Un virus qui va me tuer !!
saruma1
Messages postés
4
Statut
Membre
-
saruma1 Messages postés 4 Statut Membre -
saruma1 Messages postés 4 Statut Membre -
Bonjour,
je sais pas quoi faire de ce virus qui va me tuer moi meme, j ai fais des analyses, avast est activé, Ccleaner clean toujours, et j ai toujours 0 virus détectés, il a désactivé l'antivirus, et m'a tout detruit, je trouve des icônes sur mon bureau et ma connexion internet parfois ne marche pas, je ne peux pas telecharger des logiciels.... le probleme c'est que je sais que je dois formater le PC pour me débarrasser de ce virus, mais j ai pas mal des choses ici que je ne veux pas les perdre spécialement des logiciels que j'utilise pour mes études
j'ai Windows 7, et terriblement attendre une réponse, Aidez moi SVP
je sais pas quoi faire de ce virus qui va me tuer moi meme, j ai fais des analyses, avast est activé, Ccleaner clean toujours, et j ai toujours 0 virus détectés, il a désactivé l'antivirus, et m'a tout detruit, je trouve des icônes sur mon bureau et ma connexion internet parfois ne marche pas, je ne peux pas telecharger des logiciels.... le probleme c'est que je sais que je dois formater le PC pour me débarrasser de ce virus, mais j ai pas mal des choses ici que je ne veux pas les perdre spécialement des logiciels que j'utilise pour mes études
j'ai Windows 7, et terriblement attendre une réponse, Aidez moi SVP
A voir également:
- Un virus qui va me tuer !!
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Virus facebook demande d'amis - Accueil - Facebook
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
6 réponses
A transférer par clé Usb sur pc malade
* Télécharge sur le bureau RogueKiller
* Quitte tous tes programmes en cours.
* Sous Vista/Seven et windows 8 , clique droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Patiente pendant le pre-scan, puis clique sur le bouton Scan
* Un rapport RKreport.txt a du se créer sur le bureau, poste-le.
Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.
* Télécharge sur le bureau RogueKiller
* Quitte tous tes programmes en cours.
* Sous Vista/Seven et windows 8 , clique droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Patiente pendant le pre-scan, puis clique sur le bouton Scan
* Un rapport RKreport.txt a du se créer sur le bureau, poste-le.
Note : Si le programme a été bloqué, ne pas hésiter à essayer plusieurs fois.
Voila le rapport
RogueKiller V8.7.12 [Dec 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : https://www.adlice.com/roguekiller/
Blog : https://www.adlice.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : TAIK [Admin rights]
Mode : Scan -- Date : 12/16/2013 21:25:02
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 1 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : adiras (C:\windows\adirasx64.exe [7]) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HM321HI +++++
--- User ---
[MBR] e2aa0b6c3c8781cc28b0b1bfd22dc8a1
[BSP] c465a0d85cecfc0c07026cdfff9aeec6 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_12162013_212502.txt >>
RogueKiller V8.7.12 [Dec 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : https://www.adlice.com/roguekiller/
Blog : https://www.adlice.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : TAIK [Admin rights]
Mode : Scan -- Date : 12/16/2013 21:25:02
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 1 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : adiras (C:\windows\adirasx64.exe [7]) -> FOUND
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HM321HI +++++
--- User ---
[MBR] e2aa0b6c3c8781cc28b0b1bfd22dc8a1
[BSP] c465a0d85cecfc0c07026cdfff9aeec6 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_S_12162013_212502.txt >>
* Quitte tous tes programmes en cours
* Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Patiente pendant le pre-scan, clique sur Scan
* Vérifie que tous les éléments sont cochés puis clique sur Suppression
* Poste le rapport RKreport.txt présent sur le bureau.
* Sous Vista/Seven , clique droit -> lancer en tant qu'administrateur
* Sinon lance simplement RogueKiller.exe
* Patiente pendant le pre-scan, clique sur Scan
* Vérifie que tous les éléments sont cochés puis clique sur Suppression
* Poste le rapport RKreport.txt présent sur le bureau.
RogueKiller V8.7.12 [Dec 14 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : https://www.adlice.com/roguekiller/
Blog : https://www.adlice.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : TAIK [Admin rights]
Mode : Remove -- Date : 12/16/2013 21:32:20
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 1 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : adiras (C:\windows\adirasx64.exe [7]) -> [0x5] Access is denied.
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HM321HI +++++
--- User ---
[MBR] e2aa0b6c3c8781cc28b0b1bfd22dc8a1
[BSP] c465a0d85cecfc0c07026cdfff9aeec6 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_D_12162013_213220.txt >>
RKreport[0]_S_12162013_212502.txt
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : https://www.adlice.com/roguekiller/
Blog : https://www.adlice.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : TAIK [Admin rights]
Mode : Remove -- Date : 12/16/2013 21:32:20
| ARK || FAK || MBR |
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 1 ¤¤¤
[RUN][SUSP PATH] HKLM\[...]\Wow6432Node\[...]\Run : adiras (C:\windows\adirasx64.exe [7]) -> [0x5] Access is denied.
¤¤¤ Scheduled tasks : 0 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HM321HI +++++
--- User ---
[MBR] e2aa0b6c3c8781cc28b0b1bfd22dc8a1
[BSP] c465a0d85cecfc0c07026cdfff9aeec6 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 290143 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_D_12162013_213220.txt >>
RKreport[0]_S_12162013_212502.txt
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
* Télécharge ZHPDiag (de Nicolas Coolman)
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html ou https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau l'icône est en forme de parchemin
https://www.cjoint.com/13sp/CIvuQfap3YY_zhpdiag.png
* A l'ouverture du logiciel il te sera proposé deux options "rechercher" et "configurer"
* Cliques sur configurer
* Options puis tous
* Clique sur l'icône représentant une loupe + (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Pour héberger le rapport, rends toi sur cjoint.com
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.
* Le rapport est sauvegardé dans C:\ZHP\ZHPDiag.txt
* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir
* Choisis le type de diffusion(je te conseille privée 4 jours il sera détruit)
* Puis cliques sur créer le lien cjoint
* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse
* Pour t'aider http://www.pc-infopratique.com/forum-informatique/tutoriel-heberger-rapport-vt-67934.html
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html ou https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/
* Au cas où le premier lien ne marcherai pas, clique sur celui de dessous
ftp://zebulon.fr/ZHPDiag2.exe
* Laisse toi guider lors de l'installation, il se lancera automatiquement à la fin.
* Surtout, n'oublie pas d'installer son icône sur le bureau l'icône est en forme de parchemin
https://www.cjoint.com/13sp/CIvuQfap3YY_zhpdiag.png
* A l'ouverture du logiciel il te sera proposé deux options "rechercher" et "configurer"
* Cliques sur configurer
* Options puis tous
* Clique sur l'icône représentant une loupe + (« Lancer le diagnostic »)
* Enregistre le rapport sur ton Bureau à l'aide de l'icône représentant une disquette
* Pour héberger le rapport, rends toi sur cjoint.com
* Clique sur choisissez un fichier va chercher le rapport dans ton PC.
* Le rapport est sauvegardé dans C:\ZHP\ZHPDiag.txt
* Une fois le rapport trouvé, sélectionne le, et clique sur Ouvrir
* Choisis le type de diffusion(je te conseille privée 4 jours il sera détruit)
* Puis cliques sur créer le lien cjoint
* Une fois que tu auras obtenu le lien copies colle dans ta prochaine réponse
* Pour t'aider http://www.pc-infopratique.com/forum-informatique/tutoriel-heberger-rapport-vt-67934.html
~ Report of ZHPDiag v2013.12.14.22 - Nicolas Coolman (12/14/2013)
~ Launched by TAIK (12/16/2013 9:50:23 PM)
~ Web site address : https://nicolascoolman.webs.com/
~ Free support forums for disinfection : https://nicolascoolman.webs.com/
~ Translated by
~ Version State :
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Deactivate by program
---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v31.0.1650.63
---\\ Windows product information
~ Langage: Anglais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System protection software
avast! Free Antivirus v9.0.2008
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ System optimization software
CCleaner v3.16 =>Piriform Ltd
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3034.4 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 176 GB (62%) free of 283 GB
---\\ Connection to the system mode
~ Computer Name: TAIK-PC
~ User Name: TAIK
~ All Users Names: TAIK, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\TAIK\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TAIK\AppData\Roaming\
~ %Desktop% : C:\Users\TAIK\Desktop\
~ %Favorites% : C:\Users\TAIK\Favorites\
~ %LocalAppData% : C:\Users\TAIK\AppData\Local\
~ %StartMenu% : C:\Users\TAIK\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 176 Go of 283 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn AMs
---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.2/25/2011 - 6:19:30 AM.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.7/14/2009 - 1:39:52 AM.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.11/26/2013 - 7:07:57 AM.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) (.11/20/2010 - 1:25:30 PM.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.11/20/2010 - 1:27:26 PM.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.9/28/2013 - 1:09:10 AM.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 1:52:21 AM.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/13/2009 - 11:19:47 PM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/20/2010 - 9:19:21 AM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/20/2010 - 9:26:32 AM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/20/2010 - 10:43:43 AM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.7/13/2009 - 11:19:57 PM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.7/14/2009 - 12:10:03 AM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/27/2011 - 2:40:40 AM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.11/20/2010 - 9:23:20 AM.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) (.4/12/2013 - 2:45:08 PM.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.7/14/2009 - 12:00:41 AM.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/20/2010 - 10:52:35 AM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.7/14/2009 - 12:09:09 AM.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.11/20/2010 - 9:21:56 AM.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.11/20/2010 - 1:34:02 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn AMs
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/1683
~ Mes musiques (My Musics) : 103/165
~ Mes Videos (My Videos) : 1/120
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 3/1111
~ Mon Bureau (My Desktop) : 2/4882
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 03mn AMs
---\\ Process running
[MD5.8E7AF6DD4E43C14D957C0AD7CA0A7B89] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104] [PID.480]
[MD5.E20433DAC42F0351F237F87D8ADC4E8A] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296] [PID.1028]
[MD5.CBEBF85763814AD2CA23491050B08D76] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.1484]
[MD5.80B62FF105908EC9E4B072AFB1CFC824] - (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744] [PID.4028]
[MD5.4D83DC461F8F4370274CF6E9AC9A34F4] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2488]
[MD5.5DBC85C723E421198FD35C3355EBA996] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280] [PID.1616]
[MD5.367309746E04D480AD0DCF1FFD197E8D] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928] [PID.2072]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.2448]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.1244]
[MD5.1F0A97900FC718CE617A722BEF8580CD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3568312] [PID.3280]
[MD5.F152A1C1F9CE2F13056D3BFB14F001CE] - (.No owner - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe [128864] [PID.2532]
[MD5.0F62C209E85C254BFF7A878698CED9FA] - (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe [5078032] [PID.1172]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.4420]
[MD5.E0B173F23D873286169995D66B9E3CDF] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.6036]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.3344]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8295936] [PID.4332]
[MD5.0840ABBBDF438691EE65A20040635CBE] - (.Stardock Corporation - Dock Login Service.) -- C:\Program Files\Dell\DellDock\DockLogin.exe [155648] [PID.1156]
[MD5.4D41D30E2FAB3307967C7A0B045DC874] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1360]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1580]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1644]
[MD5.120A276B3A78BEDEB39E1925405A201D] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840] [PID.1848]
[MD5.F03AF5970F14AF59EBAD1BCCC0BB29C6] - (.Oracle Corporation - Oracle RDBMS Kernel Executable.) -- c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.exe [59064320] [PID.1772]
[MD5.8AF936CE45788974EFFF7D0F19143583] - (...) -- C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [204800] [PID.1576]
[MD5.E1974A92AC0914A3859359A0A8C82C68] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [689472] [PID.2344]
[MD5.AE40D1BC6FB02A5625516AD74CA9A309] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289472] [PID.2384]
[MD5.A9BE186ABF28B3D3D698CB855EDF457E] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4436]
[MD5.5B12F325CF1F14B21403ACA2D7DF0157] - (...) -- C:\Users\TAIK\Downloads\RogueKiller(1).exe [3574272] [PID.936]
~ Processes Running: Scanned in 01mn AMs
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\TAIK\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Search v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.13.0.13771, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.5.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 14 Scanned in 01mn AMs
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\prefs.js
C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\user.js
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\ividi.xml =>PUP.Ividi
M0 - MFSP: prefs.js [TAIK - yjk2os4o.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [TAIK - yjk2os4o.default\21b5974a-55c0-4430-8d86-d57870e25f3e@59111656-77fb-4e9b-a44e-3d52ff4a1b83.com] [] service-x86 v (..)
M2 - MFEP: prefs.js [TAIK - yjk2os4o.default\en-US@dictionaries.addons.mozilla.org] [] United States English Spellchecker v7.0.1 (..)
M2 - MFEP: prefs.js [TAIK - yjk2os4o.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [] Bitdefender QuickScan v0.9.9.119 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\TAIK\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 4.8.2.15856.) -- C:\Users\TAIK\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 4.8.2.15856.) -- C:\Users\TAIK\AppData\Roaming\Mozilla\plugins\npo1d.dll
P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.No owner - Google Talk Plugin Video Accelerator version:0.1.44.29.) -- C:\Users\TAIK\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\TAIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\TAIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
~ Firefox Browser: 17 Scanned in 00mn AMs
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.menara.ma/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.9600.16428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 18 Scanned in 00mn AMs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn AMs
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn AMs
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects (O2)
O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll =>Toolbar.Bing
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Orphan key
~ BHO: 11 Scanned in 00mn AMs
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Orphan key
~ Toolbar: Scanned in 00mn AMs
---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: Apps.lnk . (...) -- C:\Users\Public\Libraries\Apps.library-ms
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd
O4 - GS\Desktop [Public]: Enterprise Architect.lnk . (.Sparx Systems Pty Ltd - Enterprise Architect - UML Development Tool.) -- C:\Program Files (x86)\Sparx Systems\EA Trial\EA.exe
O4 - GS\Desktop [Public]: HP Deskjet 2050 J510 series Scan.lnk . (.Hewlett-Packard Co. - HPScan.) -- C:\Program Files (x86)\HP\HP Deskjet 2050 J510 series\bin\HPScan.exe
O4 - GS\Desktop [Public]: HP Deskjet 2050 J510 series.lnk . (...) -- C:\Program Files (x86)\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe (.not file.)
O4 - GS\Desktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) -- C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
O4 - GS\Desktop [Public]: Internet Haut Débit Mobile.lnk . (...) -- C:\Program Files (x86)\Internet Haut Débit Mobile\UIMain.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O4 - GS\Desktop [Public]: KakaoTalk.lnk . (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: Menara ADSL.lnk - Orphan key
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: QuickTime Player.lnk . (.Apple Inc. - QuickTime Player.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe =>.Apple Inc
O4 - GS\Desktop [Public]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\Desktop [Public]: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\Desktop [Public]: Shop for Supplies - HP Deskjet 2050 J510 series.lnk . (...) -- C:\Program Files (x86)\HP\HP Deskjet 2050 J510 series\Bin\hpqDTSS.exe (.not file.)
O4 - GS\Desktop [Public]: Start BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks StartLauncher.) -- C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.5.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [Public]: Cozi Family Calendar.lnk . (.Cozi Group, Inc. - Cozi Express.) -- C:\Program Files (x86)\Cozi Express\CoziExpress.exe
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Default Manager.lnk . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) -- C:\windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) -- C:\windows\system32\xpsrchvw.exe
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) -- C:\windows\system32\calc.exe
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) -- C:\windows\system32\displayswitch.exe
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) -- C:\windows\system32\mblctr.exe
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) -- C:\windows\system32\mstsc.exe
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) -- C:\windows\system32\SnippingTool.exe
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) -- C:\windows\system32\SoundRecorder.exe
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) -- C:\windows\system32\StikyNot.exe
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Getting Started.) -- C:\Windows\system32\OobeFldr.dll
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) -- C:\windows\system32\charmap.exe
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) -- C:\windows\system32\dfrgui.exe
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) -- C:\windows\system32\cleanmgr.exe
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) -- C:\windows\system32\perfmon.exe
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) -- C:\windows\system32\msinfo32.exe
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) -- C:\windows\system32\rstrui.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) -- C:\windows\system32\migwiz\postmig.exe
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) -- C:\windows\system32\migwiz\migwiz.exe
O4 - GS\QuickLaunch [TAIK]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [TAIK]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\TAIK\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo
O4 - GS\QuickLaunch [TAIK]: KakaoTalk.lnk . (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
O4 - GS\QuickLaunch [TAIK]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [TAIK]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch [TAIK]: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\TaskBar [TAIK]: CodeBlocks.lnk . (...) -- C:\Program Files (x86)\CodeBlocks\codeblocks.exe
O4 - GS\TaskBar [TAIK]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [TAIK]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O4 - GS\TaskBar [TAIK]: KakaoTalk.lnk . (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
O4 - GS\TaskBar [TAIK]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [TAIK]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\TaskBar [TAIK]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) -- C:\windows\explorer.exe
O4 - GS\Program [TAIK]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\TAIK\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo
O4 - GS\Program [TAIK]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories [TAIK]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) -- C:\windows\system32\cmd.exe
O4 - GS\Accessories [TAIK]: Notepad.lnk . (.Microsoft Corporation - Notepad.) -- C:\windows\system32\notepad.exe
O4 - GS\Accessories [TAIK]: Run.lnk - Orphan key
O4 - GS\Accessories [TAIK]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) -- C:\windows\explorer.exe
O4 - GS\SystemTools [TAIK]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [TAIK]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) -- C:\windows\system32\eudcedit.exe
O4 - GS\SendTo [TAIK]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
O4 - GS\SendTo [TAIK]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
O4 - GS\SendTo [TAIK]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
O4 - GS\SendTo [TAIK]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\SendTo [TAIK]: emu8086.lnk . (.www.emu8086.com - emu8086.) -- C:\emu8086\emu8086.exe
O4 - GS\SendTo [TAIK]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [TAIK]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) -- C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe
O4 - GS\Desktop [TAIK]: LTspice IV.lnk . (...) -- C:\Program Files (x86)\LTC\LTspiceIV\scad3.exe
O4 - GS\Desktop [TAIK]: Walmart Photo.lnk - Orphan key
O4 - GS\Desktop [TAIK]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [TAIK]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 91 Scanned in 02mn AMs
---\\ Auto loading programs from Registry and folders (O4)
O4 - GS\Startup [TAIK]: OpenOffice.org 3.3.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [adiras] . (.No owner - ADI RAS setup Application.) -- C:\Windows\adiras.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\windows\Speech\Common\sapisvr.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
O4 - HKLM\..\Wow6432Node\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Dell Registration] . (.Dell, Inc. - System Registration.) -- C:\Program Files (x86)\System Registration\prodreg.exe
O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [adiras] . (.No owner - ADI RAS setup Application.) -- C:\windows\adirasx64.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\9d001794-4a08-4f0f-ae1e-0a505514825c.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [autodetect] . (.No owner - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\windows\Speech\Common\sapisvr.exe
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn AMs
---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn AMs
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn AMs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 10 Scanned in 00mn AMs
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC3D52B9-4EAF-4FF5-BCF6-0E286E1778BF}: NameServer = 62.251.229.237
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA3D324A-B4EC-413C-8A17-FA18FC36806D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC3D52B9-4EAF-4FF5-BCF6-0E286E1778BF}: NameServer = 62.251.229.237
O17 - HKLM\System\CS1\Services\Tcpip\..\{EA3D324A-B4EC-413C-8A17-FA18FC36806D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{EA3D324A-B4EC-413C-8A17-FA18FC36806D}: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn AMs
---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn AMs
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: GoToAssist . (...) -- C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll (.not file.)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn AMs
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn AMs
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Dock Login Service (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: MATLAB Server (matlabserver) . (...) - C:\MATLAB6p1\webserver\bin\win32\matlabserver.exe
O23 - Service: Dell DataSafe Online (NOBU) . (.Dell, Inc. - Dell DataSafe Online Service.) - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: OracleServiceXE (OracleServiceXE) . (.Oracle Corporation - Oracle RDBMS Kernel Executable.) - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.exe
O23 - Service: OracleXETNSListener (OracleXETNSListener) . (...) - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: Application Virtualization Client (sftlist) . (...) - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
~ Services: 18 Scanned in 10mn AMs
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn AMs
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn AMs
---\\ Task Planned Automatically (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core.job [902]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA.job [924]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [890]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [894]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core.job [852]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA.job [904]
[MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.627F410F11F74008E9DC14B7F640CF34] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [761568]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core] (.Facebook Inc..) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA] (.Facebook Inc..) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core] (.Google Inc..) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA] (.Google Inc..) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.B4725170B546863C09583E40E6E7BCED] [APT] [HPCustParticipation HP Deskjet 2050 J510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [3689320]
[MD5.DCF538ADF6D917889306DFA0B357EC22] [APT] [PCDEventLauncher] (...) -- C:\Program Files\Dell Support Center\sessionchecker.exe [362312]
[MD5.00000000000000000000000000000000] [APT] [{5201846F-718A-4839-94CC-F1137B0D89AD}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7690ACFB-47B5-41A8-81A9-80DA09446C8A}] (...) -- C:\Users\TAIK\Downloads\Vio_Player_Setup.exe (.not file.) [0]
[MD5.077D59BA0FD4007E841B6C670862B065] [APT] [{83576B96-C20D-48B2-B412-595FFC31903C}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [275568]
[MD5.FB6674A519505CC93E28CF600BBC23A3] [APT] [{98D2302D-EFE3-48A5-920A-08E2451F69CC}] (.InstallShield Software Corporation.) -- C:\Users\TAIK\Documents\salma\salma-Drivers\super modem\SAGEM F@st 800 v4.0.5\tools\Setup.exe [168448]
[MD5.077D59BA0FD4007E841B6C670862B065] [APT] [{E72178A1-0AB3-4398-A30F-C3D8DD811DCC}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [275568]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 26 Scanned in 03mn AMs
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Windows Command Processor.) -- C:\windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn AMs
---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\windows\system32\drivers\aswTdi.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn AMs
---\\ Software installed (O42)
O42 - Logiciel: 4Free Video Converter 3 - (.4Free Studio.) [HKLM][64Bits] -- {7061301A-0D44-432F-859D-AF705DA2C81F}_is1
O42 - Logiciel: AVS Video Editor 6 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Video Editor_is1
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.8) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM][64Bits] -- Advanced Audio FX Engine
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81} =>Toolbar.Bing
O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {77C4850C-3592-4A2F-B652-ACB77A1EF77C} =>Toolbar.Bing
O42 - Logiciel: Bing Rewards Client Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- BlueStacks App Player
O42 - Logiciel: BlueStacks Notification Center - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {9D84E30F-6757-4A56-BCB5-51ADE3AE8631}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM][64Bits] -- bi_uninstaller =>Adware.MegaSearch
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU][64Bits] -- CodeBlocks
O42 - Logiciel: Coupon Printer for Windows - (.Coupons.com Incorporated.) [HKLM][64Bits] -- Coupon Printer for Windows5.0.0.0
O42 - Logiciel: Cozi - (.Cozi Group, Inc..) [HKLM][64Bits] -- {2DA5F129-11AC-4F11-8188-B2F07EAAC20A}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dell DataSafe Local Backup - (.Dell.) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04}
O42 - Logiciel: Dell DataSafe Local Backup - Support Software - (.Dell.) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49}
O42 - Logiciel: Dell DataSafe Online - (.Dell.) [HKLM][64Bits] -- {7EC66A95-AC2D-4127-940B-0445A526AB2F}
O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM][64Bits] -- Dell Dock
O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM][64Bits] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
O42 - Logiciel: Dell Home Systems Service Agreement - (.Dell Inc..) [HKLM][64Bits] -- {AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}
O42 - Logiciel: Dell Product Registration - (.Dell Inc..) [HKLM][64Bits] -- {2A0F2CC5-3065-492C-8380-B03AA7106B1A}
O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM][64Bits] -- Dell Support Center
O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A}
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central
O42 - Logiciel: Dell Wireless Driver Installation - (.Dell.) [HKLM][64Bits] -- {451517F1-7E41-400B-AA36-FB7E2563526D}
O42 - Logiciel: Enterprise Architect 10 - 30 Day Trial Edition - (.Sparx Systems.) [HKLM][64Bits] -- {4C78E7B2-AE8C-492E-8A97-BA6A641C616B}
O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM][64Bits] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3}
O42 - Logiciel: Free Audio Editor v7.9.4 - (.FreeAudioStudio Inc..) [HKLM][64Bits] -- Free Audio Editor_is1
O42 - Logiciel: GoToAssist 8.0.0.514
~ Launched by TAIK (12/16/2013 9:50:23 PM)
~ Web site address : https://nicolascoolman.webs.com/
~ Free support forums for disinfection : https://nicolascoolman.webs.com/
~ Translated by
~ Version State :
~ White List : Deactivate by user
~ Elevation of privilege : OK
~ User Account Control : Deactivate by program
---\\ Internet browsers
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v31.0.1650.63
---\\ Windows product information
~ Langage: Anglais
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System protection software
avast! Free Antivirus v9.0.2008
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7
---\\ System optimization software
CCleaner v3.16 =>Piriform Ltd
---\\ Sharing software PeerToPeer
---\\ Surveillance software
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 25
---\\ Information on the system
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3034.4 MB (38% free)
System Restore: Activé (Enable)
System drive C: has 176 GB (62%) free of 283 GB
---\\ Connection to the system mode
~ Computer Name: TAIK-PC
~ User Name: TAIK
~ All Users Names: TAIK, Guest, Administrator,
~ Unselected Option: None
Logged in as Administrator
---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\TAIK\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\TAIK\AppData\Roaming\
~ %Desktop% : C:\Users\TAIK\Desktop\
~ %Favorites% : C:\Users\TAIK\Favorites\
~ %LocalAppData% : C:\Users\TAIK\AppData\Local\
~ %StartMenu% : C:\Users\TAIK\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumeration of the disk units
C: Hard drive, Flash drive, Thumb drive (Free 176 Go of 283 Go)
D: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 41 Scanned in 00mn AMs
---\\ Search Generic System Files
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Windows Explorer.) (.2/25/2011 - 6:19:30 AM.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Windows Start-Up Application.) (.7/14/2009 - 1:39:52 AM.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.11/26/2013 - 7:07:57 AM.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Windows Logon Application.) (.11/20/2010 - 1:25:30 PM.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Software Licensing Library.) (.11/20/2010 - 1:27:26 PM.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.9/28/2013 - 1:09:10 AM.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 1:52:21 AM.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/13/2009 - 11:19:47 PM.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/20/2010 - 9:19:21 AM.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/20/2010 - 9:26:32 AM.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/20/2010 - 10:43:43 AM.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - i8042 Port Driver.) (.7/13/2009 - 11:19:57 PM.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.7/14/2009 - 12:10:03 AM.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/27/2011 - 2:40:40 AM.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.11/20/2010 - 9:23:20 AM.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - NT File System Driver.) (.4/12/2013 - 2:45:08 PM.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Parallel Port Driver.) (.7/14/2009 - 12:00:41 AM.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/20/2010 - 10:52:35 AM.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.7/14/2009 - 12:09:09 AM.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.11/20/2010 - 9:21:56 AM.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.11/20/2010 - 1:34:02 PM.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn AMs
---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/1683
~ Mes musiques (My Musics) : 103/165
~ Mes Videos (My Videos) : 1/120
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 3/1111
~ Mon Bureau (My Desktop) : 2/4882
~ Menu demarrer (Programs) : 1/32
~ Hidden Files: Scanned in 03mn AMs
---\\ Process running
[MD5.8E7AF6DD4E43C14D957C0AD7CA0A7B89] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1476104] [PID.480]
[MD5.E20433DAC42F0351F237F87D8ADC4E8A] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296] [PID.1028]
[MD5.CBEBF85763814AD2CA23491050B08D76] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.1484]
[MD5.80B62FF105908EC9E4B072AFB1CFC824] - (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744] [PID.4028]
[MD5.4D83DC461F8F4370274CF6E9AC9A34F4] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208] [PID.2488]
[MD5.5DBC85C723E421198FD35C3355EBA996] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280] [PID.1616]
[MD5.367309746E04D480AD0DCF1FFD197E8D] - (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe [601928] [PID.2072]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.2448]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.1244]
[MD5.1F0A97900FC718CE617A722BEF8580CD] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3568312] [PID.3280]
[MD5.F152A1C1F9CE2F13056D3BFB14F001CE] - (.No owner - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe [128864] [PID.2532]
[MD5.0F62C209E85C254BFF7A878698CED9FA] - (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe [5078032] [PID.1172]
[MD5.077D59BA0FD4007E841B6C670862B065] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.4420]
[MD5.E0B173F23D873286169995D66B9E3CDF] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.6036]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.3344]
[MD5.2330B5A4A3824F042DC96D524893A6B5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8295936] [PID.4332]
[MD5.0840ABBBDF438691EE65A20040635CBE] - (.Stardock Corporation - Dock Login Service.) -- C:\Program Files\Dell\DellDock\DockLogin.exe [155648] [PID.1156]
[MD5.4D41D30E2FAB3307967C7A0B045DC874] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1360]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1580]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1644]
[MD5.120A276B3A78BEDEB39E1925405A201D] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840] [PID.1848]
[MD5.F03AF5970F14AF59EBAD1BCCC0BB29C6] - (.Oracle Corporation - Oracle RDBMS Kernel Executable.) -- c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.exe [59064320] [PID.1772]
[MD5.8AF936CE45788974EFFF7D0F19143583] - (...) -- C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe [204800] [PID.1576]
[MD5.E1974A92AC0914A3859359A0A8C82C68] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [689472] [PID.2344]
[MD5.AE40D1BC6FB02A5625516AD74CA9A309] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289472] [PID.2384]
[MD5.A9BE186ABF28B3D3D698CB855EDF457E] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4436]
[MD5.5B12F325CF1F14B21403ACA2D7DF0157] - (...) -- C:\Users\TAIK\Downloads\RogueKiller(1).exe [3574272] [PID.936]
~ Processes Running: Scanned in 01mn AMs
---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\TAIK\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Store v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Docs v.0.5 (Activé)
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Activé)
G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Search v.0.0.0.20 (Activé)
G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Activé)
G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Click to Call v.6.13.0.13771, (Désactivé)
G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.5.0 (Activé)
G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Activé)
~ Google Browser: 14 Scanned in 01mn AMs
---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\prefs.js
C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\user.js
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [TAIK] -- C:\Users\TAIK\AppData\Roaming\Mozilla\Firefox\Profiles\yjk2os4o.default\searchplugins\ividi.xml =>PUP.Ividi
M0 - MFSP: prefs.js [TAIK - yjk2os4o.default] https://www.google.fr/?gws_rd=ssl
M2 - MFEP: prefs.js [TAIK - yjk2os4o.default\21b5974a-55c0-4430-8d86-d57870e25f3e@59111656-77fb-4e9b-a44e-3d52ff4a1b83.com] [] service-x86 v (..)
M2 - MFEP: prefs.js [TAIK - yjk2os4o.default\en-US@dictionaries.addons.mozilla.org] [] United States English Spellchecker v7.0.1 (..)
M2 - MFEP: prefs.js [TAIK - yjk2os4o.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [] Bitdefender QuickScan v0.9.9.119 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\TAIK\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (.Google - Version 4.8.2.15856.) -- C:\Users\TAIK\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (.Google - Version 4.8.2.15856.) -- C:\Users\TAIK\AppData\Roaming\Mozilla\plugins\npo1d.dll
P2 - FPN: [HKCU] [@talk.google.com/O3DPlugin] - (.No owner - Google Talk Plugin Video Accelerator version:0.1.44.29.) -- C:\Users\TAIK\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\TAIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\TAIK\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
~ Firefox Browser: 17 Scanned in 00mn AMs
---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.menara.ma/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.microsoft.com/fr-fr/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.9600.16428 (winblue_gdr.131013-1700)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 18 Scanned in 00mn AMs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn AMs
---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn AMs
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn AMs
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects (O2)
O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Bing Bar BHO [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll =>Toolbar.Bing
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Orphan key
~ BHO: 11 Scanned in 00mn AMs
---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Orphan key
~ Toolbar: Scanned in 00mn AMs
---\\ Other User Links (O4)
O4 - GS\Desktop [Public]: Adobe Reader X.lnk . (.Adobe Systems Incorporated - Adobe Reader.) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
O4 - GS\Desktop [Public]: Apps.lnk . (...) -- C:\Users\Public\Libraries\Apps.library-ms
O4 - GS\Desktop [Public]: avast! Free Antivirus.lnk . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - GS\Desktop [Public]: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>Piriform Ltd
O4 - GS\Desktop [Public]: Enterprise Architect.lnk . (.Sparx Systems Pty Ltd - Enterprise Architect - UML Development Tool.) -- C:\Program Files (x86)\Sparx Systems\EA Trial\EA.exe
O4 - GS\Desktop [Public]: HP Deskjet 2050 J510 series Scan.lnk . (.Hewlett-Packard Co. - HPScan.) -- C:\Program Files (x86)\HP\HP Deskjet 2050 J510 series\bin\HPScan.exe
O4 - GS\Desktop [Public]: HP Deskjet 2050 J510 series.lnk . (...) -- C:\Program Files (x86)\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe (.not file.)
O4 - GS\Desktop [Public]: HP Photo Creations.lnk . (.Visan / RocketLife - PhotoProduct.exe.) -- C:\Program Files (x86)\HP Photo Creations\PhotoProduct.exe
O4 - GS\Desktop [Public]: Internet Haut Débit Mobile.lnk . (...) -- C:\Program Files (x86)\Internet Haut Débit Mobile\UIMain.exe
O4 - GS\Desktop [Public]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O4 - GS\Desktop [Public]: KakaoTalk.lnk . (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
O4 - GS\Desktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
O4 - GS\Desktop [Public]: Menara ADSL.lnk - Orphan key
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: QuickTime Player.lnk . (.Apple Inc. - QuickTime Player.) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe =>.Apple Inc
O4 - GS\Desktop [Public]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\Desktop [Public]: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\Desktop [Public]: Shop for Supplies - HP Deskjet 2050 J510 series.lnk . (...) -- C:\Program Files (x86)\HP\HP Deskjet 2050 J510 series\Bin\hpqDTSS.exe (.not file.)
O4 - GS\Desktop [Public]: Start BlueStacks.lnk . (.BlueStack Systems, Inc. - BlueStacks StartLauncher.) -- C:\Program Files (x86)\BlueStacks\HD-StartLauncher.exe
O4 - GS\Desktop [Public]: VLC media player.lnk . (.VideoLAN - VLC media player 2.0.5.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\Program [Public]: Adobe Reader X.lnk . (...) -- C:\windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Apple Software Update.lnk . (...) -- C:\windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe =>.Apple Inc
O4 - GS\Program [Public]: Cozi Family Calendar.lnk . (.Cozi Group, Inc. - Cozi Express.) -- C:\Program Files (x86)\Cozi Express\CoziExpress.exe
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Default Manager.lnk . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: Sidebar.lnk . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\sidebar.exe
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Windows Anytime Upgrade User Interface.) -- C:\windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Mail.lnk . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Movie Maker.lnk . (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Live Photo Gallery.lnk . (.Microsoft Corporation - Windows Live Photo Gallery.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - XPS Viewer.) -- C:\windows\system32\xpsrchvw.exe
O4 - GS\Accessories [Public]: Bluetooth File Transfer Wizard.lnk . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Windows Calculator.) -- C:\windows\system32\calc.exe
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Display Switch.) -- C:\windows\system32\displayswitch.exe
O4 - GS\Accessories [Public]: Math Input Panel.lnk . (.Microsoft Corporation - Math Input Panel Accessory.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\mip.exe
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Windows Mobility Center.) -- C:\windows\system32\mblctr.exe
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Remote Desktop Connection.) -- C:\windows\system32\mstsc.exe
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Snipping Tool.) -- C:\windows\system32\SnippingTool.exe
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Windows Sound Recorder.) -- C:\windows\system32\SoundRecorder.exe
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Sticky Notes.) -- C:\windows\system32\StikyNot.exe
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Getting Started.) -- C:\Windows\system32\OobeFldr.dll
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Windows Wordpad Application.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Character Map.) -- C:\windows\system32\charmap.exe
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Microsoft® Disk Defragmenter.) -- C:\windows\system32\dfrgui.exe
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Disk Space Cleanup Manager for Windows.) -- C:\windows\system32\cleanmgr.exe
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Resource and Performance Monitor.) -- C:\windows\system32\perfmon.exe
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - System Information.) -- C:\windows\system32\msinfo32.exe
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Microsoft® Windows System Restore.) -- C:\windows\system32\rstrui.exe
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Windows Easy Transfer Post Migration Applic.) -- C:\windows\system32\migwiz\postmig.exe
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Windows Easy Transfer Application.) -- C:\windows\system32\migwiz\migwiz.exe
O4 - GS\QuickLaunch [TAIK]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [TAIK]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\TAIK\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo
O4 - GS\QuickLaunch [TAIK]: KakaoTalk.lnk . (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
O4 - GS\QuickLaunch [TAIK]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [TAIK]: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch [TAIK]: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\TaskBar [TAIK]: CodeBlocks.lnk . (...) -- C:\Program Files (x86)\CodeBlocks\codeblocks.exe
O4 - GS\TaskBar [TAIK]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [TAIK]: iTunes.lnk . (.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe
O4 - GS\TaskBar [TAIK]: KakaoTalk.lnk . (.Kakao Inc. - KakaoTalk.) -- C:\Program Files (x86)\Kakao\KakaoTalk\KakaoTalk.exe
O4 - GS\TaskBar [TAIK]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar [TAIK]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\TaskBar [TAIK]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) -- C:\windows\explorer.exe
O4 - GS\Program [TAIK]: iLivid.lnk . (.Bandoo Media Inc. - iLivid Download Manager.) -- C:\Users\TAIK\AppData\Local\iLivid\iLivid.exe =>Adware.Bandoo
O4 - GS\Program [TAIK]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories [TAIK]: Command Prompt.lnk . (.Microsoft Corporation - Windows Command Processor.) -- C:\windows\system32\cmd.exe
O4 - GS\Accessories [TAIK]: Notepad.lnk . (.Microsoft Corporation - Notepad.) -- C:\windows\system32\notepad.exe
O4 - GS\Accessories [TAIK]: Run.lnk - Orphan key
O4 - GS\Accessories [TAIK]: Windows Explorer.lnk . (.Microsoft Corporation - Windows Explorer.) -- C:\windows\explorer.exe
O4 - GS\SystemTools [TAIK]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [TAIK]: Private Character Editor.lnk . (.Microsoft Corporation - Private Character Editor.) -- C:\windows\system32\eudcedit.exe
O4 - GS\SendTo [TAIK]: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
O4 - GS\SendTo [TAIK]: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
O4 - GS\SendTo [TAIK]: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
O4 - GS\SendTo [TAIK]: Bluetooth File Transfer.LNK . (.Microsoft Corporation - No Comment.) -- C:\Windows\System32\fsquirt.exe
O4 - GS\SendTo [TAIK]: emu8086.lnk . (.www.emu8086.com - emu8086.) -- C:\emu8086\emu8086.exe
O4 - GS\SendTo [TAIK]: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - GS\Desktop [TAIK]: AVS Video Editor.lnk . (.Online Media Technologies Ltd. - Video Editor.) -- C:\Program Files (x86)\AVS4YOU\AVSVideoEditor\AVSVideoEditor.exe
O4 - GS\Desktop [TAIK]: LTspice IV.lnk . (...) -- C:\Program Files (x86)\LTC\LTspiceIV\scad3.exe
O4 - GS\Desktop [TAIK]: Walmart Photo.lnk - Orphan key
O4 - GS\Desktop [TAIK]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [TAIK]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 91 Scanned in 02mn AMs
---\\ Auto loading programs from Registry and folders (O4)
O4 - GS\Startup [TAIK]: OpenOffice.org 3.3.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio Manager.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [adiras] . (.No owner - ADI RAS setup Application.) -- C:\Windows\adiras.exe
O4 - HKCU\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\windows\Speech\Common\sapisvr.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
O4 - HKLM\..\Wow6432Node\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [Dell Registration] . (.Dell, Inc. - System Registration.) -- C:\Program Files (x86)\System Registration\prodreg.exe
O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [adiras] . (.No owner - ADI RAS setup Application.) -- C:\windows\adirasx64.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\9d001794-4a08-4f0f-ae1e-0a505514825c.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [autodetect] . (.No owner - AutoDect.) -- C:\Program Files (x86)\Internet Haut Débit Mobile\AutoDect.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Windows Desktop Gadgets.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [msnmsgr] C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [Speech Recognition] . (.Microsoft Corporation - Speech Recognition.) -- C:\windows\Speech\Common\sapisvr.exe
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-759079221-2054998278-1189646431-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Facebook Installer.) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe
~ Application: Scanned in 00mn AMs
---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn AMs
---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn AMs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - E-mail Naming Shim Provider.) -- C:\windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Microsoft Windows Sockets 2.0 Service Provider.) -- C:\windows\system32\mswsock.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll =>.Microsoft Corporation
O10 - WLSP:\000000000010\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll
~ Winsock: 10 Scanned in 00mn AMs
---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC3D52B9-4EAF-4FF5-BCF6-0E286E1778BF}: NameServer = 62.251.229.237
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA3D324A-B4EC-413C-8A17-FA18FC36806D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC3D52B9-4EAF-4FF5-BCF6-0E286E1778BF}: NameServer = 62.251.229.237
O17 - HKLM\System\CS1\Services\Tcpip\..\{EA3D324A-B4EC-413C-8A17-FA18FC36806D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{EA3D324A-B4EC-413C-8A17-FA18FC36806D}: DhcpNameServer = 192.168.0.1
~ Domain: Scanned in 00mn AMs
---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn AMs
---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: GoToAssist . (...) -- C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll (.not file.)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn AMs
---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn AMs
---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) . (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) . (.BlueStack Systems, Inc. - BlueStacks Service.) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Dock Login Service (DockLoginService) . (.Stardock Corporation - Dock Login Service.) - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: MATLAB Server (matlabserver) . (...) - C:\MATLAB6p1\webserver\bin\win32\matlabserver.exe
O23 - Service: Dell DataSafe Online (NOBU) . (.Dell, Inc. - Dell DataSafe Online Service.) - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: OracleServiceXE (OracleServiceXE) . (.Oracle Corporation - Oracle RDBMS Kernel Executable.) - c:\oraclexe\app\oracle\product\10.2.0\server\bin\ORACLE.exe
O23 - Service: OracleXETNSListener (OracleXETNSListener) . (...) - C:\oraclexe\app\oracle\product\10.2.0\server\BIN\tnslsnr.exe
O23 - Service: Application Virtualization Client (sftlist) . (...) - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
O23 - Service: SoftThinks Agent Service (SftService) . (.SoftThinks SAS - SoftThinks Agent Service.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
O23 - Service: Skype C2C Service (Skype C2C Service) . (.Skype Technologies S.A. - Skype C2C Service.) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
~ Services: 18 Scanned in 10mn AMs
---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn AMs
---\\ BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ BEX: 1 Scanned in 00mn AMs
---\\ Task Planned Automatically (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [830]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core.job [902]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA.job [924]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [890]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [894]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core.job [852]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA.job [904]
[MD5.1BA1AB4141A92EB34DA99F1249CA2D4D] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.627F410F11F74008E9DC14B7F640CF34] [APT] [avast! Emergency Update] (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe [761568]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core] (.Facebook Inc..) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.2A3FB4C98F139038E23330D2439DB8A4] [APT] [FacebookUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA] (.Facebook Inc..) -- C:\Users\TAIK\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000Core] (.Google Inc..) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-759079221-2054998278-1189646431-1000UA] (.Google Inc..) -- C:\Users\TAIK\AppData\Local\Google\Update\GoogleUpdate.exe [116648]
[MD5.B4725170B546863C09583E40E6E7BCED] [APT] [HPCustParticipation HP Deskjet 2050 J510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [3689320]
[MD5.DCF538ADF6D917889306DFA0B357EC22] [APT] [PCDEventLauncher] (...) -- C:\Program Files\Dell Support Center\sessionchecker.exe [362312]
[MD5.00000000000000000000000000000000] [APT] [{5201846F-718A-4839-94CC-F1137B0D89AD}] (...) -- D:\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7690ACFB-47B5-41A8-81A9-80DA09446C8A}] (...) -- C:\Users\TAIK\Downloads\Vio_Player_Setup.exe (.not file.) [0]
[MD5.077D59BA0FD4007E841B6C670862B065] [APT] [{83576B96-C20D-48B2-B412-595FFC31903C}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [275568]
[MD5.FB6674A519505CC93E28CF600BBC23A3] [APT] [{98D2302D-EFE3-48A5-920A-08E2451F69CC}] (.InstallShield Software Corporation.) -- C:\Users\TAIK\Documents\salma\salma-Drivers\super modem\SAGEM F@st 800 v4.0.5\tools\Setup.exe [168448]
[MD5.077D59BA0FD4007E841B6C670862B065] [APT] [{E72178A1-0AB3-4398-A30F-C3D8DD811DCC}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [275568]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: 26 Scanned in 03mn AMs
---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - Windows Theme API.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer [64Bits] - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Windows Command Processor.) -- C:\windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player Resources.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - Windows Shell Common Dll.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 11 Scanned in 00mn AMs
---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (aswRdr) . (.AVAST Software - avast! WFP Redirect Driver.) - C:\windows\system32\drivers\aswRdr2.sys
O41 - Driver: (aswSnx) . (.AVAST Software - avast! Virtualization Driver.) - C:\windows\system32\drivers\aswSnx.sys
O41 - Driver: (aswSP) . (.AVAST Software - avast! self protection module.) - C:\windows\system32\drivers\aswSP.sys
O41 - Driver: (aswTdi) . (.AVAST Software - avast! TDI Filter Driver.) - C:\windows\system32\drivers\aswTdi.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - QoS Packet Scheduler.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn AMs
---\\ Software installed (O42)
O42 - Logiciel: 4Free Video Converter 3 - (.4Free Studio.) [HKLM][64Bits] -- {7061301A-0D44-432F-859D-AF705DA2C81F}_is1
O42 - Logiciel: AVS Video Editor 6 - (.Online Media Technologies Ltd..) [HKLM][64Bits] -- AVS Video Editor_is1
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.8) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Advanced Audio FX Engine - (.Creative Technology Ltd.) [HKLM][64Bits] -- Advanced Audio FX Engine
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {46F044A5-CE8B-4196-984E-5BD6525E361D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM][64Bits] -- {2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM][64Bits] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81} =>Toolbar.Bing
O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {77C4850C-3592-4A2F-B652-ACB77A1EF77C} =>Toolbar.Bing
O42 - Logiciel: Bing Rewards Client Installer - (.Microsoft Corporation.) [HKLM][64Bits] -- {61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}
O42 - Logiciel: BlueStacks App Player - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- BlueStacks App Player
O42 - Logiciel: BlueStacks Notification Center - (.BlueStack Systems, Inc..) [HKLM][64Bits] -- {9D84E30F-6757-4A56-BCB5-51ADE3AE8631}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM][64Bits] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM][64Bits] -- bi_uninstaller =>Adware.MegaSearch
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner =>Piriform Ltd
O42 - Logiciel: CodeBlocks - (.The Code::Blocks Team.) [HKCU][64Bits] -- CodeBlocks
O42 - Logiciel: Coupon Printer for Windows - (.Coupons.com Incorporated.) [HKLM][64Bits] -- Coupon Printer for Windows5.0.0.0
O42 - Logiciel: Cozi - (.Cozi Group, Inc..) [HKLM][64Bits] -- {2DA5F129-11AC-4F11-8188-B2F07EAAC20A}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM][64Bits] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dell DataSafe Local Backup - (.Dell.) [HKLM][64Bits] -- {0ED7EE95-6A97-47AA-AD73-152C08A15B04}
O42 - Logiciel: Dell DataSafe Local Backup - Support Software - (.Dell.) [HKLM][64Bits] -- {A9668246-FB70-4103-A1E3-66C9BC2EFB49}
O42 - Logiciel: Dell DataSafe Online - (.Dell.) [HKLM][64Bits] -- {7EC66A95-AC2D-4127-940B-0445A526AB2F}
O42 - Logiciel: Dell Dock - (.Stardock Corporation.) [HKLM][64Bits] -- Dell Dock
O42 - Logiciel: Dell Getting Started Guide - (.Dell Inc..) [HKLM][64Bits] -- {7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
O42 - Logiciel: Dell Home Systems Service Agreement - (.Dell Inc..) [HKLM][64Bits] -- {AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}
O42 - Logiciel: Dell Product Registration - (.Dell Inc..) [HKLM][64Bits] -- {2A0F2CC5-3065-492C-8380-B03AA7106B1A}
O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM][64Bits] -- Dell Support Center
O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM][64Bits] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A}
O42 - Logiciel: Dell Touchpad - (.ALPS ELECTRIC CO., LTD..) [HKLM][64Bits] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Dell Webcam Central - (.Creative Technology Ltd.) [HKLM][64Bits] -- Dell Webcam Central
O42 - Logiciel: Dell Wireless Driver Installation - (.Dell.) [HKLM][64Bits] -- {451517F1-7E41-400B-AA36-FB7E2563526D}
O42 - Logiciel: Enterprise Architect 10 - 30 Day Trial Edition - (.Sparx Systems.) [HKLM][64Bits] -- {4C78E7B2-AE8C-492E-8A97-BA6A641C616B}
O42 - Logiciel: Facebook Video Calling 1.2.0.287 - (.Skype Limited.) [HKLM][64Bits] -- {B92C5909-1D37-4C51-8397-A28BB28E5DC3}
O42 - Logiciel: Free Audio Editor v7.9.4 - (.FreeAudioStudio Inc..) [HKLM][64Bits] -- Free Audio Editor_is1
O42 - Logiciel: GoToAssist 8.0.0.514
