\Conexant HKLM\SOFTWARE\CXT HKLM\SOFTWARE\CyberLink HKLM\SOFTWARE\Debug HKLM\SOFTWARE\DivXNetworks HKLM\SOFTWARE\DT Soft HKLM\SOFTWARE\Elastic Systems HKLM\SOFTWARE\FaceOnBody HKLM\SOFTWARE\FullCircle HKLM\SOFTWARE\GNU HKLM\SOFTWARE\Google HKLM\SOFTWARE\GPL Ghostscript HKLM\SOFTWARE\HaaliMkx HKLM\SOFTWARE\Hewlett-Packard HKLM\SOFTWARE\HP HKLM\SOFTWARE\HPQ HKLM\SOFTWARE\illiminable HKLM\SOFTWARE\InstalledOptions HKLM\SOFTWARE\InstallShield HKLM\SOFTWARE\Intel HKLM\SOFTWARE\IObit HKLM\SOFTWARE\JavaSoft HKLM\SOFTWARE\JreMetrics HKLM\SOFTWARE\KasperskyLab HKLM\SOFTWARE\KLCodecPack HKLM\SOFTWARE\LG Electronics HKLM\SOFTWARE\Licenses HKLM\SOFTWARE\LightScribe HKLM\SOFTWARE\Macromedia HKLM\SOFTWARE\Macrovision HKLM\SOFTWARE\magnet HKLM\SOFTWARE\Malwarebytes' Anti-Malware HKLM\SOFTWARE\MarkAny HKLM\SOFTWARE\McAfee.com HKLM\SOFTWARE\MCCI HKLM\SOFTWARE\Meditel Monaco Modem Service HKLM\SOFTWARE\MicroVision HKLM\SOFTWARE\Monaco HKLM\SOFTWARE\Motorola HKLM\SOFTWARE\Mozilla HKLM\SOFTWARE\mozilla.org HKLM\SOFTWARE\MozillaPlugins HKLM\SOFTWARE\Myfree Codec HKLM\SOFTWARE\Naevius YouTube Converter HKLM\SOFTWARE\Nuance HKLM\SOFTWARE\ODBC HKLM\SOFTWARE\Pinnacle Systems HKLM\SOFTWARE\Piriform HKLM\SOFTWARE\RealNetworks HKLM\SOFTWARE\Realtek HKLM\SOFTWARE\Realtek Semiconductor Corp. HKLM\SOFTWARE\RegisteredApplications HKLM\SOFTWARE\RichFX HKLM\SOFTWARE\Roxio HKLM\SOFTWARE\RTLSetup HKLM\SOFTWARE\S3R521 HKLM\SOFTWARE\SAMSUNG HKLM\SOFTWARE\Services HKLM\SOFTWARE\Skype HKLM\SOFTWARE\SmartSound Software HKLM\SOFTWARE\Sonic HKLM\SOFTWARE\SRS Labs HKLM\SOFTWARE\STOIK Imaging HKLM\SOFTWARE\Symantec HKLM\SOFTWARE\Synaptics HKLM\SOFTWARE\Sys Modules HKLM\SOFTWARE\SystemSafe HKLM\SOFTWARE\TQ566808 HKLM\SOFTWARE\Ulead Systems HKLM\SOFTWARE\Volatile HKLM\SOFTWARE\Warelex HKLM\SOFTWARE\WholeSecurity HKLM\SOFTWARE\WidCommUpdate HKLM\SOFTWARE\Windows HKLM\SOFTWARE\WinRAR HKLM\SOFTWARE\Wow6432Node HKLM\SOFTWARE\X-AVCSD HKLM\SOFTWARE\Xerox HKLM\SOFTWARE\Xing Technology Corp. HKLM\SOFTWARE\Yuan High-Tech HKLM\SOFTWARE\ZTE Corporation HKLM\SOFTWARE\ZTEUSBDriverFlag HKCU\SOFTWARE\AC3filter HKCU\SOFTWARE\Adobe HKCU\SOFTWARE\Affinix HKCU\SOFTWARE\Ahead HKCU\SOFTWARE\ALWIL Software HKCU\SOFTWARE\AppDataLow HKCU\SOFTWARE\Ares Vista HKCU\SOFTWARE\Avg Secure Update HKCU\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard HKCU\SOFTWARE\BearShare =>PUP.Optional.BearShare HKCU\SOFTWARE\Besier 3D-Edutainment HKCU\SOFTWARE\Borland HKCU\SOFTWARE\Camfrog HKCU\SOFTWARE\CDDB HKCU\SOFTWARE\Code Sector HKCU\SOFTWARE\Compelson HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\CoreVorbis HKCU\SOFTWARE\Cyberlink HKCU\SOFTWARE\Digital River HKCU\SOFTWARE\DivXNetworks HKCU\SOFTWARE\DT Soft HKCU\SOFTWARE\Elastic Systems HKCU\SOFTWARE\EleFun Desktops HKCU\SOFTWARE\Eset HKCU\SOFTWARE\Facebook HKCU\SOFTWARE\fTalk HKCU\SOFTWARE\FTweak HKCU\SOFTWARE\Gabest HKCU\SOFTWARE\GNU HKCU\SOFTWARE\Google HKCU\SOFTWARE\GSpot Appliance Corp HKCU\SOFTWARE\Haali HKCU\SOFTWARE\Hewlett-Packard HKCU\SOFTWARE\IM Providers HKCU\SOFTWARE\INNOMTEK HKCU\SOFTWARE\Intel HKCU\SOFTWARE\JavaSoft HKCU\SOFTWARE\kde.org HKCU\SOFTWARE\Keyboard And Mouse Config HKCU\SOFTWARE\keyhole.com HKCU\SOFTWARE\LG Electronics HKCU\SOFTWARE\Loaris HKCU\SOFTWARE\Macromedia HKCU\SOFTWARE\magdsoftnews HKCU\SOFTWARE\MainConcept HKCU\SOFTWARE\MainConcept (Sonic) HKCU\SOFTWARE\Medieval HKCU\SOFTWARE\MicroVision HKCU\SOFTWARE\Mirage HKCU\SOFTWARE\Mobileleader HKCU\SOFTWARE\Mozilla HKCU\SOFTWARE\MozillaPlugins HKCU\SOFTWARE\Multimedia Combo Set HKCU\SOFTWARE\Myfree Codec HKCU\SOFTWARE\Netscape HKCU\SOFTWARE\ODBC HKCU\SOFTWARE\Opera Software HKCU\SOFTWARE\Pdf-convert HKCU\SOFTWARE\PhotoInstrument HKCU\SOFTWARE\PinoyRepublic HKCU\SOFTWARE\Piriform HKCU\SOFTWARE\PUSH Entertainment HKCU\SOFTWARE\RealNetworks HKCU\SOFTWARE\Realtek HKCU\SOFTWARE\Roxio HKCU\SOFTWARE\Samsung HKCU\SOFTWARE\SecuROM HKCU\SOFTWARE\Simply Super Software HKCU\SOFTWARE\Skype HKCU\SOFTWARE\Softthinks HKCU\SOFTWARE\Softwrap HKCU\SOFTWARE\SpeedItUpFree =>PUP.Optional.SpeeditUp HKCU\SOFTWARE\Symantec HKCU\SOFTWARE\Synaptics HKCU\SOFTWARE\Sysinternals HKCU\SOFTWARE\SystemSafe HKCU\SOFTWARE\TeleCharger HKCU\SOFTWARE\Teorex HKCU\SOFTWARE\Trolltech HKCU\SOFTWARE\Ulead HKCU\SOFTWARE\Ulead Systems HKCU\SOFTWARE\VB and VBA Program Settings HKCU\SOFTWARE\Warelex HKCU\SOFTWARE\WebcamMax HKCU\SOFTWARE\WinRAR HKCU\SOFTWARE\WinRAR SFX HKCU\SOFTWARE\YahooPartnerToolbar =>Toolbar.YahooPartner HKCU\SOFTWARE\ZebHelpProcess Helper HKCU\SOFTWARE\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램 HKCU\SOFTWARE\AppDataLow\Software HKCU\SOFTWARE\AppDataLow\Toolbar HKCU\SOFTWARE\AppDataLow\Software\Google HKCU\SOFTWARE\AppDataLow\Software\Monitored HKCU\SOFTWARE\AppDataLow\Software\settings ---\\ Contents of the Common Files folders (293) - 24s O43 - CFD: 24/05/2012 - [] D -- C:\Program Files\4shared Desktop O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Adobe O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Ahead O43 - CFD: 03/10/2015 - [] D -- C:\Program Files\Alwil Software O43 - CFD: 26/07/2015 - [] D -- C:\Program Files\AVG O43 - CFD: 26/07/2015 - [] D -- C:\Program Files\AVG Web TuneUp =>Toolbar.AVGSafeGuard O43 - CFD: 16/06/2015 - [0] D -- C:\Program Files\Borland O43 - CFD: 31/05/2015 - [] D -- C:\Program Files\CCleaner O43 - CFD: 19/08/2009 - [0] D -- C:\Program Files\Circle Developement O43 - CFD: 01/09/2015 - [] D -- C:\Program Files\Common Files O43 - CFD: 10/02/2009 - [] D -- C:\Program Files\Conjugaison O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\DAEMON Tools Lite O43 - CFD: 27/09/2015 - [] D -- C:\Program Files\DigiNET O43 - CFD: 01/09/2015 - [] D -- C:\Program Files\Google O43 - CFD: 27/08/2009 - [] D -- C:\Program Files\HDDGURU LLF Tool O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Hewlett-Packard O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\HP O43 - CFD: 18/05/2007 - [] D -- C:\Program Files\HPQ O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\HSPA USB MODEM O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\iGetter O43 - CFD: 03/10/2015 - [] HD -- C:\Program Files\InstallShield Installation Information O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Intel O43 - CFD: 23/06/2009 - [] D -- C:\Program Files\Intelore O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Internet Explorer O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Internet Mobile+ O43 - CFD: 23/11/2015 - [] D -- C:\Program Files\IObit O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Java O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\K-Lite Codec Pack O43 - CFD: 29/08/2012 - [] D -- C:\Program Files\LG Connection Manager O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\LG Electronics O43 - CFD: 14/08/2009 - [0] D -- C:\Program Files\Lunascape O43 - CFD: 22/05/2010 - [0] D -- C:\Program Files\MagdSoft News O43 - CFD: 27/09/2015 - [] D -- C:\Program Files\MarkAny O43 - CFD: 26/09/2009 - [] D -- C:\Program Files\Messenger Plus! Live O43 - CFD: 02/09/2015 - [] D -- C:\Program Files\Microsoft O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Microsoft Games O43 - CFD: 02/09/2015 - [] D -- C:\Program Files\Microsoft Office O43 - CFD: 17/10/2010 - [] D -- C:\Program Files\Microsoft Office Outlook Connector O43 - CFD: 01/09/2015 - [] D -- C:\Program Files\Microsoft Silverlight O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Microsoft Sync Framework O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Microsoft Visual Studio O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 30/08/2015 - [] D -- C:\Program Files\Microsoft Works O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Microsoft.NET O43 - CFD: 29/08/2012 - [] D -- C:\Program Files\Mobile Connect O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\MOBILedit! O43 - CFD: 31/07/2015 - [] D -- C:\Program Files\Movie Maker O43 - CFD: 24/11/2015 - [] D -- C:\Program Files\Mozilla Firefox O43 - CFD: 29/06/2015 - [] D -- C:\Program Files\Mozilla Firefox(12) O43 - CFD: 09/09/2015 - [] D -- C:\Program Files\Mozilla Maintenance Service O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\MSBuild O43 - CFD: 25/01/2011 - [] D -- C:\Program Files\MSN O43 - CFD: 31/07/2015 - [0] D -- C:\Program Files\MSXML 4.0 O43 - CFD: 07/09/2015 - [] D -- C:\Program Files\MyFree Codec O43 - CFD: 17/05/2015 - [] D -- C:\Program Files\Naevius YouTube Converter O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Online Services O43 - CFD: 17/05/2015 - [] D -- C:\Program Files\Opera O43 - CFD: 03/12/2013 - [] D -- C:\Program Files\Participatory Culture Foundation O43 - CFD: 07/02/2010 - [] D -- C:\Program Files\PhotoInstrument O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Real O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Realtek O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Reference Assemblies O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Rockstar Games O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Rosetta Stone O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Roxio O43 - CFD: 03/10/2015 - [] D -- C:\Program Files\SAMSUNG O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Skype O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\SmartSound Software O43 - CFD: 09/02/2009 - [0] D -- C:\Program Files\SpeedBitPlus O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\STOIK O43 - CFD: 16/07/2009 - [] D -- C:\Program Files\Sybase O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Synaptics O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Teorex O43 - CFD: 07/07/2008 - [] D -- C:\Program Files\Trust O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Ulead Systems O43 - CFD: 02/11/2006 - [0] HD -- C:\Program Files\Uninstall Information O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\WebcamMax O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Calendar O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Defender O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Journal O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Live O43 - CFD: 22/10/2009 - [] D -- C:\Program Files\Windows Live SkyDrive O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Mail O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Media Components O43 - CFD: 31/07/2015 - [] D -- C:\Program Files\Windows Media Player O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows NT O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Photo Gallery O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Windows Sidebar O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\WinRAR O43 - CFD: 30/07/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 02/11/2006 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 03/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus O43 - CFD: 31/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner O43 - CFD: 09/08/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite O43 - CFD: 11/02/2011 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DigiNET O43 - CFD: 04/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3 O43 - CFD: 23/06/2008 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades O43 - CFD: 23/06/2008 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 27/08/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 14/06/2012 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HSPA USB MODEM O43 - CFD: 18/05/2007 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Matrix Storage Manager O43 - CFD: 19/03/2013 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Mobile+ O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack O43 - CFD: 18/05/2007 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling O43 - CFD: 02/11/2006 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in O43 - CFD: 01/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight O43 - CFD: 31/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works O43 - CFD: 29/08/2012 - [0] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Connect O43 - CFD: 03/06/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox O43 - CFD: 07/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services O43 - CFD: 07/02/2010 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoInstrument O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real O43 - CFD: 18/05/2007 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Manager O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone O43 - CFD: 18/05/2007 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio O43 - CFD: 03/10/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio O43 - CFD: 11/12/2008 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 23/11/2015 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOIK Imaging O43 - CFD: 02/11/2006 - [] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 06/07/2009 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead VideoStudio 9.0 O43 - CFD: 24/05/2015 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 15/10/2008 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 18/03/2012 - [] D -- C:\ProgramData\Adobe O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\Alwil Software O43 - CFD: 16/06/2008 - [0] SHD -- C:\ProgramData\Application Data O43 - CFD: 03/10/2015 - [] D -- C:\ProgramData\AVAST Software O43 - CFD: 08/09/2015 - [] D -- C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch O43 - CFD: 26/07/2015 - [] D -- C:\ProgramData\AVG Web TuneUp =>Toolbar.AVGSafeGuard O43 - CFD: 26/05/2015 - [] D -- C:\ProgramData\Avira O43 - CFD: 09/12/2012 - [] D -- C:\ProgramData\boost_interprocess O43 - CFD: 26/07/2015 - [] HD -- C:\ProgramData\Common Files O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\CyberLink O43 - CFD: 09/08/2012 - [] D -- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 29/04/2012 - [] D -- C:\ProgramData\DataCardService O43 - CFD: 16/06/2008 - [0] SHD -- C:\ProgramData\Desktop O43 - CFD: 16/06/2008 - [0] SHD -- C:\ProgramData\Documents O43 - CFD: 28/12/2008 - [] D -- C:\ProgramData\ESET O43 - CFD: 23/09/2009 - [] D -- C:\ProgramData\FaceOnBody O43 - CFD: 16/06/2008 - [0] SHD -- C:\ProgramData\Favorites O43 - CFD: 09/08/2012 - [] D -- C:\ProgramData\FLEXnet O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Google O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Hewlett-Packard O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\HP O43 - CFD: 20/11/2011 - [] D -- C:\ProgramData\Installations O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\InstallShield O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Internet Mobile O43 - CFD: 23/11/2015 - [] D -- C:\ProgramData\IObit O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Kaspersky Lab O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Kaspersky Lab Setup Files O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Malwarebytes O43 - CFD: 24/05/2012 - [] D -- C:\ProgramData\McAfee O43 - CFD: 27/09/2015 - [] D -- C:\ProgramData\MFAData O43 - CFD: 30/07/2015 - [] SD -- C:\ProgramData\Microsoft O43 - CFD: 02/09/2015 - [] D -- C:\ProgramData\Microsoft Help O43 - CFD: 04/05/2012 - [] D -- C:\ProgramData\Mozilla O43 - CFD: 01/11/2015 - [] D -- C:\ProgramData\Package Cache O43 - CFD: 25/07/2009 - [] D -- C:\ProgramData\PowerDesigner 12 O43 - CFD: 26/06/2009 - [] D -- C:\ProgramData\PowerDesigner 15 O43 - CFD: 23/11/2015 - [] D -- C:\ProgramData\ProductData =>PUP.Optional.Generic O43 - CFD: 04/06/2009 - [] D -- C:\ProgramData\QuickTime O43 - CFD: 31/10/2015 - [] D -- C:\ProgramData\Rosetta Stone O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Roxio O43 - CFD: 03/10/2015 - [] D -- C:\ProgramData\Samsung O43 - CFD: 11/12/2008 - [0] D -- C:\ProgramData\Skype O43 - CFD: 04/06/2009 - [] D -- C:\ProgramData\SmartSound Software Inc O43 - CFD: 06/07/2008 - [] D -- C:\ProgramData\Sonic O43 - CFD: 29/12/2009 - [] D -- C:\ProgramData\Speedbit O43 - CFD: 16/06/2008 - [0] SHD -- C:\ProgramData\Start Menu O43 - CFD: 23/04/2010 - [] D -- C:\ProgramData\Sun O43 - CFD: 23/01/2011 - [] D -- C:\ProgramData\Symantec O43 - CFD: 15/10/2009 - [0] D -- C:\ProgramData\TEMP O43 - CFD: 16/06/2008 - [0] SHD -- C:\ProgramData\Templates O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\Ulead Systems O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\VS Revo Group O43 - CFD: 30/07/2015 - [] D -- C:\ProgramData\WindowsLiveInstaller O43 - CFD: 26/01/2011 - [] D -- C:\ProgramData\WLInstaller O43 - CFD: 18/01/2009 - [] D -- C:\ProgramData\Xerox O43 - CFD: 29/09/2010 - [] D -- C:\ProgramData\Zbshareware Lab O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Adobe O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Ahead O43 - CFD: 26/07/2015 - [] D -- C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\BitDefender O43 - CFD: 01/09/2015 - [] D -- C:\Program Files\Common Files\DESIGNER O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\HP O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\InstallShield O43 - CFD: 01/11/2015 - [] D -- C:\Program Files\Common Files\Java O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\LightScribe O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Macrovision Shared O43 - CFD: 30/08/2015 - [] D -- C:\Program Files\Common Files\microsoft shared O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Real O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Roxio Shared O43 - CFD: 02/11/2006 - [] D -- C:\Program Files\Common Files\Services O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Sonic Shared O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 18/05/2007 - [] D -- C:\Program Files\Common Files\SureThing Shared O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Symantec Shared O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\System O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\Ulead Systems O43 - CFD: 18/09/2009 - [] D -- C:\Program Files\Common Files\Windows Live O43 - CFD: 30/07/2015 - [] D -- C:\Program Files\Common Files\xing shared O43 - CFD: 24/05/2012 - [0] D -- C:\Users\Mocro\AppData\Roaming\4shared Desktop O43 - CFD: 08/11/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Adobe O43 - CFD: 19/11/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Ahead O43 - CFD: 04/02/2009 - [] D -- C:\Users\Mocro\AppData\Roaming\Apple Computer O43 - CFD: 11/06/2014 - [] D -- C:\Users\Mocro\AppData\Roaming\CVitae O43 - CFD: 16/06/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\CyberLink O43 - CFD: 11/09/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 26/05/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\Dropbox O43 - CFD: 08/05/2010 - [] D -- C:\Users\Mocro\AppData\Roaming\elefundesktops O43 - CFD: 27/11/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Fexmax O43 - CFD: 02/10/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\GetRightToGo O43 - CFD: 22/06/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Google O43 - CFD: 31/10/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Hewlett-Packard O43 - CFD: 16/06/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\HP O43 - CFD: 16/06/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Identities O43 - CFD: 26/12/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\iGetter O43 - CFD: 29/04/2012 - [] D -- C:\Users\Mocro\AppData\Roaming\InstallShield O43 - CFD: 24/11/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\IObit O43 - CFD: 19/02/2009 - [] D -- C:\Users\Mocro\AppData\Roaming\Lunascape O43 - CFD: 22/06/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Macromedia O43 - CFD: 02/11/2006 - [0] D -- C:\Users\Mocro\AppData\Roaming\Media Center Programs O43 - CFD: 10/12/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Media Player Classic O43 - CFD: 17/05/2015 - [] SD -- C:\Users\Mocro\AppData\Roaming\Microsoft O43 - CFD: 05/05/2012 - [] D -- C:\Users\Mocro\AppData\Roaming\Mozilla O43 - CFD: 23/01/2010 - [] D -- C:\Users\Mocro\AppData\Roaming\MxBoost O43 - CFD: 28/12/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Opera O43 - CFD: 03/12/2013 - [] D -- C:\Users\Mocro\AppData\Roaming\Participatory Culture Foundation O43 - CFD: 30/07/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\PCF-VLC O43 - CFD: 27/10/2008 - [0] D -- C:\Users\Mocro\AppData\Roaming\PeerNetworking O43 - CFD: 23/11/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\ProductData O43 - CFD: 09/11/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Real O43 - CFD: 18/02/2009 - [] D -- C:\Users\Mocro\AppData\Roaming\Roxio O43 - CFD: 27/09/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\Samsung O43 - CFD: 30/07/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\Skype O43 - CFD: 09/11/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Sun O43 - CFD: 26/12/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Talkback O43 - CFD: 16/06/2008 - [] D -- C:\Users\Mocro\AppData\Roaming\Template O43 - CFD: 30/07/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\TeraCopy O43 - CFD: 27/08/2010 - [] D -- C:\Users\Mocro\AppData\Roaming\Thinstall O43 - CFD: 26/07/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\TuneUp Software O43 - CFD: 04/06/2009 - [] D -- C:\Users\Mocro\AppData\Roaming\Ulead Systems O43 - CFD: 15/10/2008 - [0] D -- C:\Users\Mocro\AppData\Roaming\WinRAR O43 - CFD: 24/11/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\ZHP O43 - CFD: 30/04/2012 - [] D -- C:\Users\Mocro\AppData\Local\Adobe O43 - CFD: 04/02/2009 - [] D -- C:\Users\Mocro\AppData\Local\Apple O43 - CFD: 04/02/2009 - [] D -- C:\Users\Mocro\AppData\Local\Apple Computer O43 - CFD: 16/06/2008 - [0] SHD -- C:\Users\Mocro\AppData\Local\Application Data O43 - CFD: 04/11/2008 - [] D -- C:\Users\Mocro\AppData\Local\Apps O43 - CFD: 15/10/2008 - [] D -- C:\Users\Mocro\AppData\Local\Ares Vista O43 - CFD: 26/07/2015 - [] D -- C:\Users\Mocro\AppData\Local\AVG Web TuneUp =>Toolbar.AVGSafeGuard O43 - CFD: 28/05/2014 - [] D -- C:\Users\Mocro\AppData\Local\cache O43 - CFD: 30/11/2012 - [] D -- C:\Users\Mocro\AppData\Local\Conduit O43 - CFD: 17/12/2008 - [] D -- C:\Users\Mocro\AppData\Local\Cooliris O43 - CFD: 14/08/2009 - [0] D -- C:\Users\Mocro\AppData\Local\Deployment O43 - CFD: 03/10/2015 - [] D -- C:\Users\Mocro\AppData\Local\Downloaded Installations O43 - CFD: 08/12/2012 - [] D -- C:\Users\Mocro\AppData\Local\Facebook O43 - CFD: 14/09/2015 - [] D -- C:\Users\Mocro\AppData\Local\Google O43 - CFD: 16/06/2008 - [0] SHD -- C:\Users\Mocro\AppData\Local\History O43 - CFD: 16/06/2008 - [] D -- C:\Users\Mocro\AppData\Local\HP O43 - CFD: 31/10/2008 - [] D -- C:\Users\Mocro\AppData\Local\IsolatedStorage O43 - CFD: 03/12/2013 - [] D -- C:\Users\Mocro\AppData\Local\Macromedia O43 - CFD: 26/07/2015 - [] D -- C:\Users\Mocro\AppData\Local\MFAData O43 - CFD: 17/05/2015 - [] D -- C:\Users\Mocro\AppData\Local\Microsoft O43 - CFD: 14/09/2008 - [] D -- C:\Users\Mocro\AppData\Local\Microsoft Games O43 - CFD: 19/06/2009 - [0] D -- C:\Users\Mocro\AppData\Local\Microsoft Help O43 - CFD: 18/02/2009 - [] D -- C:\Users\Mocro\AppData\Local\MicroVision Applications O43 - CFD: 08/09/2015 - [] D -- C:\Users\Mocro\AppData\Local\MigWiz O43 - CFD: 28/05/2014 - [] D -- C:\Users\Mocro\AppData\Local\Mobogenie =>PUP.Optional.Mobogenie O43 - CFD: 22/10/2008 - [] D -- C:\Users\Mocro\AppData\Local\Mozilla O43 - CFD: 28/12/2008 - [] D -- C:\Users\Mocro\AppData\Local\Opera O43 - CFD: 29/07/2011 - [0] D -- C:\Users\Mocro\AppData\Local\PackageAware =>PUP.Optional.BearShare O43 - CFD: 30/07/2015 - [] D -- C:\Users\Mocro\AppData\Local\QuickPlay O43 - CFD: 03/10/2015 - [] D -- C:\Users\Mocro\AppData\Local\Samsung O43 - CFD: 24/11/2015 - [] D -- C:\Users\Mocro\AppData\Local\Temp O43 - CFD: 16/06/2008 - [0] SHD -- C:\Users\Mocro\AppData\Local\Temporary Internet Files O43 - CFD: 11/07/2008 - [] D -- C:\Users\Mocro\AppData\Local\VirtualStore O43 - CFD: 24/05/2015 - [] D -- C:\Users\Mocro\AppData\Local\VS Revo Group O43 - CFD: 30/07/2015 - [] RD -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 30/07/2015 - [] RD -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 11/02/2011 - [0] D -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DigiNET O43 - CFD: 30/07/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 30/07/2015 - [] RD -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 30/07/2015 - [0] RD -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 30/07/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Teorex O43 - CFD: 30/07/2015 - [] D -- C:\Users\Mocro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ---\\ Latest files created in Prefetcher (6) - 13s O45 - LFCP:[MD5.BFA6EB735E4C7C1559A56F6C34BD06A5] 03/12/2013 A -- C:\Windows\Prefetch\BUZZSEARCHSETUP.EXE-3788B222.pf =>PUP.Optional.BuzzSearch O45 - LFCP:[MD5.8A595A3FA30B23D4581E926469E46C5D] 03/12/2013 A -- C:\Windows\Prefetch\BUZZSEARCH_SETUP.EXE-35750DD2.pf =>PUP.Optional.BuzzSearch O45 - LFCP:[MD5.F90A68618E675E74301DE2BE7CB44AF9] 28/05/2014 A -- C:\Windows\Prefetch\MYPC BACKUP.EXE-665A3E17.pf =>PUP.Optional.MyPCBackup O45 - LFCP:[MD5.3EB7E1BA978DBE374F062467B8EFFBFE] 28/05/2014 A -- C:\Windows\Prefetch\SIGNUP WIZARD.EXE-13F4E99F.pf =>PUP.Optional.MyPCBackup O45 - LFCP:[MD5.E42BF626C625870C13679CB3D28DBDE2] 28/05/2014 A -- C:\Windows\Prefetch\UPDATEBUZZSEARCH.EXE-2EC47BFA.pf =>PUP.Optional.BuzzSearch O45 - LFCP:[MD5.AD1B295215C513C02FD4BF7EB033418D] 28/05/2014 A -- C:\Windows\Prefetch\UTILBUZZSEARCH.EXE-9DB33912.pf =>PUP.Optional.BuzzSearch ---\\ ShellIconOverlayIdentifiers (SIOI) (1) - 0s O106 - SIOI: avast [00avast] - {472083B0-C522-11CF-8763-00608CC02F24}. (.AVAST Software - avast! Shell Extension.) -- C:\Program Files\Alwil Software\Avast5\ashShell.dll © ---\\ ShareTools MSconfig StartupReg (29) - 3s O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe © O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe © O53 - SMSR:HKLM\...\startupreg\autodetect [Key] . (...) -- C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\AutorunRemover.exe [Key] . (...) -- C:\Program Files\AutorunRemover\AutorunRemover.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\AutoStartNPSAgent [Key] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\SAMSUNG\Samsung New PC Studio\NPSAgent.exe © O53 - SMSR:HKLM\...\startupreg\CCleaner [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe © O53 - SMSR:HKLM\...\startupreg\CCleaner Monitoring [Key] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner.exe © O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe © O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (...) -- C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE (.not file.) =>PUP.Optional.Datamngr O53 - SMSR:HKLM\...\startupreg\ehTray.exe [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe © O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\Mocro\AppData\Local\Facebook\Update\FacebookUpdate.exe © O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- C:\Users\Mocro\AppData\Local\Google\Update\GoogleUpdate.exe © O53 - SMSR:HKLM\...\startupreg\HEXelon MAX [Key] . (...) -- C:\Program Files\HEXelon MAX 6\hexelon.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\HP Health Check Scheduler [Key] . (.Hewlett-Packard - HP Health Check Scheduler.) -- C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe © O53 - SMSR:HKLM\...\startupreg\HP Software Update [Key] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe © O53 - SMSR:HKLM\...\startupreg\hpWirelessAssistant [Key] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe © O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe © O53 - SMSR:HKLM\...\startupreg\KiesTrayAgent [Key] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe © O53 - SMSR:HKLM\...\startupreg\KMCONFIG [Key] . (.UASSOFT.COM - DRIVER AUTORUN.) -- C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe © O53 - SMSR:HKLM\...\startupreg\Loaris Trojan Remover [Key] . (...) -- C:\Program Files\Loaris Trojan Remover\TrojanRemover.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Meditel Monaco ModemListener [Key] . (...) -- C:\Program Files\HSPA USB MODEM\BackgroundService\ModemListener.exe O53 - SMSR:HKLM\...\startupreg\mobilegeni daemon [Key] . (...) -- C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Optional.Mobogenie O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (...) -- c:\Program Files\Microsoft Security Client\msseces.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe © O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\System32\NeroCheck.exe O53 - SMSR:HKLM\...\startupreg\QlbCtrl [Key] . (.Hewlett-Packard Development Company, L.P. - QLB Controller.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe © O53 - SMSR:HKLM\...\startupreg\QPService [Key] . (.CyberLink Corp. - HP QuickPlay Resident Program.) -- C:\Program Files\HP\QuickPlay\QPService.exe © O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (...) -- C:\Program Files\QuickTime\qttask.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Windows Sidebar.) -- C:\Program Files\Windows Sidebar\sidebar.exe © ---\\ System Drivers List (116) - 47s O58 - SDL:2006/11/02 09:51:38 A . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\drivers\adp94xx.sys [420968] © O58 - SDL:2006/11/02 09:51:32 A . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\drivers\adpahci.sys [297576] © O58 - SDL:2006/11/02 09:50:35 A . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\drivers\adpu160m.sys [98408] © O58 - SDL:2006/11/02 09:51:00 A . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\drivers\adpu320.sys [147048] © O58 - SDL:2006/11/02 09:49:20 A . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\drivers\aliide.sys [14952] © O58 - SDL:2006/11/02 09:50:09 A . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\drivers\arc.sys [67688] © O58 - SDL:2006/11/02 09:50:10 A . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\drivers\arcsas.sys [67688] © O58 - SDL:2010/06/28 20:32:33 A . (.ALWIL Software - avast! File System Access Blocking Driver.) -- C:\Windows\System32\drivers\aswFsBlk.sys [17744] © O58 - SDL:2010/06/28 20:32:56 A . (.ALWIL Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\System32\drivers\aswMonFlt.sys [50256] © O58 - SDL:2010/06/28 20:33:13 A . (.ALWIL Software - avast! TDI RDR Driver.) -- C:\Windows\System32\drivers\aswRdr.sys [23376] © O58 - SDL:2010/06/28 20:37:30 A . (.ALWIL Software - avast! self protection module.) -- C:\Windows\System32\drivers\aswSP.sys [165456] © O58 - SDL:2010/06/28 20:37:52 A . (.ALWIL Software - avast! TDI Filter Driver.) -- C:\Windows\System32\drivers\aswTdi.sys [46672] © O58 - SDL:2015/05/19 16:44:44 A . (.Avira Operations GmbH & Co. KG - Avira Manager Driver.) -- C:\Windows\System32\drivers\avkmgr.sys [37896] © O58 - SDL:2006/11/02 07:30:53 A . (.Broadcom Corporation - BCM 802.11g Network Adapter wireless driver.) -- C:\Windows\System32\drivers\BCMWL6.SYS [464384] © O58 - SDL:2006/11/02 08:24:45 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower.) -- C:\Windows\System32\drivers\BrFiltLo.sys [13568] © O58 - SDL:2006/11/02 08:24:46 A . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper.) -- C:\Windows\System32\drivers\BrFiltUp.sys [5248] © O58 - SDL:2006/11/02 08:25:24 A . (.Brother Industries Ltd. - Brotehr Serial I/F Driver (WDM).) -- C:\Windows\System32\drivers\BrSerId.sys [71808] © O58 - SDL:2006/11/02 08:24:44 A . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\drivers\BrSerWdm.sys [62336] © O58 - SDL:2006/11/02 08:24:44 A . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\drivers\BrUsbMdm.sys [12160] © O58 - SDL:2006/11/02 08:24:47 A . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\drivers\BrUsbSer.sys [11904] © O58 - SDL:2006/11/01 18:45:14 A . (.Windows (R) 2000 DDK provider - WDM Video Capture Driver.) -- C:\Windows\System32\drivers\BTCamDrv.sys [219264] O58 - SDL:2008/12/07 12:44:54 A . (...) -- C:\Windows\System32\drivers\btnetBus.sys [30088] O58 - SDL:2006/10/18 10:00:00 A . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see Px.) -- C:\Windows\System32\drivers\cdr4_xp.sys [2432] © O58 - SDL:2006/10/18 10:00:00 A . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\drivers\cdralw2k.sys [2560] © O58 - SDL:2006/11/02 09:49:28 A . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\cmdide.sys [16488] © O58 - SDL:2006/06/28 16:54:00 A . (.Hewlett-Packard Development Company, L.P. - HP Tablet PC Key Button HID Driver.) -- C:\Windows\System32\drivers\CPQBttn.sys [9472] © O58 - SDL:2013/12/30 10:52:38 A . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\drivers\dgderdrv.sys [20032] © O58 - SDL:2006/11/02 09:50:11 A . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\drivers\djsvs.sys [71272] © O58 - SDL:2012/08/09 00:36:59 A . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\drivers\dtsoftbus01.sys [242240] © O58 - SDL:2006/11/02 07:30:54 A . (.Intel Corporation - Intel(R) PRO/100 Adapter NDIS 5.1 driver.) -- C:\Windows\System32\drivers\e100b325.sys [163328] © O58 - SDL:2006/11/02 07:30:54 A . (.Intel Corporation - Intel(R) PRO/1000 Adapter NDIS 6 deserializ.) -- C:\Windows\System32\drivers\E1G60I32.sys [117760] © O58 - SDL:2006/11/30 17:24:58 A . (.Hewlett-Packard Development Company, L.P. - QLB PS/2 Keyboard filter driver.) -- C:\Windows\System32\drivers\eabfiltr.sys [8192] © O58 - SDL:2006/11/02 09:51:34 A . (.Emulex - Storport Miniport Driver for LightPulse HBA.) -- C:\Windows\System32\drivers\elxstor.sys [316520] © O58 - SDL:2007/02/25 09:36:20 A . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\drivers\ewdcsc.sys [23424] © O58 - SDL:2007/02/25 09:36:20 A . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ewusbmdm.sys [92032] © O58 - SDL:2006/11/02 09:50:10 A . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\drivers\HpCISSs.sys [37480] © O58 - SDL:2015/10/04 16:42:22 A . (.REALiX(tm) - HWiNFO x86 Kernel Driver.) -- C:\Windows\System32\drivers\HWiNFO32.SYS [23840] O58 - SDL:2015/10/04 17:33:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStor.sys [331288] © O58 - SDL:2006/11/02 09:51:25 A . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\drivers\iaStorV.sys [232040] © O58 - SDL:2015/11/01 18:56:20 A . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\System32\drivers\igdkmd32.sys [4569088] © O58 - SDL:2006/11/02 09:50:17 A . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\drivers\iirsp.sys [41576] © O58 - SDL:2006/11/02 09:50:07 A . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\drivers\iteatapi.sys [35944] © O58 - SDL:2006/11/02 09:50:09 A . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\drivers\iteraid.sys [35944] © O58 - SDL:2010/07/23 09:45:34 A . (.TCT International Mobile Ltd - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\jrdusbser.sys [105344] © O58 - SDL:2007/03/29 13:00:16 A . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\drivers\KMWDFilter.SYS [17024] © O58 - SDL:2006/11/02 09:50:04 A . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_fc.sys [65640] © O58 - SDL:2006/11/02 09:50:05 A . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_sas.sys [65640] © O58 - SDL:2006/11/02 09:50:10 A . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\drivers\lsi_scsi.sys [65640] © O58 - SDL:2011/03/02 17:12:46 A . (.MBB Incorporated - CDROM Filter.) -- C:\Windows\System32\drivers\massfilter.sys [9216] © O58 - SDL:2015/10/05 09:50:04 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [23256] © O58 - SDL:2015/10/05 09:50:08 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\Windows\System32\drivers\mbamchameleon.sys [94936] © O58 - SDL:2015/11/24 21:57:19 A . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512] © O58 - SDL:2006/11/02 09:49:53 A . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\megasas.sys [28776] © O58 - SDL:2006/11/02 09:49:59 A . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows.) -- C:\Windows\System32\drivers\Mraid35x.sys [33384] © O58 - SDL:2015/10/05 09:50:12 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\Windows\System32\drivers\mwac.sys [51928] © O58 - SDL:2006/11/02 07:30:54 A . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\Windows\System32\drivers\NETw3v32.sys [1781760] © O58 - SDL:2007/03/01 12:49:58 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETw4v32.sys [2216448] © O58 - SDL:2015/10/04 17:35:06 A . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\drivers\NETwLv32.sys [6639616] © O58 - SDL:2006/11/02 09:50:19 A . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\drivers\nfrd960.sys [45160] © O58 - SDL:2006/11/02 07:36:50 A . (.N-trig Innovative Technologies - N-trig tablet digitizer in-box driver.) -- C:\Windows\System32\drivers\ntrigdigi.sys [20608] © O58 - SDL:2006/11/02 09:50:24 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [88680] © O58 - SDL:2006/11/02 09:50:13 A . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [40040] © O58 - SDL:2007/02/02 10:00:00 A . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\drivers\pxhelp20.sys [43528] © O58 - SDL:2006/11/02 09:51:45 A . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\drivers\ql2300.sys [900712] © O58 - SDL:2006/11/02 09:50:35 A . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\drivers\ql40xx.sys [106088] © O58 - SDL:2015/11/01 19:11:01 A . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\drivers\rimmptsk.sys [48128] © O58 - SDL:2015/11/01 19:09:52 A . (.REDC - RICOH MS Driver.) -- C:\Windows\System32\drivers\rimsptsk.sys [69120] © O58 - SDL:2015/11/01 18:44:34 A . (.REDC - RICOH SD/MMC Driver.) -- C:\Windows\System32\drivers\risdptsk.sys [46592] © O58 - SDL:2015/11/01 19:11:02 A . (.REDC - RICOH XD SM Driver.) -- C:\Windows\System32\drivers\rixdptsk.sys [38400] © O58 - SDL:2015/11/01 19:02:58 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\Windows\System32\drivers\RTKVHDA.sys [3522264] © O58 - SDL:2015/11/01 19:08:06 A . (.Realtek - Realtek 8136/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\drivers\Rtlh86.sys [603928] © O58 - SDL:2006/11/02 06:37:21 A . (.Macrovision Corporation, Macrovision Europe Limited, - Macrovision SECURITY Driver.) -- C:\Windows\System32\drivers\secdrv.sys [20480] © O58 - SDL:2006/11/02 09:50:10 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\System32\drivers\sisraid2.sys [38504] © O58 - SDL:2006/11/02 09:50:16 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\drivers\sisraid4.sys [71784] © O58 - SDL:2006/11/02 07:41:49 A . (.Motorola Inc. - Motorola SM56 Modem WDM Driver.) -- C:\Windows\System32\drivers\smserial.sys [1010560] O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\Windows\System32\drivers\sscdbus.sys [136776] © O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdcm.sys [15560] © O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdcmnt.sys [15560] © O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\Windows\System32\drivers\sscdmdfl.sys [17864] © O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\Windows\System32\drivers\sscdmdm.sys [153672] © O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - SAMSUNG Mobile Modem Diagnostic Serial Port.) -- C:\Windows\System32\drivers\sscdserd.sys [130248] © O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdwh.sys [15304] © O58 - SDL:2015/05/21 06:02:40 A . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\System32\drivers\sscdwhnt.sys [15304] © O58 - SDL:2015/05/19 16:20:00 A . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\drivers\ssmdrv.sys [28520] O58 - SDL:2006/07/24 16:05:00 A . (...) -- C:\Windows\System32\drivers\StarOpen.sys [5632] O58 - SDL:2006/11/02 09:50:05 A . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\drivers\symc8xx.sys [35944] © O58 - SDL:2006/11/02 09:49:56 A . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\drivers\sym_hi.sys [31848] © O58 - SDL:2006/11/02 09:50:03 A . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\drivers\sym_u3.sys [34920] © O58 - SDL:2007/01/13 03:59:02 A . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\Windows\System32\drivers\SynTP.sys [181432] © O58 - SDL:2006/11/02 09:51:25 A . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\drivers\uliahci.sys [235112] © O58 - SDL:2006/11/02 09:50:35 A . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win200.) -- C:\Windows\System32\drivers\ulsata.sys [98408] © O58 - SDL:2006/11/02 09:50:45 A . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\drivers\ulsata2.sys [115816] © O58 - SDL:2006/11/02 09:49:30 A . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\drivers\viaide.sys [17512] © O58 - SDL:2006/11/02 09:50:41 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\System32\drivers\vsmraid.sys [112232] © O58 - SDL:2006/11/02 07:41:49 A . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\System32\drivers\VSTAZL3.SYS [200704] © O58 - SDL:2006/11/02 07:41:48 A . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\System32\drivers\VSTCNXT3.SYS [654336] © O58 - SDL:2006/11/02 07:41:50 A . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\System32\drivers\VSTDPV3.SYS [987648] © O58 - SDL:2011/03/02 17:12:46 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys [107776] © O58 - SDL:2011/03/02 17:12:46 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbnmea.sys [107776] © O58 - SDL:2011/03/02 17:12:46 A . (.ZTE Incorporated - USB Modem/Serial Device Driver.) -- C:\Windows\System32\drivers\ZTEusbser6k.sys [107776] © O58 - SDL:2006/11/02 07:09:42 A . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:2006/11/02 07:09:45 A . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:2010/06/14 09:32:54 A . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36608] O58 - SDL:2006/11/02 07:09:41 A . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:2006/11/02 07:09:44 A . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:2006/11/02 07:09:44 A . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:2006/11/02 07:09:29 A . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:2006/11/02 07:09:35 A . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:2006/11/02 07:09:38 A . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:2006/11/02 07:09:40 A . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:2006/11/02 07:09:31 A . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:2006/11/02 07:09:20 A . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:2006/11/02 07:09:23 A . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:2006/11/02 07:09:24 A . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:2006/11/02 07:09:26 A . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:2006/11/02 07:09:22 A . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ---\\ Last modified or created user files (1) - 53s O61 - LFC: 2015/11/24 20:32:33 A . (..) -- C:\Users\Mocro\AppData\Local\Google\Chrome\User Data\ev_hashes_whitelist.bin [674082] ---\\ File Associations Shell Spawning (10) - 0s O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe © O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Event Viewer Snapin Launcher.) -- C:\WINDOWS\System32\eventvwr.exe © O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\WINDOWS\System32\wscript.exe © O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Registry Editor.) -- C:\WINDOWS\regedit.exe © O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe © ---\\ Start Menu Internet (12) - 0s O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\System32\ie4uinit.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Mocro\AppData\Local\Google\Chrome\Application\chrome.exe © O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\WINDOWS\System32\ie4uinit.exe © ---\\ Search Browser Infection (3) - 2s O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com/ O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com/ O69 - SBI: SearchScopes [HKCU] {A61780CA-0E9B-4CE9-A26A-CEE09344004D} [DefaultScope] - (Yahoo! Nederland) - http://nl.search.yahoo.com/ ---\\ Search Svchost Services (31) - 0s O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Application Experience Service.) -- C:\WINDOWS\System32\aelupsvc.dll [24576] © O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Problem Reports and Solutions.) -- C:\WINDOWS\System32\wercplsupport.dll [63488] © O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\System32\shsvcs.dll [245248] © O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [39936] © O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [39936] © O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\System32\srvsvc.dll [121344] © O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Group Policy Client.) -- C:\WINDOWS\System32\gpsvc.dll [569344] © O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE extension.) -- C:\WINDOWS\System32\IKEEXT.DLL [416768] © O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\System32\audiosrv.dll [310272] © O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\System32\rasauto.dll [90624] © O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\System32\rasmans.dll [234496] © O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\System32\mprdim.dll [65536] © O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\System32\Sens.dll [47104] © O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Microsoft NAT Helper Components.) -- C:\WINDOWS\System32\ipnathlp.dll [286208] © O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft® Windows(TM) Telephony Server.) -- C:\WINDOWS\System32\tapisrv.dll [242688] © O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Terminal Server Remote Connections Manager.) -- C:\WINDOWS\System32\termsrv.dll [427520] © O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\WINDOWS\System32\wuaueng.dll [1809944] © O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [750080] © O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Windows Shell Services Dll.) -- C:\WINDOWS\System32\shsvcs.dll [245248] © O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service that offers IPv6 connectivity over.) -- C:\WINDOWS\System32\iphlpsvc.dll [179712] © O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Secondary Logon Service DLL.) -- C:\WINDOWS\System32\seclogon.dll [19968] © O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information Service.) -- C:\WINDOWS\System32\appinfo.dll [33280] © O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI Discovery service.) -- C:\WINDOWS\System32\iscsiexe.dll [111104] © O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Multimedia Class Scheduler Service.) -- C:\WINDOWS\System32\mmcss.dll [45056] © O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll [152576] © O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost service.) -- C:\WINDOWS\System32\eapsvc.dll [34816] © O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll [161280] © O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler Service.) -- C:\WINDOWS\System32\schedsvc.dll [595456] © O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Terminal Services Configuration service.) -- C:\WINDOWS\System32\SessEnv.dll [92160] © O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\System32\browser.dll [81408] © O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Key Management Service.) -- C:\WINDOWS\System32\KMSVC.DLL [69120] © ---\\ Firewall Active Exception List (4) - 3s O87 - FAEL: "{05FE9E28-490C-4207-9C02-145CAD0621E0}" [In-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. executable.) -- C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe O87 - FAEL: "{9F9333F5-88F7-4FC0-B9F0-D4E00395B9B2}" [Out-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. executable.) -- C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\RosettaStoneVersion3.exe O87 - FAEL: "{937B9B8B-5D11-4CCF-8CE2-45B1DFFB404E}" [In-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. executable.) -- C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe O87 - FAEL: "{C9F5DDFC-3D6A-4312-874D-A35C2BD80B94}" [Out-None-P6-TRUE] .(.Rosetta Stone Ltd. - Rosetta Stone Ltd. executable.) -- C:\Program Files\Rosetta Stone\Rosetta Stone Version 3\support\bin\win\RosettaStoneLtdServices.exe ---\\ Services not Microsoft (SR=Run, SS=Stop) (28) - 121s SS - Demand [12/11/2015] [ 269000] Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\System32\Macromed\Flash\FlashPlayerUpdateService.exe © SR - Auto [28/06/2010] [ 40384] avast! Antivirus (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe © SR - Demand [28/06/2010] [ 40384] avast! Mail Scanner (avast! Mail Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe © SR - Demand [28/06/2010] [ 40384] avast! Web Scanner (avast! Web Scanner) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe © SR - Auto [24/04/2007] [ 262243] CyberLink Background Capture Service (CBCS) (CLCapSvc) . (.Copyright 2004.) - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe SS - Auto [24/04/2007] [ 106593] CyberLink Task Scheduler (CTS) (CLSched) . (.Copyright 2004.) - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe SS - Demand [09/08/2012] [ 655624] FLEXnet Licensing Service (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe © SR - Auto [04/07/2010] [ 238952] FsUsbExService (FsUsbExService) . (.Teruten.) - C:\WINDOWS\System32\FsUsbExService.Exe © SS - Auto [08/02/2015] [ 107848] خدمة تحديث Google (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe © SS - Demand [08/02/2015] [ 107848] خدمة Google Update (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe © SR - Auto [14/03/2007] [ 62984] HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe © SR - Auto [02/05/2006] [ 135168] hpqwmiex (hpqwmiex) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe © SR - Auto [12/02/2007] [ 355096] Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe © SS - Demand [22/10/2004] [ 73728] InstallDriver Table Manager (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe © SR - Auto [08/06/2007] [ 208896] Keyboard And Mouse Communication Service (KMWDSERVICE) . (.UASSOFT.COM.) - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe © SR - Auto [15/12/2006] [ 61440] LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe © SS - Auto [18/09/2015] [ 2909472] LiveUpdate (LiveUpdateSvc) . (.IObit.) - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe © SR - Auto [17/03/2015] [ 1871160] (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\My Downloads\Malwarebytes Anti-Malware\mbamscheduler.exe © SR - Auto [17/03/2015] [ 1080120] (MBAMService) . (.Malwarebytes Corporation.) - C:\My Downloads\Malwarebytes Anti-Malware\mbamservice.exe © SR - Auto [23/07/2010] [ 45056] Meditel Monaco Modem Device Helper (Meditel Monaco Modem Device Helper) . (...) - C:\Program Files\HSPA USB MODEM\BackgroundService\ServiceManager.exe SS - Demand [27/08/2014] [ 114288] Mozilla Maintenance Service (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe © SS - Demand [12/02/2007] [ 880640] RoxMediaDB9 (RoxMediaDB9) . (.Sonic Solutions.) - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe © SR - Auto [01/11/2015] [ 255192] Realtek Audio Service (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe © SR - Auto [21/05/2015] [ 743688] SAMSUNG Mobile Connectivity Service (ss_conn_service) . (.DEVGURU Co., LTD..) - C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe © SS - Demand [17/02/2007] [ 74656] stllssvr (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe © SR - Auto [15/03/2011] [ 261456] UI Assistant Service (UI Assistant Service) . (...) - C:\Program Files\Internet Mobile+\AssistantServices.exe SR - Auto [31/01/2005] [ 49152] Ulead Burning Helper (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe © ---\\ Additional Scan (O88) (22) - 0s C:\Users\Mocro\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn =>Toolbar.AVGSafeGuard HKLM\SOFTWARE\Babylon =>PUP.Optional.Babylon HKLM\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\AVG Web TuneUp =>Toolbar.AVGSafeGuard HKCU\SOFTWARE\BearShare =>PUP.Optional.BearShare HKCU\SOFTWARE\Conduit =>PUP.Optional.Conduit HKCU\SOFTWARE\SpeedItUpFree =>PUP.Optional.SpeeditUp HKCU\SOFTWARE\YahooPartnerToolbar =>Toolbar.YahooPartner C:\Program Files\AVG Web TuneUp =>Toolbar.AVGSafeGuard C:\ProgramData\AVG Security Toolbar =>Toolbar.AVGSearch C:\ProgramData\AVG Web TuneUp =>Toolbar.AVGSafeGuard C:\ProgramData\ProductData =>PUP.Optional.Generic C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch C:\Users\Mocro\AppData\Local\AVG Web TuneUp =>Toolbar.AVGSafeGuard C:\Users\Mocro\AppData\Local\Mobogenie =>PUP.Optional.Mobogenie C:\Users\Mocro\AppData\Local\PackageAware =>PUP.Optional.BearShare C:\Windows\Prefetch\BUZZSEARCHSETUP.EXE-3788B222.pf =>PUP.Optional.BuzzSearch C:\Windows\Prefetch\BUZZSEARCH_SETUP.EXE-35750DD2.pf =>PUP.Optional.BuzzSearch C:\Windows\Prefetch\MYPC BACKUP.EXE-665A3E17.pf =>PUP.Optional.MyPCBackup C:\Windows\Prefetch\SIGNUP WIZARD.EXE-13F4E99F.pf =>PUP.Optional.MyPCBackup C:\Windows\Prefetch\UPDATEBUZZSEARCH.EXE-2EC47BFA.pf =>PUP.Optional.BuzzSearch C:\Windows\Prefetch\UTILBUZZSEARCH.EXE-9DB33912.pf =>PUP.Optional.BuzzSearch ---\\ Summary of the elements found (12) - 0s http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSafeGuard http://www.nicolascoolman.fr/?p=170 =>PUP.Optional.Babylon http://www.nicolascoolman.fr/?p=210 =>PUP.Optional.Conduit http://www.nicolascoolman.fr/?p=343 =>PUP.Optional.BearShare http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.SpeeditUp http://www.nicolascoolman.fr/?p=4664 =>Toolbar.YahooPartner http://www.nicolascoolman.fr/?p=4664 =>Toolbar.AVGSearch http://www.nicolascoolman.fr/?p=4664 =>PUP.Optional.Generic http://www.nicolascoolman.fr/?p=215 =>PUP.Optional.Mobogenie http://www.nicolascoolman.fr/?p=690 =>PUP.Optional.BuzzSearch http://www.nicolascoolman.fr/?p=316 =>PUP.Optional.MyPCBackup http://www.nicolascoolman.fr/?p=270 =>PUP.Optional.Datamngr ~ End of the scan, 32438 items in 378 seconds (1111)(0)